Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

le-certbot (9) Versions 0.6.0

Manages certbot installation, Let's Encrypt certificates, and certbot renew scripts

Policyfile
Berkshelf
Knife
cookbook 'le-certbot', '= 0.6.0', :supermarket
cookbook 'le-certbot', '= 0.6.0'
knife supermarket install le-certbot
knife supermarket download le-certbot
README
Dependencies
Changelog
Quality 57%

le-certbot Cookbook

Build Status Cookbook Version

This cookbook is used to configure a system as a Chef Client.

Requirements

Platforms

  • Ubuntu

Chef

  • Chef 12.9+

Dependent Cookbooks

  • none

Attributes

The following attributes affect the behavior of the chef-client program when running as a service through one of the service recipes, or in cron with the cron recipe, or are used in the recipes for various settings that require flexibility.

  • node['le-certbot']['rsa_key_size'] - Sets RSA key size for certificates requested with certbot_certificate. Default 4096.
  • node['le-certbot']['webroot'] - Sets the webroot when requesting certificate with certbot_certificate. Default "/var/www/acme".

The following attributes are set on a per-platform basis, see the attributes/default.rb file for default values.

  • node['le-certbot']['renew_scripts_root'] - Sets the directory where certbot expects renew scripts to be installed to.
  • node['le-certbot']['executable_path'] - Sets the default location of the certbot executable on the node.
  • node['le-certbot']['live_path'] - Sets the default location certbot links live certificates to on the node.

Recipes

This section describes the recipes in the cookbook and how to use them in your environment.

default

Sets up certbot on the node.

Usage

Use the recipes as described above to configure your systems to run Chef as a service via cron / scheduled task or one of the service management systems supported by the recipes.

Resources

certbot

The certbot resource installs certbot.

Actions

  • :install
  • :remove

Properties

  • none

certbot_certificate

The certbot_certificate manages Let's Encrypt certificates via certbot. Certbot installs the certificates into the node['le-certbot']['live_path']/<domain>/ directory.

The file names are:

  • fullchain.pem - full certificate chain
  • privkey.pem - certificate key
  • chain.pem - certificate chain
  • cert.pem - certificate

Actions

  • :create
  • :delete - deletes the certificate from the node
  • :revoke - revokes the certificate but does not delete it

Properties

  • domain - Domain for the certificate.
  • domains - Array of additional domains to include in the certificate. The webroot must be accessible via all specified domains. The certificate will still be referenced by the primary domain property.
  • email - Let's Encrypt account email.
  • renew_policy - Specifies whether when requesting certificate via certbot and a valid active certificate to keep it or force request a new one ('keep', 'force'). Default is 'keep'
  • test - Connect to Let's Encrypt staging servers instead of live. Default is 'false'

certbot_renew_script

The certbot_renew_script manages certificate renew hook scripts that run when any certificates have been updated.

Actions

  • :install
  • :delete

Properties

  • contents - Contents of the script. The script is run via bash so most any commands are accepted.
  • cookbook - Cookbook to look for the script.sh.erb template that wraps the script if for example you want to use a different shebang. Default is 'le-certbot'

License

Copyright: (c) 2017 Kristjan Rang

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

le-certbot Cookbook CHANGELOG

This file is used to list changes made in each version of the le-certbot cookbook.

0.6.0 (2018-01-09)

  • node['le-certbot']['renew_scripts_root'] attribute default changed from /etc/letsencrypt/renewal-hooks/post to /etc/letsencrypt/renewal-hooks/deploy.
  • Added --renew-with-new-domains to certbot command when running certbot_certificate to renew certificate when domains list changes.

0.5.2 (2017-12-28)

  • Fixed webroot command argument when requesting certificate.

0.5.1 (2017-12-23)

  • Fixed requesting new certificates. Command arguments were in the wrong order.

0.5.0 (2017-12-23)

  • Added domains property to certbot_certificate resource to allow creating multidomain certificates.

Breaking changes

  • node['le-certbot']['webroot'] attribute default changed from /var/www to /var/www/acme.

0.4.0 (2017-12-05)

Breaking changes

certbot_certificate no longer dynamically sets node attributes with certificate locations. Use node['le-certbot']['live_path'] to find the certificates. Check the README.

0.3.1 (2017-12-03)

  • Updated default recipe to include latest API changes.

0.3.0 (2017-12-03)

Breaking changes

Found out certbot installs renew hook cron and paths itself so use that instead and dump all cron management.

Other Changes

  • Fixed dokken ubuntu 16.04 test run.

0.2.0 (2017-12-02)

Breaking changes

Refactored all resources - some properties were changed. Removed the certbot_link resource.

Other Changes

  • Added tests and set up Travis CI.

Collaborator Number Metric
            

0.6.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.6.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.6.0 passed this metric

License Metric
            

0.6.0 passed this metric

No Binaries Metric
            

0.6.0 passed this metric

Testing File Metric
            

0.6.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.6.0 passed this metric