diff -ur dehydrated-0.4.0.orig/dehydrated dehydrated-0.4.0/dehydrated --- dehydrated-0.4.0.orig/dehydrated 2017-02-05 14:33:17.000000000 +0000 +++ dehydrated-0.4.0/dehydrated 2017-10-24 00:24:53.662801025 +0000 @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash # dehydrated by lukas2511 # Source: https://github.com/lukas2511/dehydrated @@ -94,7 +94,7 @@ load_config() { # Check for config in various locations if [[ -z "${CONFIG:-}" ]]; then - for check_config in "/etc/dehydrated" "/usr/local/etc/dehydrated" "${PWD}" "${SCRIPTDIR}"; do + for check_config in "/etc/dehydrated" "/etc/webapps/dehydrated" "/usr/local/etc/dehydrated" "/etc/webapps/letsencrypt.sh" "${PWD}" "${SCRIPTDIR}"; do if [[ -f "${check_config}/config" ]]; then BASEDIR="${check_config}" CONFIG="${check_config}/config" @@ -115,7 +115,7 @@ DOMAINS_TXT= HOOK= HOOK_CHAIN="no" - RENEW_DAYS="30" + RENEW_DAYS="10" KEYSIZE="4096" WELLKNOWN= PRIVATE_KEY_RENEW="yes" @@ -166,7 +166,7 @@ [[ -d "${BASEDIR}" ]] || _exiterr "BASEDIR does not exist: ${BASEDIR}" CAHASH="$(echo "${CA}" | urlbase64)" - [[ -z "${ACCOUNTDIR}" ]] && ACCOUNTDIR="${BASEDIR}/accounts" + [[ -z "${ACCOUNTDIR}" ]] && ACCOUNTDIR="/var/lib/dehydrated/accounts" mkdir -p "${ACCOUNTDIR}/${CAHASH}" [[ -f "${ACCOUNTDIR}/${CAHASH}/config" ]] && . "${ACCOUNTDIR}/${CAHASH}/config" ACCOUNT_KEY="${ACCOUNTDIR}/${CAHASH}/account_key.pem" @@ -181,9 +181,9 @@ mv "${BASEDIR}/private_key.json" "${ACCOUNT_KEY_JSON}" fi - [[ -z "${CERTDIR}" ]] && CERTDIR="${BASEDIR}/certs" - [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="${BASEDIR}/domains.txt" - [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/www/dehydrated" + [[ -z "${CERTDIR}" ]] && CERTDIR="/var/lib/dehydrated/certs" + [[ -z "${DOMAINS_TXT}" ]] && DOMAINS_TXT="/etc/webapps/dehydrated/domains.txt" + [[ -z "${WELLKNOWN}" ]] && WELLKNOWN="/var/lib/dehydrated/acme-challenges" [[ -z "${LOCKFILE}" ]] && LOCKFILE="${BASEDIR}/lock" [[ -n "${PARAM_LOCKFILE_SUFFIX:-}" ]] && LOCKFILE="${LOCKFILE}-${PARAM_LOCKFILE_SUFFIX}" [[ -n "${PARAM_NO_LOCK:-}" ]] && LOCKFILE="" diff -ur dehydrated-0.4.0.orig/docs/examples/config dehydrated-0.4.0/docs/examples/config --- dehydrated-0.4.0.orig/docs/examples/config 2017-02-05 14:33:17.000000000 +0000 +++ dehydrated-0.4.0/docs/examples/config 2017-10-24 00:23:06.163807433 +0000 @@ -21,6 +21,7 @@ # Path to certificate authority license terms redirect (default: https://acme-v01.api.letsencrypt.org/terms) #CA_TERMS="https://acme-v01.api.letsencrypt.org/terms" + # Path to license agreement (default: ) #LICENSE="" @@ -37,16 +38,16 @@ #BASEDIR=$SCRIPTDIR # File containing the list of domains to request certificates for (default: $BASEDIR/domains.txt) -#DOMAINS_TXT="${BASEDIR}/domains.txt" +#DOMAINS_TXT="/etc/webapps/dehydrated/domains.txt" # Output directory for generated certificates -#CERTDIR="${BASEDIR}/certs" +#CERTDIR="/var/lib/dehydrated/certs" # Directory for account keys and registration information -#ACCOUNTDIR="${BASEDIR}/accounts" +#ACCOUNTDIR="/var/lib/dehydrated/accounts" # Output directory for challenge-tokens to be served by webserver or deployed in HOOK (default: /var/www/dehydrated) -#WELLKNOWN="/var/www/dehydrated" +#WELLKNOWN="/var/lib/dehydrated/acme-challenges" # Default keysize for private keys (default: 4096) #KEYSIZE="4096" @@ -64,13 +65,13 @@ # # BASEDIR and WELLKNOWN variables are exported and can be used in an external program # default: -#HOOK= +#HOOK=/etc/webapps/dehydrated/hook.sh # Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate (default: no) #HOOK_CHAIN="no" -# Minimum days before expiration to automatically renew certificate (default: 30) -#RENEW_DAYS="30" +# Minimum days before expiration to automatically renew certificate (default: 10) +#RENEW_DAYS="10" # Regenerate private keys instead of just signing new certificates on renewal (default: yes) #PRIVATE_KEY_RENEW="yes"