Differential D3906
Automate acme.sh install-cert cmd Authored by DorianWinty on Thu, Feb 5, 22:04. Tags None Referenced Files
Subscribers None
Details
This command have several opportunities to botch a certificate deployment, Automating it allows to apply correct pillar configuration, and maintain it. Currently, this cmd.run isn't strictly equipollent, it will run this command Fixes T2210.
Diff Detail
Event TimelineComment Actions Fix spacing issues for jinja templating logic ; run under acme user ; use reloadcmd as parameter, not reload. Comment Actions Deployed to Hervil, we see we now have fullchain generated everywhere. We also see the order acme command then permissions fixes is the correct one, as mail.nasqueron.org permissions are correct. $ cd /var/certificates $ ls -lah * admin.mail.nasqueron.org: total 19 KB drwx------ 2 acme wheel 6B May 20 2025 . drwx--x--x 6 acme wheel 6B Nov 5 2024 .. -rw-r--r-- 1 acme wheel 1.3K Feb 5 22:29 cert.pem -rw-r--r-- 1 acme wheel 1.5K Feb 5 22:29 chain.pem -rw-r--r-- 1 acme wheel 2.8K Feb 5 22:29 fullchain.pem -rw------- 1 acme wheel 227B Feb 5 22:29 key.pem general: total 1.0 KB drwx------ 2 acme wheel 2B Oct 20 2024 . drwx--x--x 6 acme wheel 6B Nov 5 2024 .. hervil.nasqueron.org: total 19 KB drwx------ 2 acme wheel 6B May 20 2025 . drwx--x--x 6 acme wheel 6B Nov 5 2024 .. -rw-r--r-- 1 acme wheel 1.3K Feb 5 22:29 cert.pem -rw-r--r-- 1 acme wheel 1.5K Feb 5 22:29 chain.pem -rw-r--r-- 1 acme wheel 2.8K Feb 5 22:29 fullchain.pem -rw------- 1 acme wheel 227B Feb 5 22:29 key.pem mail.nasqueron.org: total 19 KB drwxr-x--- 2 acme mail 6B May 20 2025 . drwx--x--x 6 acme wheel 6B Nov 5 2024 .. -rw-r--r-- 1 acme mail 1.3K Feb 5 22:29 cert.pem -rw-r--r-- 1 acme mail 1.5K Feb 5 22:29 chain.pem -rw-r--r-- 1 acme mail 2.8K Feb 5 22:29 fullchain.pem -rw-r----- 1 acme mail 227B Feb 5 22:29 key.pem |