[DRE-commits] [diaspora-installer] 02/08: integrate letsencrypt

Praveen Arimbrathodiyil praveen at moszumanska.debian.org
Sat Dec 31 09:11:49 UTC 2016 

This is an automated email from the git hooks/post-receive script.

praveen pushed a commit to branch master
in repository diaspora-installer.

commit 3ddcc9ef6895a80832e13e2d064d7e169c5476f1
Author: Praveen Arimbrathodiyil <praveen at debian.org>
Date:   Sat Dec 31 13:47:36 2016 +0530

    integrate letsencrypt
---
 debian/diaspora-common.config   | 11 +++++++++++
 debian/diaspora-common.postinst | 29 +++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)

diff --git a/debian/diaspora-common.config b/debian/diaspora-common.config
index 2563990..054a6b0 100644
--- a/debian/diaspora-common.config
+++ b/debian/diaspora-common.config
@@ -14,6 +14,17 @@ db_go
 db_input high diaspora-common/ssl || true
 db_go
 
+# Don't prompt for letsencrypt if not installed
+if command -v letsencrypt >/dev/null; then
+  # Do you want Let's Encrypt?
+  db_get diaspora/ssl
+  if [ "${RET}" = "true" ]
+  then
+    db_input high diaspora/letsencrypt || true
+    db_go
+  fi
+fi
+
 db_input high diaspora-common/services || true
 db_go
 db_get diaspora-common/services
diff --git a/debian/diaspora-common.postinst b/debian/diaspora-common.postinst
index 5766f0a..2f25b00 100755
--- a/debian/diaspora-common.postinst
+++ b/debian/diaspora-common.postinst
@@ -62,6 +62,35 @@ case "$1" in
         echo "SSL enabled, configuring nginx for ${SERVERNAME}..."
         /usr/lib/diaspora-common/scripts/set-env-nginx.sh ${SERVERNAME}
         db_go
+
+        # Check if letsencrypt option is selected
+        db_get diaspora/letsencrypt
+        if [ "${RET}" = "true" ]; then
+	  echo "Configuring letsencrypt..."
+          ln -sf /etc/letsencrypt/live/${SERVERNAME}/fullchain.pem \
+          /etc/gitlab/ssl/${SERVERNAME}-bundle.crt
+          ln -sf /etc/letsencrypt/live/${SERVERNAME}/privkey.pem \
+          /etc/gitlab/ssl/${SERVERNAME}.key
+
+	  # Check if certificate is already present
+	  if [ -e /etc/letsencrypt/live/${SERVERNAME}/fullchain.pem ]; then
+	    echo "Let's encrypt certificate already present."
+	  else
+	    # Port 80 and 443 should be available for letsencrypt
+	    if command -v nginx > /dev/null; then
+	      echo "Stopping nginx for letsencrypt..."
+	      invoke-rc.d nginx stop
+	    fi
+
+	    letsencrypt -d ${SERVERNAME} certonly || {
+	    echo "letsencrypt auto configuration failed..."
+	    echo "Stop your webserver and try running letsencrypt manually..."
+	    echo "letsencrypt -d ${SERVERNAME} certonly"
+	    }
+	  fi
+        fi
+      fi
+
     else
         db_go
         # Configure pod address.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/diaspora-installer.git

More information about the Pkg-ruby-extras-commits mailing list