Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


getssl (8) Versions 0.3.0

Installs/Configures getssl

cookbook 'getssl', '= 0.3.0', :supermarket
cookbook 'getssl', '= 0.3.0'
knife supermarket install getssl
knife supermarket download getssl
Quality 67%


Installs getssl, from, and configures it.

Finally a cron job will be created in order to execute the getssl -u -a -q
command daily at 5:23 AM.



  • Ubuntu 20.04 LTS


  • Chef >= 16


So far this cookbook handles only one domain and only few options from
the getssl config files, just what we needed, but adding more is easy.

Have a look at the attributes file in order to see
what can be configured.


Add the getssl cookbook to your run_list.

Here is a very basic setup for the domain:

default['getssl'] = {
  account: {
    email: 'youremail@domain.tld'
  domain: {
    acl: [
    name: '',
    reload_cmd: 'systemctl restart nginx'

With many web nodes

Given you have many nodes serving the traffic for the same domain name, getssl
will address the 2 issues that use case has:

  1. Making the challenge file available to all your nodes using the Acme Challenge Location (ACL)
  2. Copying the generated certificate files to all your nodes and reload/restart the web server

Acme Challenge Location (ACL)

You must define at least one, which is the local one to the current node being
converged by Chef.\
Then you can define additionnal ACLs to push the challenge file to your other
nodes through SSH/SFTP/FTPS:

default['getssl']['domain']['acl'] = [
  # First one is the local file location for the current node

  # Then your other nodes through SSH for example

See the getssl documentation or the attributes file
for more examples.

Copying the generated certificate files to all your nodes

After the challenge succeeded, you will need to get the certificate files being
copied to all your other nodes and the webserver being restarted/reloaded.

Here is how to configure the certificate files copying:

default['getssl']['domain']['key_location'] = [
  # First line for the current node

  # Then your other nodes through SSH for example

default['getssl']['domain']['chain_location'] = [
  # First line for the current node

  # Then your other nodes through SSH for example

Here is how to configure the local and remote reload of the web server:

default['getssl']['domain']['reload_cmd'] = [
  # First line for the current node
  'systemctl reload nginx',

  # Then your other nodes through SSH for example
  'ssh:admin@ reload nginx',
  'ssh:admin@ reload nginx'

Hey! Automation now!

Okay so quite boring to repeat those IP addresses and/or adding new nodes
manually ?
Are you looking for an automated way of doing this ?

After all, it's Chef !

Given all your nodes are identical (same apps, same pathes for files), then just
define the first line only, and set
the default['getssl']['domain']['auto'] = true attribute and this cookbook
will build the lines for all your nodes (searched from your chef repository)
having this cookbook in their run_list:

default['getssl'] = {
  account: {
    email: 'youremail@domain.tld'
  domain: {
    acl: [
    auto: true,
    chain_location: '/etc/nginx/pki/domain-chain.crt',
    key_location: '/etc/nginx/pki/private/server.key',
    name: '',
    reload_cmd: 'systemctl reload nginx'

And Voila, your other nodes will be included automatically in the acl and
reload_cmd attribute at runtime, so don't forget to converge all your nodes so
that each nodes know about the others and have a complete list to copy/restart.


recipe[rvm_io::default] # Install, configure getssl and create a cron job


Hydrana SAS

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

getssl-cookbook CHANGELOG

This file is used to list changes made in each version of the getssl-cookbook cookbook.



  • Fixes ACL variable content in auto mode


Prevents from re-downloading getssl (prefer the script's auto-update feature)


Initial release.

Foodcritic Metric

0.3.0 passed this metric

No Binaries Metric

0.3.0 passed this metric

Version Tag Metric

0.3.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must include a tag that matches this cookbook version number