Skip to content

Use domains' setname as --cert-name option#75

Closed
kiniou wants to merge 1 commit intosaltstack-formulas:masterfrom
kiniou:master
Closed

Use domains' setname as --cert-name option#75
kiniou wants to merge 1 commit intosaltstack-formulas:masterfrom
kiniou:master

Conversation

@kiniou
Copy link

@kiniou kiniou commented Aug 14, 2020

PR progress checklist (to be filled in by reviewers)

  • Changes to documentation are appropriate (or tick if not required)
  • Changes to tests are appropriate (or tick if not required)
  • Reviews completed

What type of PR is this?

Primary type

  • [build] Changes related to the build system
  • [chore] Changes to the build process or auxiliary tools and libraries such as documentation generation
  • [ci] Changes to the continuous integration configuration
  • [feat] A new feature
  • [fix] A bug fix
  • [perf] A code change that improves performance
  • [refactor] A code change that neither fixes a bug nor adds a feature
  • [revert] A change used to revert a previous commit
  • [style] Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.)

Secondary type

  • [docs] Documentation changes
  • [test] Adding missing or correcting existing tests

Does this PR introduce a BREAKING CHANGE?

Yes.
The setname was not used before and the certificate path will not be the same.
The most obvious change that needs to be done is changing the pillar to match the first domain in a domain sets like the following:

letsencrypt:
  domains:
    foo.example.com:
      - foo.example.com

Related issues and/or pull requests

Describe the changes you're proposing

Certbot has the ability to name a certificate with the --cert-name option.

This allows us for instance to refers to this same setname to other
configuration and then further automate virtualhost creation in nginx or apache.

Pillar / config required to test the proposed changes

Here is an example that should write the certificates into /etc/letsencrypt/live/foo/ path:

letsencrypt:
  domains:
    foo:
      - foo.example.com

You might need to change the .example.com with something real if tested against a real ACME server (I've tested this change locally with a local pebble server).

Debug log showing how the proposed changes work

Documentation checklist

  • Updated the README (e.g. Available states).
  • Updated pillar.example.

Testing checklist

  • Included in Kitchen (i.e. under state_top).
  • Covered by new/existing tests (e.g. InSpec, Serverspec, etc.).
  • Updated the relevant test pillar.

Additional context

@kiniou
Use domains' setname as --cert-name option
32c7028 
Certbot has the ability to name a certificate with the --cert-name option.

This allows us for instance to refers to this same setname to other
configuration and then further automate virtualhost creation in nginx or apache.
@kiniou kiniou requested a review from javierbertoli as a code owner August 14, 2020 20:10
@pull-assistant
Copy link

pull-assistant bot commented Aug 14, 2020

Score: 1.00

Best reviewed: commit by commit

Optimal code review plan

     Use domains' setname as --cert-name option

Powered by Pull Assistant. Last update 32c7028 ... 32c7028. Read the comment docs.

@kiniou kiniou closed this Aug 14, 2020
@myii
Copy link

myii commented Aug 18, 2020

Replaced by #76.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@javierbertoli javierbertoli Awaiting requested review from javierbertoli javierbertoli is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kiniou @myii