Automate the certbot certonly code
- Maniphest Tasks
- T819: Web hosting on Eglide
- rOPS42ba0eb622ae: Generate Let's encrypt certificates
rOPS424247bcc9ad: Generate Let's encrypt certificates
Test on Eglide
Closed by a commit to a non master branch (I committed a production branch to reflect current state used in production pending code review, and pushed before to configure the repository in Phabricator to only autoclose for master branch).
$ salt eglide state.apply roles/core/letsencrypt/certificates … ---------- ID: certificate_www.eglide.org Function: cmd.run Name: certbot certonly -d www.eglide.org Result: True Comment: unless execution succeeded Started: 16:09:37.579363 Duration: 42.949 ms Changes: ---------- ID: certificate_robot.paysannerebelle.com Function: cmd.run Name: certbot certonly -d robot.paysannerebelle.com Result: True Comment: Command "certbot certonly -d robot.paysannerebelle.com" run Started: 16:09:37.623629 Duration: 16988.117 ms Changes: ---------- pid: 8736 retcode: 0 stderr: Saving debug log to /var/log/letsencrypt/letsencrypt.log Obtaining a new certificate Performing the following challenges: http-01 challenge for robot.paysannerebelle.com Using the webroot path /var/letsencrypt-auto for all unmatched domains. Waiting for verification... Cleaning up challenges Generating key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem stdout: IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/robot.paysannerebelle.com/fullchain.pem. Your cert will expire on 2017-07-26. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff. …