From 077d8cbceb893e83a5425f73a9236b146f0de983 Mon Sep 17 00:00:00 2001 From: Thomas Lange Date: Tue, 1 Nov 2022 19:16:58 +0100 Subject: Remove "LETSENCRYPT_COMMAND_(AFTER|BEFORE)" hooks Instead of manually editing the script for defining commands that should be execute BEFORE and AFTER the ACME challenge, the users of this script better should execute those commands in their shell before and after running PainlessLE. There is no need for editing the script... --- package/sbin/painless-le | 17 ----------------- readme.md | 4 +--- 2 files changed, 1 insertion(+), 20 deletions(-) diff --git a/package/sbin/painless-le b/package/sbin/painless-le index a990ef7..53015e3 100755 --- a/package/sbin/painless-le +++ b/package/sbin/painless-le @@ -27,9 +27,6 @@ ACME_ENDPOINT="https://acme-v02.api.letsencrypt.org/directory" #ACME_ENDPOINT="https://acme-staging-v02.api.letsencrypt.org/directory" -#LETSENCRYPT_COMMAND_BEFORE="systemctl stop apache2" -#LETSENCRYPT_COMMAND_AFTER="systemctl start apache2" - #=============================================================================== # Normalize command-line arguments with GNU getopt #=============================================================================== @@ -99,13 +96,6 @@ if [ $? != 0 ]; then exit 1 fi -#=============================================================================== -# Run defined "BEFORE" command -#=============================================================================== -if [ ! -z "${LETSENCRYPT_COMMAND_BEFORE}" ]; then - eval $LETSENCRYPT_COMMAND_BEFORE -fi - #=============================================================================== # Run Certbot to accomplish the ACME challenge to get the certificate #=============================================================================== @@ -136,10 +126,3 @@ for command in "chmod" "chown"; do $command --reference "${CONFIDENTIAL}" \ "${INTERMEDIATE}" "${CERTIFICATE_ONLY}" "${CERTIFICATE_FULL}" done - -#=============================================================================== -# Run defined "AFTER" command -#=============================================================================== -if [ ! -z "${LETSENCRYPT_COMMAND_AFTER}" ]; then - eval $LETSENCRYPT_COMMAND_AFTER -fi diff --git a/readme.md b/readme.md index 96ddb10..90455a3 100644 --- a/readme.md +++ b/readme.md @@ -22,9 +22,7 @@ stow -t /usr/local package Make sure that no unprivileged user has write permissions on `/usr/local/sbin`, the symlink targets (in case you've choosen `stow`) and/or the `painless-le` script, because PainlessLE is usually executed with `root` privileges. ## Configuration -First, change the `ACME_ENDPOINT` variable to the address of the ACME staging API for testing purposes. - -You also can define a command within `LETSENCRYPT_COMMAND_BEFORE` to shut down a running web server to release the HTTP port for the standalone web server before Certbot runs the ACME challenge. You can restart your web server after the ACME challenge is completed within `LETSENCRYPT_COMMAND_AFTER`. +You can change the `ACME_ENDPOINT` variable to the URL of the ACME staging API for testing purposes. ## Usage ~~~ -- cgit v1.2.3