-
Notifications
You must be signed in to change notification settings - Fork 584
/
actions_acmeclient.conf
127 lines (106 loc) · 4.08 KB
/
actions_acmeclient.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
[setup]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/setup.sh
parameters:
type:script_output
##########################################
## lighttpd actions
##########################################
[http-start]
command:/usr/local/etc/rc.d/acme_http_challenge start
parameters:
type:script
message:starting acme_http_challenge
[http-stop]
command:/usr/local/etc/rc.d/acme_http_challenge stop; exit 0
parameters:
type:script
message:stopping acme_http_challenge
[http-restart]
command:/usr/local/etc/rc.d/acme_http_challenge restart
parameters:
type:script
message:restarting acme_http_challenge
[http-status]
command:/usr/local/etc/rc.d/acme_http_challenge status || exit 0
parameters:
type:script_output
message:requesting acme_http_challenge status
[http-configtest]
command:/usr/local/etc/rc.d/acme_http_challenge configtest 2>&1 || exit 0
parameters:
type:script_output
message:testing acme_http_challenge configuration
##########################################
## certificate actions
##########################################
[sign-cert]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/setup.sh; /usr/sbin/daemon -f /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode issue --force --cert
parameters:%s
type:script
message:signing or renewing a certificate
[revoke-cert]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode revoke --cert
parameters:%s
type:script
message:revoking a certificate
[remove-cert]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode remove --cert
parameters:%s
type:script
message:removing a certificate
[remove-key]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode reset --cert
parameters:%s
type:script
message:removing a certificate private key
[sign-all-certs]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/setup.sh; /usr/sbin/daemon -f /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode issue --all
parameters:
type:script
message:signing or renewing all certificates
[run-automation]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/setup.sh; /usr/sbin/daemon -f /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode automation --cert
parameters:%s
type:script
message:running automations for a certificate
[import]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/setup.sh; /usr/sbin/daemon -f /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode import --cert
parameters:%s
type:script
message:running import for a certificate
[cron-auto-renew]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/setup.sh; /usr/sbin/daemon -f /usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode issue --all --cron
parameters:
type:script
message:cronjob running to sign or renew certificates
description:Renew ACME certificates
[register-account]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/lecert.php --mode register --account
parameters:%s
type:script
message:registering an account
[upload_highwinds]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_highwinds.php
parameters:-c %s -a %s
type:script
message:uploading a certificate to highwinds
[upload-sftp]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
parameters:--certificates=%s --automation-id=%s
type:script
message:uploading a certificate to sftp server
[test-sftp-connection]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
parameters:--host=%s --host-key=%s --port=%s --user=%s --identity-type=%s --remote-path=%s --chmod=%s --chgrp=%s --no-error test-connection
type:script_output
message:testing connection to sftp server
[show-sftp-identity]
command:/usr/local/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
parameters:--identity-type=%s --host=%s show-identity
type:script_output
message:prints the public key used to connect to sftp server
[reset-acme-client]
command:/usr/bin/find /var/etc/acme-client/home /var/etc/acme-client/configs /var/etc/acme-client/certs /var/etc/acme-client/keys /var/etc/acme-client/accounts -type f -delete
parameters:
type:script
message:wiping acme client config and data