kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 26 Pull Requests 2 Projects 2 Activity
1,451 Commits 6 Branches 0 Tags
Commit Graph

20 Commits

Author SHA1 Message Date
Sebastian Kippe
e89e0b3122
Fix letsencrypt bootstrap for ejabberd 2022-05-11 16:27:21 +02:00
Greg Karékinian
7636f6ed19 Move the Gandi DNS certbot hook to kosmos-ejabberd 2020-11-25 16:36:07 +01:00
Sebastian Kippe
a1a0d7e4c1
Switch Certbot to snap package on Ubuntu 20.04+ 
Needs only minor changes. Tested and running on wiki.kosmos.org already.
 2020-09-06 13:46:06 +02:00
Greg Karékinian
3a693efcd6 Add email notifications for failed certbot runs 
Based on https://wiki.archlinux.org/index.php/Systemd/Timers#MAILTO

This can easily be used by other services, with one line added to the
[Unit] section of a service:

OnFailure=status-email-ops@%n.service

Refs #3
 2019-06-20 12:46:27 +02:00
Greg Karékinian
57d0885d26 Change the licenses of hte kosmos cookbooks to MIT 2019-04-12 11:41:20 +02:00
Greg Karékinian
6e3e8cde1b Create the Let's Encrypt hook subdirectories 2019-04-08 11:16:38 +02:00
Greg Karékinian
5fa0fa661b Install certbot from the direct download when on 15.04 
It does not have a ppa release. Add a cron job for renewal. When using
the PPA a Systemd timer is part of the package
 2019-03-18 16:52:05 +01:00
Greg Karékinian
c3135402ad Move the nginx hook to the deploy directory, create renewal-hooks dir 2019-03-14 20:21:34 +01:00
Greg Karékinian
f12ddefec8 Move the Gandi DNS hook for certbot to the kosmos-base cookbook 2019-03-14 18:01:29 +01:00
Greg Karékinian
65482f09c3 Extract the post hooks to their own script in Certbot's config dir 2019-03-14 15:21:50 +01:00
Greg Karékinian
fa27187f11 Switch from the git version of certbot to the Ubuntu PPA 2019-03-14 10:49:47 +01:00
Greg Karékinian
56d14748f9 Fix the Let's Encrypt renew hook script 
Only copy over the certs to the prosody directory if it's the 5apps.com
wildcard, not for any 5apps.com subdomain
 2018-12-20 17:26:37 +01:00
Greg Karékinian
185649a5f9 Automatically generate a Let's Encrypt cert for all 5apps xmpp domains 
Uses the Gandi LiveDNS API
 2018-09-04 17:38:17 +02:00
Sebastian Kippe
db039a185a Update certbot 2018-06-13 18:52:13 +02:00
Greg Karékinian
49664dbc8d The renew hook now needs to be an executable in the path 
An absolute path doesn't work anymore.

Also send an email containing STDERR when the renewal command fails
 2017-09-22 11:53:01 +02:00
Greg Karékinian
de11c0d691 Set up an instance of Mastodon for Kosmos 
Refs #19

Use new application cookbook, update our cookbooks
 2017-04-06 21:20:51 +02:00
Greg Karékinian
9436284be2 Use the latest certbot instead of the old letsencrypt 2017-03-19 20:05:09 +00:00
Greg Karékinian
98ba42b157 Fix the frequency of the Let's Encrypt script (run every day) 2017-01-26 05:52:11 +00:00
Greg Karékinian
ad4200e558 Restart nginx after renewing the Let's Encrypt cert 2016-10-06 13:57:20 +02:00
Greg Karékinian
096b4900bd Add missing Let's Encrypt recipe 
Also declare cron job to renew certs

Refs #6
 2016-05-06 17:02:41 +02:00