renken/shione
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nginx: generate certificates for test targets

Browse source 
Podman will be used to test the generated Debian packages to ensure that
they work properly. However, this means that it is NOT shione and
therefore cannot solve letsencrypt challenge among many other things
that can only be done by shione. The goal is to have a staging area that
can mock the latter.
This commit is contained in:
Mohammed Amar-Bensaber 2024-10-08 22:53:57 +02:00
parent 207bf43a8b
commit cd8f0e853f
Signed by: renken
GPG key ID: 1F2BB159B645E575
1 changed files with 21 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
debian/nginx-config.postinst vendored
View file

@ -2,21 +2,31 @@
# #
# TODO: Handle "$1". # TODO: Handle "$1".
set -e set -eu
#DEBHELPER# #DEBHELPER#
# `certbot` *must* be installed by this package. # `certbot` *must* be installed by this package.
if [ "$(hostname)" = shione ]; then
certbot \ certbot \
--nginx \
--agree-tos \ --agree-tos \
--redirect \
--hsts \
--staple-ocsp \
--email renken+letsencrypt@shione.net \ --email renken+letsencrypt@shione.net \
-d shione.net \ -d shione.net \
-d www.shione.net \ -d www.shione.net \
-d git.shione.net -d git.shione.net
else
out=/etc/letsencrypt/live/shione.net
mkdir -p -- "$out"
openssl genrsa \
>"$out"/privkey.pem
openssl req \
-new \
-x509 \
-key /etc/letsencrypt/live/shione.net/privkey.pem \
-subj '/CN=shione.net/O=shione.net./C=FR' \
>/etc/letsencrypt/live/shione.net/fullchain.pem
fi
# Apply new nginx configuration. # Apply new nginx configuration.
deb-systemd-invoke restart nginx deb-systemd-invoke restart nginx