Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support remote sites #3

Closed
helmo opened this issue Jun 6, 2016 · 10 comments
Closed

Support remote sites #3

helmo opened this issue Jun 6, 2016 · 10 comments
Labels
enhancement status: fixed

Comments

@helmo
Copy link
Collaborator

helmo commented Jun 6, 2016

Another WIP in https://github.com/helmo/hosting_le/tree/feature/remote-server

Answering the challenge works via a hook in letsencrypt.sh

It sometimes works... Setting $force_renew = TRUE is needed otherwise the good certs are overridden again with selfsigned ones.
@helmo
Copy link
Collaborator Author

helmo commented Jun 7, 2016

It now seems to work reliably after commit 2f57cff

Only a few warning remain about unlinking old files that don't exist... which could probably be fixed with an @ prefix.

@omega8cc, @gboudrias please review.

@omega8cc
Copy link
Owner

omega8cc commented Jun 7, 2016

Hey @helmo, @gboudrias -- we have added you both to this project. Please commit any improvements you will find useful. Thanks!

@omega8cc
Copy link
Owner

omega8cc commented Jun 23, 2016
edited

@helmo -- It shouldn't hardcode /var/aegir/ path, and the feature should be optional. Not everyone needs it, by default.

@helmo helmo mentioned this issue Jun 24, 2016
Merged
@helmo
Copy link
Collaborator Author

helmo commented Jun 24, 2016

Good point about hardcoding /var/aegir ... now removed.
We do have quite a few more of those though ... core contrib and boa.

Not sure what you mean by 'the feature should be optional'... this code does not interfere on a singe server setup.

@omega8cc
Copy link
Owner

omega8cc commented Jun 24, 2016

Thank you for the hardcoded path fix.

I mean things like:

    if (!provision_file()->exists($le_hook)->status()) {
      drush_log('[hosting_le] Please copy letsencrypt-sh-hooks.sh to ' . $le_root, 'warning');
      return FALSE;
    }

$le_options = '--cron --hook ' . $le_hook;

This introduces requirement which is not backward compatible, so it breaks existing instances, until the letsencrypt-sh-hooks.sh file is copied to the expected location.

This should be made optional, and not required, also because it is not needed on single-system Aegir instances.

@omega8cc
Copy link
Owner

omega8cc commented Jun 24, 2016

Note that BOA specific checks in this extension only modify the extension behaviour if BOA is detected, but otherwise don't affect vanilla Aegir installations (unless I have missed something?)

@omega8cc
Copy link
Owner

omega8cc commented Jun 24, 2016

So we should have something like this instead:

if (provision_file()->exists($le_hook)->status()) {
  $le_options = '--cron --hook ' . $le_hook;
}
else {
  $le_options = '--cron';
  drush_log('[hosting_le] To support remote sites please copy letsencrypt-sh-hooks.sh to ' . $le_root, 'info');
}

@helmo
Copy link
Collaborator Author

helmo commented Jun 25, 2016

I'll look into that. Might be even nicer to detect if the site is on a remote server.

@helmo
Copy link
Collaborator Author

helmo commented Jun 28, 2016

One extra commit added to the PR ... 140fd57

That should detect if it's on a remote server.

omega8cc added a commit that referenced this issue Jun 28, 2016
@omega8cc
Merge pull request #4 from helmo/feature/remote-server
a28e5de 
Feature/remote server, #3
@omega8cc
Copy link
Owner

omega8cc commented Jun 28, 2016

Committed. Thanks!

@omega8cc omega8cc mentioned this issue Aug 8, 2016
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement status: fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@helmo @omega8cc