Bot Updating Package Versions

Add abc crontab

.github/workflows/external_trigger.yml

@@ -18,7 +18,7 @@ jobs:
           fi
           echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_SWAG_MASTER\". ****"
           echo "**** Retrieving external version ****"
-          EXT_RELEASE=$(echo '1.32.0')
+          EXT_RELEASE=$(curl -sL "https://pypi.python.org/pypi/certbot/json" |jq -r '. | .info.version')
           if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
             echo "**** Can't retrieve external version, exiting ****"
             FAILURE_REASON="Can't retrieve external version for swag branch master"

Dockerfile

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.17
 
 # set version label
 ARG BUILD_DATE
@@ -14,9 +16,8 @@ ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 RUN \
   echo "**** install build packages ****" && \
   apk add --no-cache --virtual=build-dependencies \
+    build-base \
     cargo \
-    g++ \
-    gcc \
     libffi-dev \
     libxml2-dev \
     libxslt-dev \
@@ -24,11 +25,9 @@ RUN \
     python3-dev && \
   echo "**** install runtime packages ****" && \
   apk add --no-cache --upgrade \
-    curl \
     fail2ban \
     gnupg \
     memcached \
-    nginx \
     nginx-mod-http-brotli \
     nginx-mod-http-dav-ext \
     nginx-mod-http-echo \
@@ -36,7 +35,6 @@ RUN \
     nginx-mod-http-geoip2 \
     nginx-mod-http-headers-more \
     nginx-mod-http-image-filter \
-    nginx-mod-http-nchan \
     nginx-mod-http-perl \
     nginx-mod-http-redis2 \
     nginx-mod-http-set-misc \
@@ -47,62 +45,56 @@ RUN \
     nginx-mod-stream \
     nginx-mod-stream-geoip2 \
     nginx-vim \
-    php8-bcmath \
-    php8-bz2 \
-    php8-ctype \
-    php8-curl \
-    php8-dom \
-    php8-exif \
-    php8-ftp \
-    php8-gd \
-    php8-gmp \
-    php8-iconv \
-    php8-imap \
-    php8-intl \
-    php8-ldap \
-    php8-mysqli \
-    php8-mysqlnd \
-    php8-opcache \
-    php8-pdo_mysql \
-    php8-pdo_odbc \
-    php8-pdo_pgsql \
-    php8-pdo_sqlite \
-    php8-pear \
-    php8-pecl-apcu \
-    php8-pecl-mailparse \
-    php8-pecl-mcrypt \
-    php8-pecl-memcached \
-    php8-pecl-redis \
-    php8-pgsql \
-    php8-phar \
-    php8-posix \
-    php8-soap \
-    php8-sockets \
-    php8-sodium \
-    php8-sqlite3 \
-    php8-tokenizer \
-    php8-xml \
-    php8-xmlreader \
-    php8-xsl \
-    php8-zip \
-    py3-cryptography \
-    py3-future \
-    py3-pip \
+    php81-bcmath \
+    php81-bz2 \
+    php81-ctype \
+    php81-curl \
+    php81-dom \
+    php81-exif \
+    php81-ftp \
+    php81-gd \
+    php81-gmp \
+    php81-iconv \
+    php81-imap \
+    php81-intl \
+    php81-ldap \
+    php81-mysqli \
+    php81-mysqlnd \
+    php81-opcache \
+    php81-pdo_mysql \
+    php81-pdo_odbc \
+    php81-pdo_pgsql \
+    php81-pdo_sqlite \
+    php81-pear \
+    php81-pecl-apcu \
+    php81-pecl-mailparse \
+    php81-pecl-memcached \
+    php81-pecl-redis \
+    php81-pgsql \
+    php81-phar \
+    php81-posix \
+    php81-soap \
+    php81-sockets \
+    php81-sodium \
+    php81-sqlite3 \
+    php81-tokenizer \
+    php81-xmlreader \
+    php81-xsl \
+    php81-zip \
     whois && \
-  apk add --no-cache \
-    --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
-    php8-pecl-xmlrpc && \
+  apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
+    php81-pecl-mcrypt \
+    php81-pecl-xmlrpc && \
   echo "**** install certbot plugins ****" && \
   if [ -z ${CERTBOT_VERSION+x} ]; then \
-    CERTBOT="certbot"; \
-  else \
-    CERTBOT="certbot==${CERTBOT_VERSION}"; \
+    CERTBOT_VERSION=$(curl -sL  https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
   fi && \
-  pip3 install -U \
-    pip wheel && \
-  pip install -U --find-links https://wheel-index.linuxserver.io/alpine-3.15/ \
-    acme==${CERTBOT_VERSION} \
-    ${CERTBOT} \
+  python3 -m ensurepip && \
+  pip3 install -U --no-cache-dir \
+    pip \
+    wheel && \
+  pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
+    certbot==${CERTBOT_VERSION} \
     certbot-dns-acmedns \
     certbot-dns-aliyun \
     certbot-dns-azure \
@@ -133,7 +125,6 @@ RUN \
     certbot-dns-njalla \
     certbot-dns-nsone \
     certbot-dns-ovh \
-    certbot-dns-porkbun \
     certbot-dns-rfc2136 \
     certbot-dns-route53 \
     certbot-dns-sakuracloud \
@@ -142,6 +133,7 @@ RUN \
     certbot-dns-vultr \
     certbot-plugin-gandi \
     cryptography \
+    future \
     requests && \
   echo "**** enable OCSP stapling from base ****" && \
   sed -i \
@@ -177,14 +169,10 @@ RUN \
   echo "**** cleanup ****" && \
   apk del --purge \
     build-dependencies && \
-  for cleanfiles in *.pyc *.pyo; \
-    do \
-    find /usr/lib/python3.*  -iname "${cleanfiles}" -exec rm -f '{}' + \
-    ; done && \
   rm -rf \
     /tmp/* \
-    /root/.cache \
-    /root/.cargo
+    $HOME/.cache \
+    $HOME/.cargo
 
 # copy local files
 COPY root/ /

Dockerfile.aarch64

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.17
 
 # set version label
 ARG BUILD_DATE
@@ -14,9 +16,8 @@ ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 RUN \
   echo "**** install build packages ****" && \
   apk add --no-cache --virtual=build-dependencies \
+    build-base \
     cargo \
-    g++ \
-    gcc \
     libffi-dev \
     libxml2-dev \
     libxslt-dev \
@@ -24,11 +25,9 @@ RUN \
     python3-dev && \
   echo "**** install runtime packages ****" && \
   apk add --no-cache --upgrade \
-    curl \
     fail2ban \
     gnupg \
     memcached \
-    nginx \
     nginx-mod-http-brotli \
     nginx-mod-http-dav-ext \
     nginx-mod-http-echo \
@@ -36,7 +35,6 @@ RUN \
     nginx-mod-http-geoip2 \
     nginx-mod-http-headers-more \
     nginx-mod-http-image-filter \
-    nginx-mod-http-nchan \
     nginx-mod-http-perl \
     nginx-mod-http-redis2 \
     nginx-mod-http-set-misc \
@@ -47,62 +45,56 @@ RUN \
     nginx-mod-stream \
     nginx-mod-stream-geoip2 \
     nginx-vim \
-    php8-bcmath \
-    php8-bz2 \
-    php8-ctype \
-    php8-curl \
-    php8-dom \
-    php8-exif \
-    php8-ftp \
-    php8-gd \
-    php8-gmp \
-    php8-iconv \
-    php8-imap \
-    php8-intl \
-    php8-ldap \
-    php8-mysqli \
-    php8-mysqlnd \
-    php8-opcache \
-    php8-pdo_mysql \
-    php8-pdo_odbc \
-    php8-pdo_pgsql \
-    php8-pdo_sqlite \
-    php8-pear \
-    php8-pecl-apcu \
-    php8-pecl-mailparse \
-    php8-pecl-mcrypt \
-    php8-pecl-memcached \
-    php8-pecl-redis \
-    php8-pgsql \
-    php8-phar \
-    php8-posix \
-    php8-soap \
-    php8-sockets \
-    php8-sodium \
-    php8-sqlite3 \
-    php8-tokenizer \
-    php8-xml \
-    php8-xmlreader \
-    php8-xsl \
-    php8-zip \
-    py3-cryptography \
-    py3-future \
-    py3-pip \
+    php81-bcmath \
+    php81-bz2 \
+    php81-ctype \
+    php81-curl \
+    php81-dom \
+    php81-exif \
+    php81-ftp \
+    php81-gd \
+    php81-gmp \
+    php81-iconv \
+    php81-imap \
+    php81-intl \
+    php81-ldap \
+    php81-mysqli \
+    php81-mysqlnd \
+    php81-opcache \
+    php81-pdo_mysql \
+    php81-pdo_odbc \
+    php81-pdo_pgsql \
+    php81-pdo_sqlite \
+    php81-pear \
+    php81-pecl-apcu \
+    php81-pecl-mailparse \
+    php81-pecl-memcached \
+    php81-pecl-redis \
+    php81-pgsql \
+    php81-phar \
+    php81-posix \
+    php81-soap \
+    php81-sockets \
+    php81-sodium \
+    php81-sqlite3 \
+    php81-tokenizer \
+    php81-xmlreader \
+    php81-xsl \
+    php81-zip \
     whois && \
-  apk add --no-cache \
-    --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
-    php8-pecl-xmlrpc && \
+  apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
+    php81-pecl-mcrypt \
+    php81-pecl-xmlrpc && \
   echo "**** install certbot plugins ****" && \
   if [ -z ${CERTBOT_VERSION+x} ]; then \
-    CERTBOT="certbot"; \
-  else \
-    CERTBOT="certbot==${CERTBOT_VERSION}"; \
+    CERTBOT_VERSION=$(curl -sL  https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
   fi && \
-  pip3 install -U \
-    pip wheel && \
-  pip install -U --find-links https://wheel-index.linuxserver.io/alpine-3.15/ \
-    acme==${CERTBOT_VERSION} \
-    ${CERTBOT} \
+  python3 -m ensurepip && \
+  pip3 install -U --no-cache-dir \
+    pip \
+    wheel && \
+  pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
+    certbot==${CERTBOT_VERSION} \
     certbot-dns-acmedns \
     certbot-dns-aliyun \
     certbot-dns-azure \
@@ -133,7 +125,6 @@ RUN \
     certbot-dns-njalla \
     certbot-dns-nsone \
     certbot-dns-ovh \
-    certbot-dns-porkbun \
     certbot-dns-rfc2136 \
     certbot-dns-route53 \
     certbot-dns-sakuracloud \
@@ -142,6 +133,7 @@ RUN \
     certbot-dns-vultr \
     certbot-plugin-gandi \
     cryptography \
+    future \
     requests && \
   echo "**** enable OCSP stapling from base ****" && \
   sed -i \
@@ -177,14 +169,10 @@ RUN \
   echo "**** cleanup ****" && \
   apk del --purge \
     build-dependencies && \
-  for cleanfiles in *.pyc *.pyo; \
-    do \
-    find /usr/lib/python3.*  -iname "${cleanfiles}" -exec rm -f '{}' + \
-    ; done && \
   rm -rf \
     /tmp/* \
-    /root/.cache \
-    /root/.cargo
+    $HOME/.cache \
+    $HOME/.cargo
 
 # copy local files
 COPY root/ /

Dockerfile.armhf

@@ -1,4 +1,6 @@
-FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
+# syntax=docker/dockerfile:1
+
+FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.17
 
 # set version label
 ARG BUILD_DATE
@@ -14,9 +16,8 @@ ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
 RUN \
   echo "**** install build packages ****" && \
   apk add --no-cache --virtual=build-dependencies \
+    build-base \
     cargo \
-    g++ \
-    gcc \
     libffi-dev \
     libxml2-dev \
     libxslt-dev \
@@ -24,11 +25,9 @@ RUN \
     python3-dev && \
   echo "**** install runtime packages ****" && \
   apk add --no-cache --upgrade \
-    curl \
     fail2ban \
     gnupg \
     memcached \
-    nginx \
     nginx-mod-http-brotli \
     nginx-mod-http-dav-ext \
     nginx-mod-http-echo \
@@ -36,7 +35,6 @@ RUN \
     nginx-mod-http-geoip2 \
     nginx-mod-http-headers-more \
     nginx-mod-http-image-filter \
-    nginx-mod-http-nchan \
     nginx-mod-http-perl \
     nginx-mod-http-redis2 \
     nginx-mod-http-set-misc \
@@ -47,62 +45,56 @@ RUN \
     nginx-mod-stream \
     nginx-mod-stream-geoip2 \
     nginx-vim \
-    php8-bcmath \
-    php8-bz2 \
-    php8-ctype \
-    php8-curl \
-    php8-dom \
-    php8-exif \
-    php8-ftp \
-    php8-gd \
-    php8-gmp \
-    php8-iconv \
-    php8-imap \
-    php8-intl \
-    php8-ldap \
-    php8-mysqli \
-    php8-mysqlnd \
-    php8-opcache \
-    php8-pdo_mysql \
-    php8-pdo_odbc \
-    php8-pdo_pgsql \
-    php8-pdo_sqlite \
-    php8-pear \
-    php8-pecl-apcu \
-    php8-pecl-mailparse \
-    php8-pecl-mcrypt \
-    php8-pecl-memcached \
-    php8-pecl-redis \
-    php8-pgsql \
-    php8-phar \
-    php8-posix \
-    php8-soap \
-    php8-sockets \
-    php8-sodium \
-    php8-sqlite3 \
-    php8-tokenizer \
-    php8-xml \
-    php8-xmlreader \
-    php8-xsl \
-    php8-zip \
-    py3-cryptography \
-    py3-future \
-    py3-pip \
+    php81-bcmath \
+    php81-bz2 \
+    php81-ctype \
+    php81-curl \
+    php81-dom \
+    php81-exif \
+    php81-ftp \
+    php81-gd \
+    php81-gmp \
+    php81-iconv \
+    php81-imap \
+    php81-intl \
+    php81-ldap \
+    php81-mysqli \
+    php81-mysqlnd \
+    php81-opcache \
+    php81-pdo_mysql \
+    php81-pdo_odbc \
+    php81-pdo_pgsql \
+    php81-pdo_sqlite \
+    php81-pear \
+    php81-pecl-apcu \
+    php81-pecl-mailparse \
+    php81-pecl-memcached \
+    php81-pecl-redis \
+    php81-pgsql \
+    php81-phar \
+    php81-posix \
+    php81-soap \
+    php81-sockets \
+    php81-sodium \
+    php81-sqlite3 \
+    php81-tokenizer \
+    php81-xmlreader \
+    php81-xsl \
+    php81-zip \
     whois && \
-  apk add --no-cache \
-    --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
-    php8-pecl-xmlrpc && \
+  apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
+    php81-pecl-mcrypt \
+    php81-pecl-xmlrpc && \
   echo "**** install certbot plugins ****" && \
   if [ -z ${CERTBOT_VERSION+x} ]; then \
-    CERTBOT="certbot"; \
-  else \
-    CERTBOT="certbot==${CERTBOT_VERSION}"; \
+    CERTBOT_VERSION=$(curl -sL  https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
   fi && \
-  pip3 install -U \
-    pip wheel && \
-  pip install -U --find-links https://wheel-index.linuxserver.io/alpine-3.15/ \
-    acme==${CERTBOT_VERSION} \
-    ${CERTBOT} \
+  python3 -m ensurepip && \
+  pip3 install -U --no-cache-dir \
+    pip \
+    wheel && \
+  pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
+    certbot==${CERTBOT_VERSION} \
     certbot-dns-acmedns \
     certbot-dns-aliyun \
     certbot-dns-azure \
@@ -133,7 +125,6 @@ RUN \
     certbot-dns-njalla \
     certbot-dns-nsone \
     certbot-dns-ovh \
-    certbot-dns-porkbun \
     certbot-dns-rfc2136 \
     certbot-dns-route53 \
     certbot-dns-sakuracloud \
@@ -142,6 +133,7 @@ RUN \
     certbot-dns-vultr \
     certbot-plugin-gandi \
     cryptography \
+    future \
     requests && \
   echo "**** enable OCSP stapling from base ****" && \
   sed -i \
@@ -177,14 +169,10 @@ RUN \
   echo "**** cleanup ****" && \
   apk del --purge \
     build-dependencies && \
-  for cleanfiles in *.pyc *.pyo; \
-    do \
-    find /usr/lib/python3.*  -iname "${cleanfiles}" -exec rm -f '{}' + \
-    ; done && \
   rm -rf \
     /tmp/* \
-    /root/.cache \
-    /root/.cargo
+    $HOME/.cache \
+    $HOME/.cargo
 
 # copy local files
 COPY root/ /

Jenkinsfile

@@ -100,18 +100,17 @@ pipeline {
     /* ########################
        External Release Tagging
        ######################## */
-    // If this is a custom command to determine version use that command
-    stage("Set tag custom bash"){
+    // If this is a pip release set the external tag to the pip version
+    stage("Set ENV pip_version"){
       steps{
         script{
           env.EXT_RELEASE = sh(
-            script: ''' echo '1.32.0' ''',
+            script: '''curl -sL  https://pypi.python.org/pypi/${EXT_PIP}/json |jq -r '. | .info.version' ''',
             returnStdout: true).trim()
-            env.RELEASE_LINK = 'custom_command'
+          env.RELEASE_LINK = 'https://pypi.python.org/pypi/' + env.EXT_PIP
         }
       }
-    }
-    // Sanitize the release tag and strip illegal docker or github characters
+    }    // Sanitize the release tag and strip illegal docker or github characters
     stage("Sanitize tag"){
       steps{
         script{
@@ -912,11 +911,11 @@ pipeline {
              "tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
         echo "Pushing New release for Tag"
         sh '''#! /bin/bash
-              echo "Updating to ${EXT_RELEASE_CLEAN}" > releasebody.json
+              echo "Updating PIP version of ${EXT_PIP} to ${EXT_RELEASE_CLEAN}" > releasebody.json
               echo '{"tag_name":"'${META_TAG}'",\
                      "target_commitish": "master",\
                      "name": "'${META_TAG}'",\
-                     "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
+                     "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**PIP Changes:**\\n\\n' > start
               printf '","draft": false,"prerelease": false}' >> releasebody.json
               paste -d'\\0' start releasebody.json > releasebody.json.done
               curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''

README.md

@@ -335,6 +335,10 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **21.01.23:** - Unpin certbot version (allow certbot 2.x). !!BREAKING CHANGE!! We are temporarily removing the certbot porkbun plugin until a new version is released that is compatible with certbot 2.x.
+* **20.01.23:** - Rebase to alpine 3.17 with php8.1.
+* **16.01.23:** - Remove nchan module because it keeps causing crashes.
+* **08.12.22:** - Revamp certbot init.
 * **03.12.22:** - Remove defunct cloudxns plugin.
 * **22.11.22:** - Pin acme to the same version as certbot.
 * **22.11.22:** - Pin certbot to 1.32.0 until plugin compatibility improves.

jenkins-vars.yml

@@ -2,12 +2,7 @@
 
 # jenkins variables
 project_name: docker-swag
-
-# Pin certbot to 1.32.0 until plugin compatibility improves
-external_type: na
-custom_version_command: "echo '1.32.0'"
-
-#external_type: pip_version
+external_type: pip_version
 release_type: stable
 release_tag: latest
 ls_branch: master

package_versions.txt

@@ -1,229 +1,204 @@
-alpine-baselayout-3.2.0-r18
+alpine-baselayout-3.4.0-r0
+alpine-baselayout-data-3.4.0-r0
 alpine-keys-2.4-r1
-apache2-utils-2.4.54-r0
-apk-tools-2.12.7-r3
-apr-1.7.0-r1
-apr-util-1.6.1-r11
-argon2-libs-20190702-r1
-bash-5.1.16-r0
-brotli-libs-1.0.9-r5
-busybox-1.34.1-r7
-c-client-2007f-r13
-ca-certificates-20220614-r0
-ca-certificates-bundle-20220614-r0
-coreutils-9.0-r2
-curl-7.80.0-r5
-expat-2.5.0-r0
-fail2ban-0.11.2-r1
-freetype-2.11.1-r2
-gdbm-1.22-r0
-git-2.34.5-r0
-git-perl-2.34.5-r0
-gmp-6.2.1-r1
-gnupg-2.2.31-r2
-gnupg-dirmngr-2.2.31-r2
-gnupg-gpgconf-2.2.31-r2
-gnupg-utils-2.2.31-r2
-gnupg-wks-client-2.2.31-r2
-gnutls-3.7.1-r1
-gpg-2.2.31-r2
-gpg-agent-2.2.31-r2
-gpg-wks-server-2.2.31-r2
-gpgsm-2.2.31-r2
-gpgv-2.2.31-r2
-icu-libs-69.1-r1
-ip6tables-1.8.7-r1
-iptables-1.8.7-r1
-libacl-2.2.53-r0
-libassuan-2.5.5-r0
-libattr-2.5.1-r1
-libbsd-0.11.3-r1
-libbz2-1.0.8-r1
+alpine-release-3.17.1-r0
+aom-libs-3.5.0-r0
+apache2-utils-2.4.55-r0
+apk-tools-2.12.10-r1
+apr-1.7.1-r0
+apr-util-1.6.1-r14
+argon2-libs-20190702-r2
+bash-5.2.15-r0
+brotli-libs-1.0.9-r9
+busybox-1.35.0-r29
+busybox-binsh-1.35.0-r29
+c-client-2007f-r14
+ca-certificates-20220614-r4
+ca-certificates-bundle-20220614-r4
+coreutils-9.1-r0
+curl-7.87.0-r1
+fail2ban-1.0.2-r0
+fontconfig-2.14.1-r0
+freetype-2.12.1-r0
+gdbm-1.23-r0
+git-2.38.3-r1
+git-perl-2.38.3-r1
+gmp-6.2.1-r2
+gnupg-2.2.40-r0
+gnupg-dirmngr-2.2.40-r0
+gnupg-gpgconf-2.2.40-r0
+gnupg-utils-2.2.40-r0
+gnupg-wks-client-2.2.40-r0
+gnutls-3.7.8-r2
+gpg-2.2.40-r0
+gpg-agent-2.2.40-r0
+gpg-wks-server-2.2.40-r0
+gpgsm-2.2.40-r0
+gpgv-2.2.40-r0
+icu-data-en-72.1-r1
+icu-libs-72.1-r1
+ip6tables-1.8.8-r2
+iptables-1.8.8-r2
+jq-1.6-r2
+libacl-2.3.1-r1
+libassuan-2.5.5-r1
+libattr-2.5.1-r2
+libavif-0.11.1-r0
+libbsd-0.11.7-r0
+libbz2-1.0.8-r4
 libc-utils-0.7.2-r3
-libcap-2.61-r0
-libcrypto1.1-1.1.1s-r1
-libcurl-7.80.0-r5
-libedit-20210910.3.1-r0
-libevent-2.1.12-r4
-libffi-3.4.2-r1
-libgcc-10.3.1_git20211027-r0
-libgcrypt-1.9.4-r0
-libgd-2.3.2-r1
-libgpg-error-1.42-r1
-libice-1.0.10-r0
-libidn-1.38-r0
-libintl-0.21-r0
-libjpeg-turbo-2.1.2-r0
-libksba-1.6.0-r0
-libldap-2.6.2-r0
-libmaxminddb-1.6.0-r0
-libmcrypt-2.5.8-r9
-libmd-1.0.3-r0
-libmemcached-libs-1.0.18-r4
-libmnl-1.0.4-r2
-libnftnl-1.2.1-r0
-libpng-1.6.37-r1
-libpq-14.5-r0
-libproc-3.3.17-r0
-libretls-3.3.4-r3
-libsasl-2.1.28-r0
-libseccomp-2.5.2-r0
-libsm-1.2.3-r0
-libsodium-1.0.18-r0
-libssl1.1-1.1.1s-r1
-libstdc++-10.3.1_git20211027-r0
-libtasn1-4.18.0-r1
-libunistring-0.9.10-r1
-libuuid-2.37.4-r0
-libwebp-1.2.2-r0
-libx11-1.7.3.1-r0
-libxau-1.0.9-r0
-libxcb-1.14-r2
-libxdmcp-1.1.3-r0
-libxext-1.3.4-r0
-libxml2-2.9.14-r2
-libxpm-3.5.13-r0
-libxslt-1.1.35-r0
+libcrypto3-3.0.8-r0
+libcurl-7.87.0-r1
+libdav1d-1.0.0-r2
+libedit-20221030.3.1-r0
+libevent-2.1.12-r5
+libexpat-2.5.0-r0
+libffi-3.4.4-r0
+libgcc-12.2.1_git20220924-r4
+libgcrypt-1.10.1-r0
+libgd-2.3.3-r3
+libgpg-error-1.46-r1
+libice-1.0.10-r1
+libidn-1.41-r0
+libintl-0.21.1-r1
+libjpeg-turbo-2.1.4-r0
+libksba-1.6.3-r0
+libldap-2.6.3-r6
+libmaxminddb-libs-1.7.1-r0
+libmcrypt-2.5.8-r10
+libmd-1.0.4-r0
+libmemcached-libs-1.0.18-r5
+libmnl-1.0.5-r0
+libnftnl-1.2.4-r0
+libpng-1.6.38-r0
+libpq-15.1-r0
+libproc-3.3.17-r2
+libsasl-2.1.28-r3
+libseccomp-2.5.4-r0
+libsm-1.2.3-r1
+libsodium-1.0.18-r2
+libssl3-3.0.8-r0
+libstdc++-12.2.1_git20220924-r4
+libtasn1-4.19.0-r0
+libunistring-1.1-r0
+libuuid-2.38.1-r1
+libwebp-1.2.4-r1
+libx11-1.8.4-r0
+libxau-1.0.10-r0
+libxcb-1.15-r0
+libxdmcp-1.1.4-r0
+libxext-1.3.5-r0
+libxml2-2.10.3-r1
+libxpm-3.5.15-r0
+libxslt-1.1.37-r0
 libxt-1.2.1-r0
-libzip-1.8.0-r1
-linux-pam-1.5.2-r0
-logrotate-3.18.1-r4
-lz4-libs-1.9.3-r1
-memcached-1.6.12-r0
+libzip-1.9.2-r2
+linux-pam-1.5.2-r1
+logrotate-3.20.1-r3
+lz4-libs-1.9.4-r1
+memcached-1.6.17-r0
 mpdecimal-2.5.1-r1
-musl-1.2.2-r7
-musl-utils-1.2.2-r7
-nano-5.9-r0
-ncurses-libs-6.3_p20211120-r1
-ncurses-terminfo-base-6.3_p20211120-r1
-nettle-3.7.3-r0
-nghttp2-libs-1.46.0-r0
-nginx-1.20.2-r1
-nginx-mod-devel-kit-1.20.2-r1
-nginx-mod-http-brotli-1.20.2-r1
-nginx-mod-http-dav-ext-1.20.2-r1
-nginx-mod-http-echo-1.20.2-r1
-nginx-mod-http-fancyindex-1.20.2-r1
-nginx-mod-http-geoip2-1.20.2-r1
-nginx-mod-http-headers-more-1.20.2-r1
-nginx-mod-http-image-filter-1.20.2-r1
-nginx-mod-http-nchan-1.20.2-r1
-nginx-mod-http-perl-1.20.2-r1
-nginx-mod-http-redis2-1.20.2-r1
-nginx-mod-http-set-misc-1.20.2-r1
-nginx-mod-http-upload-progress-1.20.2-r1
-nginx-mod-http-xslt-filter-1.20.2-r1
-nginx-mod-mail-1.20.2-r1
-nginx-mod-rtmp-1.20.2-r1
-nginx-mod-stream-1.20.2-r1
-nginx-mod-stream-geoip2-1.20.2-r1
-nginx-vim-1.20.2-r1
-npth-1.6-r1
-oniguruma-6.9.7.1-r0
-openssl-1.1.1s-r1
-p11-kit-0.24.0-r1
-pcre-8.45-r1
-pcre2-10.40-r0
-perl-5.34.0-r1
+musl-1.2.3-r4
+musl-utils-1.2.3-r4
+nano-7.0-r0
+ncurses-libs-6.3_p20221119-r0
+ncurses-terminfo-base-6.3_p20221119-r0
+nettle-3.8.1-r0
+nghttp2-libs-1.51.0-r0
+nginx-1.22.1-r0
+nginx-mod-devel-kit-1.22.1-r0
+nginx-mod-http-brotli-1.22.1-r0
+nginx-mod-http-dav-ext-1.22.1-r0
+nginx-mod-http-echo-1.22.1-r0
+nginx-mod-http-fancyindex-1.22.1-r0
+nginx-mod-http-geoip2-1.22.1-r0
+nginx-mod-http-headers-more-1.22.1-r0
+nginx-mod-http-image-filter-1.22.1-r0
+nginx-mod-http-perl-1.22.1-r0
+nginx-mod-http-redis2-1.22.1-r0
+nginx-mod-http-set-misc-1.22.1-r0
+nginx-mod-http-upload-progress-1.22.1-r0
+nginx-mod-http-xslt-filter-1.22.1-r0
+nginx-mod-mail-1.22.1-r0
+nginx-mod-rtmp-1.22.1-r0
+nginx-mod-stream-1.22.1-r0
+nginx-mod-stream-geoip2-1.22.1-r0
+nginx-vim-1.22.1-r0
+npth-1.6-r2
+oniguruma-6.9.8-r0
+openssl-3.0.7-r2
+p11-kit-0.24.1-r1
+pcre-8.45-r2
+pcre2-10.42-r0
+perl-5.36.0-r0
 perl-error-0.17029-r1
-perl-git-2.34.5-r0
-php8-8.0.25-r0
-php8-bcmath-8.0.25-r0
-php8-bz2-8.0.25-r0
-php8-common-8.0.25-r0
-php8-ctype-8.0.25-r0
-php8-curl-8.0.25-r0
-php8-dom-8.0.25-r0
-php8-exif-8.0.25-r0
-php8-fileinfo-8.0.25-r0
-php8-fpm-8.0.25-r0
-php8-ftp-8.0.25-r0
-php8-gd-8.0.25-r0
-php8-gmp-8.0.25-r0
-php8-iconv-8.0.25-r0
-php8-imap-8.0.25-r0
-php8-intl-8.0.25-r0
-php8-ldap-8.0.25-r0
-php8-mbstring-8.0.25-r0
-php8-mysqli-8.0.25-r0
-php8-mysqlnd-8.0.25-r0
-php8-opcache-8.0.25-r0
-php8-openssl-8.0.25-r0
-php8-pdo-8.0.25-r0
-php8-pdo_mysql-8.0.25-r0
-php8-pdo_odbc-8.0.25-r0
-php8-pdo_pgsql-8.0.25-r0
-php8-pdo_sqlite-8.0.25-r0
-php8-pear-8.0.25-r0
-php8-pecl-apcu-5.1.21-r0
-php8-pecl-igbinary-3.2.6-r0
-php8-pecl-mailparse-3.1.3-r0
-php8-pecl-mcrypt-1.0.4-r0
-php8-pecl-memcached-3.1.5-r1
-php8-pecl-redis-5.3.6-r0
-php8-pecl-xmlrpc-1.0.0_rc3-r0
-php8-pgsql-8.0.25-r0
-php8-phar-8.0.25-r0
-php8-posix-8.0.25-r0
-php8-session-8.0.25-r0
-php8-simplexml-8.0.25-r0
-php8-soap-8.0.25-r0
-php8-sockets-8.0.25-r0
-php8-sodium-8.0.25-r0
-php8-sqlite3-8.0.25-r0
-php8-tokenizer-8.0.25-r0
-php8-xml-8.0.25-r0
-php8-xmlreader-8.0.25-r0
-php8-xmlwriter-8.0.25-r0
-php8-xsl-8.0.25-r0
-php8-zip-8.0.25-r0
-pinentry-1.2.0-r0
-popt-1.18-r0
-procps-3.3.17-r0
-py3-appdirs-1.4.4-r2
-py3-asn1crypto-1.4.0-r1
-py3-cachecontrol-0.12.10-r0
-py3-certifi-2020.12.5-r1
-py3-cffi-1.14.5-r4
-py3-charset-normalizer-2.0.7-r0
-py3-colorama-0.4.4-r1
-py3-contextlib2-21.6.0-r1
-py3-cparser-2.20-r1
-py3-cryptography-3.3.2-r3
-py3-distlib-0.3.3-r0
-py3-distro-1.6.0-r0
-py3-future-0.18.2-r3
-py3-html5lib-1.1-r1
-py3-idna-3.3-r0
-py3-lockfile-0.12.2-r4
-py3-msgpack-1.0.2-r1
-py3-ordered-set-4.0.2-r2
-py3-packaging-20.9-r1
-py3-parsing-2.4.7-r2
-py3-pep517-0.12.0-r0
-py3-pip-20.3.4-r1
-py3-progress-1.6-r0
-py3-requests-2.26.0-r1
-py3-retrying-1.3.3-r2
-py3-setuptools-52.0.0-r4
-py3-six-1.16.0-r0
-py3-toml-0.10.2-r2
-py3-tomli-1.2.2-r0
-py3-urllib3-1.26.7-r0
-py3-webencodings-0.5.1-r4
-python3-3.9.16-r0
-readline-8.1.1-r0
-s6-ipcserver-2.11.0.0-r0
-scanelf-1.3.3-r0
-shadow-4.8.1-r1
-skalibs-2.11.0.0-r0
-sqlite-libs-3.36.0-r0
-ssl_client-1.34.1-r7
+perl-git-2.38.3-r1
+php81-8.1.15-r0
+php81-bcmath-8.1.15-r0
+php81-bz2-8.1.15-r0
+php81-common-8.1.15-r0
+php81-ctype-8.1.15-r0
+php81-curl-8.1.15-r0
+php81-dom-8.1.15-r0
+php81-exif-8.1.15-r0
+php81-fileinfo-8.1.14-r0
+php81-fpm-8.1.14-r0
+php81-ftp-8.1.15-r0
+php81-gd-8.1.15-r0
+php81-gmp-8.1.15-r0
+php81-iconv-8.1.15-r0
+php81-imap-8.1.15-r0
+php81-intl-8.1.15-r0
+php81-ldap-8.1.15-r0
+php81-mbstring-8.1.15-r0
+php81-mysqli-8.1.15-r0
+php81-mysqlnd-8.1.15-r0
+php81-opcache-8.1.15-r0
+php81-openssl-8.1.15-r0
+php81-pdo-8.1.15-r0
+php81-pdo_mysql-8.1.15-r0
+php81-pdo_odbc-8.1.15-r0
+php81-pdo_pgsql-8.1.15-r0
+php81-pdo_sqlite-8.1.15-r0
+php81-pear-8.1.15-r0
+php81-pecl-apcu-5.1.22-r0
+php81-pecl-igbinary-3.2.12-r0
+php81-pecl-mailparse-3.1.4-r0
+php81-pecl-mcrypt-1.0.4-r0
+php81-pecl-memcached-3.2.0-r0
+php81-pecl-redis-5.3.7-r0
+php81-pecl-xmlrpc-1.0.0_rc3-r0
+php81-pgsql-8.1.15-r0
+php81-phar-8.1.15-r0
+php81-posix-8.1.15-r0
+php81-session-8.1.15-r0
+php81-simplexml-8.1.14-r0
+php81-soap-8.1.15-r0
+php81-sockets-8.1.15-r0
+php81-sodium-8.1.15-r0
+php81-sqlite3-8.1.15-r0
+php81-tokenizer-8.1.15-r0
+php81-xml-8.1.15-r0
+php81-xmlreader-8.1.15-r0
+php81-xmlwriter-8.1.14-r0
+php81-xsl-8.1.15-r0
+php81-zip-8.1.15-r0
+pinentry-1.2.1-r0
+popt-1.19-r0
+procps-3.3.17-r2
+python3-3.10.10-r0
+readline-8.2.0-r0
+scanelf-1.3.5-r1
+shadow-4.13-r0
+skalibs-2.12.0.1-r0
+sqlite-libs-3.40.1-r0
+ssl_client-1.35.0-r29
+tiff-4.4.0-r1
 tzdata-2022f-r1
-unixodbc-2.3.9-r1
-utmps-0.1.0.3-r0
-whois-5.5.10-r0
-xz-5.2.5-r1
-xz-libs-5.2.5-r1
-zlib-1.2.12-r3
-zstd-libs-1.5.0-r0
+unixodbc-2.3.11-r0
+utmps-libs-0.1.2.0-r1
+whois-5.5.14-r0
+xz-5.2.9-r0
+xz-libs-5.2.9-r0
+zlib-1.2.13-r0
+zstd-libs-1.5.2-r9

readme-vars.yml

@@ -152,11 +152,12 @@ app_setup_block: |
 
   Please follow the instructions [on this blog post](https://www.linuxserver.io/blog/2020-08-21-introducing-swag#migrate).
 
-app_setup_nginx_reverse_proxy_snippet: false
-app_setup_nginx_reverse_proxy_block: ""
-
 # changelog
 changelogs:
+  - { date: "21.01.23:", desc: "Unpin certbot version (allow certbot 2.x). !!BREAKING CHANGE!! We are temporarily removing the certbot porkbun plugin until a new version is released that is compatible with certbot 2.x." }
+  - { date: "20.01.23:", desc: "Rebase to alpine 3.17 with php8.1." }
+  - { date: "16.01.23:", desc: "Remove nchan module because it keeps causing crashes." }
+  - { date: "08.12.22:", desc: "Revamp certbot init."}
   - { date: "03.12.22:", desc: "Remove defunct cloudxns plugin."}
   - { date: "22.11.22:", desc: "Pin acme to the same version as certbot."}
   - { date: "22.11.22:", desc: "Pin certbot to 1.32.0 until plugin compatibility improves."}

root/defaults/dns-conf/cpanel.ini

@@ -1,6 +1,15 @@
 # Instructions: https://github.com/badjware/certbot-dns-cpanel#credentials
-# Replace with your values
+# The url cPanel url
 # include the scheme and the port number (usually 2083 for https)
-dns_cpanel_url = https://cpanel.example.com:2083
-dns_cpanel_username = username
-dns_cpanel_password = 1234567890abcdef
+cpanel_url = https://cpanel.exemple.com:2083
+
+# The cPanel username
+cpanel_username = user
+
+# The cPanel password 
+cpanel_password = hunter2
+
+# The cPanel API Token
+cpanel_token = EUTQ793EY7MIRX4EMXXXXXXXXXXOX4JF
+
+# You only need to configure API Token or Password. If you supply both, the API Token will be used

root/defaults/dns-conf/directadmin.ini

@@ -12,10 +12,10 @@
 
 # The DirectAdmin Server url
 # include the scheme and the port number (Normally 2222)
-directadmin_url = https://my.directadminserver.com:2222
+dns_directadmin_url = https://my.directadminserver.com:2222
 
 # The DirectAdmin username
-directadmin_username = username
+dns_directadmin_username = username
 
 # The DirectAdmin password
-directadmin_password = aSuperStrongPassword
+dns_directadmin_password = aSuperStrongPassword

root/defaults/etc/letsencrypt/renewal-hooks/post/10-nginx

@@ -5,11 +5,11 @@
 . /config/.donoteditthisfile.conf
 
 if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
-	if pgrep -f "s6-supervise nginx" >/dev/null; then
-		s6-svc -u /run/service/nginx
-	fi
+    if pgrep -f "s6-supervise nginx" >/dev/null; then
+        s6-svc -u /run/service/svc-nginx
+    fi
 else
-	if pgrep -f "nginx:" >/dev/null; then
-		s6-svc -h /run/service/nginx
-	fi
+    if pgrep -f "nginx:" >/dev/null; then
+        s6-svc -h /run/service/svc-nginx
+    fi
 fi

root/defaults/etc/letsencrypt/renewal-hooks/pre/10-nginx

@@ -5,7 +5,7 @@
 . /config/.donoteditthisfile.conf
 
 if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
-	if pgrep -f "nginx:" >/dev/null; then
-		s6-svc -d /run/service/nginx
-	fi
+    if pgrep -f "nginx:" >/dev/null; then
+        s6-svc -d /run/service/svc-nginx
+    fi
 fi

root/etc/cont-init.d/43-crontabs

@@ -1,11 +0,0 @@
-#!/usr/bin/with-contenv bash
-# shellcheck shell=bash
-
-# copy crontabs if needed
-if [[ ! -f /config/crontabs/root ]]; then
-    cp /etc/crontabs/root /config/crontabs/
-fi
-
-# import user crontabs
-rm /etc/crontabs/*
-cp /config/crontabs/* /etc/crontabs/

root/etc/s6-overlay/s6-rc.d/init-certbot-config/run

@@ -24,27 +24,23 @@ for i in "${SANED_VARS[@]}"; do
 done
 
 # check to make sure DNSPLUGIN is selected if dns validation is used
-if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
+if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
     echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details."
     sleep infinity
 fi
 
 # copy dns default configs
 cp -n /defaults/dns-conf/* /config/dns-conf/
-chown -R abc:abc /config/dns-conf
-
-# update plugin names in dns conf inis
-sed -i 's|^certbot_dns_aliyun:||g' /config/dns-conf/aliyun.ini
-sed -i 's|^certbot_dns_cpanel:|dns_|g' /config/dns-conf/cpanel.ini
-sed -i 's|^certbot_dns_domeneshop:||g' /config/dns-conf/domeneshop.ini
-sed -i 's|^certbot_dns_inwx:||g' /config/dns-conf/inwx.ini
-sed -i 's|^certbot_dns_transip:||g' /config/dns-conf/transip.ini
-sed -i 's|^certbot_plugin_gandi:dns_|dns_gandi_|g' /config/dns-conf/gandi.ini
+lsiown -R abc:abc /config/dns-conf
 
 # copy default renewal hooks
 chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
 cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/
-chown -R abc:abc /config/etc/letsencrypt/renewal-hooks
+lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
+
+# replace nginx service location in renewal hooks
+find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
+find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
 
 # create original config file if it doesn't exist, move non-hidden legacy file to hidden
 if [[ -f "/config/donoteditthisfile.conf" ]]; then
@@ -59,6 +55,57 @@ fi
 # shellcheck source=/dev/null
 . /config/.donoteditthisfile.conf
 
+# setting ORIGDOMAIN for use in revoke sections
+if [[ "${ORIGONLY_SUBDOMAINS}" = "true" ]] && [[ ! "${ORIGSUBDOMAINS}" = "wildcard" ]]; then
+    ORIGDOMAIN="$(echo "${ORIGSUBDOMAINS}" | tr ',' ' ' | awk '{print $1}').${ORIGURL}"
+else
+    ORIGDOMAIN="${ORIGURL}"
+fi
+
+# update plugin names in dns conf inis
+sed -i 's|^certbot[-_]dns[-_]aliyun:||g' /config/dns-conf/aliyun.ini
+sed -i 's|^certbot[-_]dns[-_]cpanel:||g' /config/dns-conf/cpanel.ini
+sed -i 's|^dns[-_]cpanel[-_]|cpanel_|g' /config/dns-conf/cpanel.ini
+sed -i 's|^directadmin[-_]|dns_directadmin_|g' /config/dns-conf/directadmin.ini
+sed -i 's|^certbot[-_]dns[-_]domeneshop:||g' /config/dns-conf/domeneshop.ini
+sed -i 's|^certbot[-_]plugin[-_]gandi:dns[-_]|dns_gandi_|g' /config/dns-conf/gandi.ini
+sed -i 's|^certbot[-_]dns[-_]inwx:||g' /config/dns-conf/inwx.ini
+sed -i 's|^certbot[-_]dns[-_]transip:||g' /config/dns-conf/transip.ini
+
+# update plugin names in renewal conf
+if [[ -f "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf" ]] && [[ "${ORIGVALIDATION}" = "dns" ]]; then
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(aliyun)$ ]]; then
+        sed -i 's|^authenticator = certbot[-_]dns[-_]aliyun:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^certbot[-_]dns[-_]aliyun:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(cpanel)$ ]]; then
+        sed -i 's|^authenticator = certbot[-_]dns[-_]cpanel:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^certbot[-_]dns[-_]cpanel:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^authenticator = dns[-_]cpanel|authenticator = cpanel|g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^dns[-_]cpanel[-_]|cpanel_|g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(directadmin)$ ]]; then
+        sed -i 's|^authenticator = directadmin|authenticator = dns-directadmin|g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^directadmin[-_]|dns_directadmin_|g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(domeneshop)$ ]]; then
+        sed -i 's|^authenticator = certbot[-_]dns[-_]domeneshop:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^certbot[-_]dns[-_]domeneshop:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(gandi)$ ]]; then
+        sed -i 's|^authenticator = certbot[-_]plugin[-_]gandi:dns|authenticator = dns-gandi|g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^certbot[-_]plugin[-_]gandi:dns[-_]|dns_gandi_|g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(inwx)$ ]]; then
+        sed -i 's|^authenticator = certbot[-_]dns[-_]inwx:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^certbot[-_]dns[-_]inwx:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+    if [[ "${ORIGDNSPLUGIN}" =~ ^(transip)$ ]]; then
+        sed -i 's|^authenticator = certbot[-_]dns[-_]transip:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+        sed -i 's|^certbot[-_]dns[-_]transip:||g' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf"
+    fi
+fi
+
 # set default validation to http
 if [[ -z "${VALIDATION}" ]]; then
     VALIDATION="http"
@@ -84,6 +131,59 @@ if [[ "${VALIDATION}" = "dns" ]] && [[ "${DNSPLUGIN}" = "duckdns" ]]; then
     export EXTRA_DOMAINS=""
 fi
 
+# setting the symlink for key location
+rm -rf /config/keys/letsencrypt
+if [[ "${ONLY_SUBDOMAINS}" = "true" ]] && [[ ! "${SUBDOMAINS}" = "wildcard" ]]; then
+    DOMAIN="$(echo "${SUBDOMAINS}" | tr ',' ' ' | awk '{print $1}').${URL}"
+    ln -s ../etc/letsencrypt/live/"${DOMAIN}" /config/keys/letsencrypt
+else
+    ln -s ../etc/letsencrypt/live/"${URL}" /config/keys/letsencrypt
+fi
+
+# checking for changes in cert variables, revoking certs if necessary
+if [[ ! "${URL}" = "${ORIGURL}" ]] ||
+    [[ ! "${SUBDOMAINS}" = "${ORIGSUBDOMAINS}" ]] ||
+    [[ ! "${ONLY_SUBDOMAINS}" = "${ORIGONLY_SUBDOMAINS}" ]] ||
+    [[ ! "${EXTRA_DOMAINS}" = "${ORIGEXTRA_DOMAINS}" ]] ||
+    [[ ! "${VALIDATION}" = "${ORIGVALIDATION}" ]] ||
+    [[ ! "${DNSPLUGIN}" = "${ORIGDNSPLUGIN}" ]] ||
+    [[ ! "${PROPAGATION}" = "${ORIGPROPAGATION}" ]] ||
+    [[ ! "${STAGING}" = "${ORIGSTAGING}" ]] ||
+    [[ ! "${CERTPROVIDER}" = "${ORIGCERTPROVIDER}" ]]; then
+    echo "Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created"
+    if [[ "${ORIGCERTPROVIDER}" = "zerossl" ]] && [[ -n "${ORIGEMAIL}" ]]; then
+        REV_EAB_CREDS=$(curl -s https://api.zerossl.com/acme/eab-credentials-email --data "email=${ORIGEMAIL}")
+        REV_ZEROSSL_EAB_KID=$(echo "${REV_EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_kid'])")
+        REV_ZEROSSL_EAB_HMAC_KEY=$(echo "${REV_EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_hmac_key'])")
+        if [[ -z "${REV_ZEROSSL_EAB_KID}" ]] || [[ -z "${REV_ZEROSSL_EAB_HMAC_KEY}" ]]; then
+            echo "Unable to retrieve EAB credentials from ZeroSSL. Check the outgoing connections to api.zerossl.com and dns. Sleeping."
+            sleep infinity
+        fi
+        REV_ACMESERVER="https://acme.zerossl.com/v2/DV90 --eab-kid ${REV_ZEROSSL_EAB_KID} --eab-hmac-key ${REV_ZEROSSL_EAB_HMAC_KEY}"
+    elif [[ "${ORIGSTAGING}" = "true" ]]; then
+        REV_ACMESERVER="https://acme-staging-v02.api.letsencrypt.org/directory"
+    else
+        REV_ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
+    fi
+    if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
+        certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server ${REV_ACMESERVER} || true
+    fi
+    rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
+fi
+
+# saving new variables
+echo -e "ORIGURL=\"${URL}\" ORIGSUBDOMAINS=\"${SUBDOMAINS}\" ORIGONLY_SUBDOMAINS=\"${ONLY_SUBDOMAINS}\" ORIGEXTRA_DOMAINS=\"${EXTRA_DOMAINS}\" ORIGVALIDATION=\"${VALIDATION}\" ORIGDNSPLUGIN=\"${DNSPLUGIN}\" ORIGPROPAGATION=\"${PROPAGATION}\" ORIGSTAGING=\"${STAGING}\" ORIGCERTPROVIDER=\"${CERTPROVIDER}\" ORIGEMAIL=\"${EMAIL}\"" >/config/.donoteditthisfile.conf
+
+# Check if the cert is using the old LE root cert, revoke and regen if necessary
+if [[ -f "/config/keys/letsencrypt/chain.pem" ]] && { [[ "${CERTPROVIDER}" == "letsencrypt" ]] || [[ "${CERTPROVIDER}" == "" ]]; } && [[ "${STAGING}" != "true" ]] && ! openssl x509 -in /config/keys/letsencrypt/chain.pem -noout -issuer | grep -q "ISRG Root X"; then
+    echo "The cert seems to be using the old LE root cert, which is no longer valid. Deleting and revoking."
+    REV_ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
+    if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
+        certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server ${REV_ACMESERVER} || true
+    fi
+    rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
+fi
+
 # if zerossl is selected or staging is set to true, use the relevant server
 if [[ "${CERTPROVIDER}" = "zerossl" ]] && [[ "${STAGING}" = "true" ]]; then
     echo "ZeroSSL does not support staging mode, ignoring STAGING variable"
@@ -151,33 +251,40 @@ else
     EMAILPARAM="--register-unsafely-without-email"
 fi
 
+# alter extension for error message
+if [[ "${DNSPLUGIN}" = "google" ]]; then
+    DNSCREDENTIALFILE="/config/dns-conf/${DNSPLUGIN}.json"
+else
+    DNSCREDENTIALFILE="/config/dns-conf/${DNSPLUGIN}.ini"
+fi
+
 # setting the validation method to use
 if [[ "${VALIDATION}" = "dns" ]]; then
-    if [[ "${DNSPLUGIN}" = "route53" ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
-        PREFCHAL="--dns-${DNSPLUGIN} ${PROPAGATIONPARAM}"
-    elif [[ "${DNSPLUGIN}" =~ ^(azure|gandi)$ ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
-        PREFCHAL="-a dns-${DNSPLUGIN} --dns-${DNSPLUGIN}-credentials /config/dns-conf/${DNSPLUGIN}.ini"
-    elif [[ "${DNSPLUGIN}" =~ ^(duckdns)$ ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
-        PREFCHAL="-a dns-${DNSPLUGIN} --dns-${DNSPLUGIN}-credentials /config/dns-conf/${DNSPLUGIN}.ini --dns-duckdns-no-txt-restore ${PROPAGATIONPARAM}"
-    elif [[ "${DNSPLUGIN}" =~ ^(google)$ ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
-        PREFCHAL="--dns-${DNSPLUGIN} --dns-${DNSPLUGIN}-credentials /config/dns-conf/${DNSPLUGIN}.json ${PROPAGATIONPARAM}"
-    elif [[ "${DNSPLUGIN}" =~ ^(acmedns|aliyun|cpanel|desec|dnspod|do|domeneshop|dynu|godaddy|he|hetzner|infomaniak|inwx|ionos|loopia|netcup|njalla|porkbun|transip|vultr)$ ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
-        PREFCHAL="-a dns-${DNSPLUGIN} --dns-${DNSPLUGIN}-credentials /config/dns-conf/${DNSPLUGIN}.ini ${PROPAGATIONPARAM}"
-    elif [[ "${DNSPLUGIN}" =~ ^(standalone)$ ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then echo "standalone dns plugin does not support setting propagation time"; fi
-        PREFCHAL="-a dns-${DNSPLUGIN}"
-    elif [[ "${DNSPLUGIN}" =~ ^(directadmin)$ ]]; then
-        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
-        PREFCHAL="-a ${DNSPLUGIN} --${DNSPLUGIN}-credentials /config/dns-conf/${DNSPLUGIN}.ini ${PROPAGATIONPARAM}"
-    else
-        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
-        PREFCHAL="--dns-${DNSPLUGIN} --dns-${DNSPLUGIN}-credentials /config/dns-conf/${DNSPLUGIN}.ini ${PROPAGATIONPARAM}"
+    AUTHENTICATORPARAM="--authenticator dns-${DNSPLUGIN}"
+    DNSCREDENTIALSPARAM="--dns-${DNSPLUGIN}-credentials ${DNSCREDENTIALFILE}"
+    if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
+
+    # plugins that don't support setting credentials file
+    if [[ "${DNSPLUGIN}" =~ ^(route53|standalone)$ ]]; then
+        DNSCREDENTIALSPARAM=""
     fi
+    # plugins that don't support setting propagation
+    if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|standalone)$ ]]; then
+        if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
+        PROPAGATIONPARAM=""
+    fi
+    # plugins that use old parameter naming convention
+    if [[ "${DNSPLUGIN}" =~ ^(cpanel)$ ]]; then
+        AUTHENTICATORPARAM="--authenticator ${DNSPLUGIN}"
+        DNSCREDENTIALSPARAM="--${DNSPLUGIN}-credentials ${DNSCREDENTIALFILE}"
+        if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
+    fi
+    # don't restore txt records when using DuckDNS plugin
+    if [[ "${DNSPLUGIN}" =~ ^(duckdns)$ ]]; then
+        AUTHENTICATORPARAM="${AUTHENTICATORPARAM} --dns-${DNSPLUGIN}-no-txt-restore"
+    fi
+
+    PREFCHAL="${AUTHENTICATORPARAM} ${DNSCREDENTIALSPARAM} ${PROPAGATIONPARAM}"
     echo "${VALIDATION} validation via ${DNSPLUGIN} plugin is selected"
 elif [[ "${VALIDATION}" = "tls-sni" ]]; then
     PREFCHAL="--standalone --preferred-challenges http"
@@ -187,63 +294,6 @@ else
     echo "http validation is selected"
 fi
 
-# setting the symlink for key location
-rm -rf /config/keys/letsencrypt
-if [[ "${ONLY_SUBDOMAINS}" = "true" ]] && [[ ! "${SUBDOMAINS}" = "wildcard" ]]; then
-    DOMAIN="$(echo "${SUBDOMAINS}" | tr ',' ' ' | awk '{print $1}').${URL}"
-    ln -s ../etc/letsencrypt/live/"${DOMAIN}" /config/keys/letsencrypt
-else
-    ln -s ../etc/letsencrypt/live/"${URL}" /config/keys/letsencrypt
-fi
-
-# checking for changes in cert variables, revoking certs if necessary
-if [[ ! "${URL}" = "${ORIGURL}" ]] || [[ ! "${SUBDOMAINS}" = "${ORIGSUBDOMAINS}" ]] || [[ ! "${ONLY_SUBDOMAINS}" = "${ORIGONLY_SUBDOMAINS}" ]] || [[ ! "${EXTRA_DOMAINS}" = "${ORIGEXTRA_DOMAINS}" ]] || [[ ! "${VALIDATION}" = "${ORIGVALIDATION}" ]] || [[ ! "${DNSPLUGIN}" = "${ORIGDNSPLUGIN}" ]] || [[ ! "${PROPAGATION}" = "${ORIGPROPAGATION}" ]] || [[ ! "${STAGING}" = "${ORIGSTAGING}" ]] || [[ ! "${CERTPROVIDER}" = "${ORIGCERTPROVIDER}" ]]; then
-    echo "Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created"
-    if [[ "${ORIGONLY_SUBDOMAINS}" = "true" ]] && [[ ! "${ORIGSUBDOMAINS}" = "wildcard" ]]; then
-        ORIGDOMAIN="$(echo "${ORIGSUBDOMAINS}" | tr ',' ' ' | awk '{print $1}').${ORIGURL}"
-    else
-        ORIGDOMAIN="${ORIGURL}"
-    fi
-    if [[ "${ORIGCERTPROVIDER}" = "zerossl" ]] && [[ -n "${ORIGEMAIL}" ]]; then
-        REV_EAB_CREDS=$(curl -s https://api.zerossl.com/acme/eab-credentials-email --data "email=${ORIGEMAIL}")
-        REV_ZEROSSL_EAB_KID=$(echo "${REV_EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_kid'])")
-        REV_ZEROSSL_EAB_HMAC_KEY=$(echo "${REV_EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_hmac_key'])")
-        if [[ -z "${REV_ZEROSSL_EAB_KID}" ]] || [[ -z "${REV_ZEROSSL_EAB_HMAC_KEY}" ]]; then
-            echo "Unable to retrieve EAB credentials from ZeroSSL. Check the outgoing connections to api.zerossl.com and dns. Sleeping."
-            sleep infinity
-        fi
-        REV_ACMESERVER="https://acme.zerossl.com/v2/DV90 --eab-kid ${REV_ZEROSSL_EAB_KID} --eab-hmac-key ${REV_ZEROSSL_EAB_HMAC_KEY}"
-    elif [[ "${ORIGSTAGING}" = "true" ]]; then
-        REV_ACMESERVER="https://acme-staging-v02.api.letsencrypt.org/directory"
-    else
-        REV_ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
-    fi
-    if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
-        certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server ${REV_ACMESERVER}
-    fi
-    rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
-fi
-
-# saving new variables
-echo -e "ORIGURL=\"${URL}\" ORIGSUBDOMAINS=\"${SUBDOMAINS}\" ORIGONLY_SUBDOMAINS=\"${ONLY_SUBDOMAINS}\" ORIGEXTRA_DOMAINS=\"${EXTRA_DOMAINS}\" ORIGVALIDATION=\"${VALIDATION}\" ORIGDNSPLUGIN=\"${DNSPLUGIN}\" ORIGPROPAGATION=\"${PROPAGATION}\" ORIGSTAGING=\"${STAGING}\" ORIGCERTPROVIDER=\"${CERTPROVIDER}\" ORIGEMAIL=\"${EMAIL}\"" >/config/.donoteditthisfile.conf
-
-# alter extension for error message
-if [[ "${DNSPLUGIN}" = "google" ]]; then
-    FILENAME="${DNSPLUGIN}.json"
-else
-    FILENAME="${DNSPLUGIN}.ini"
-fi
-
-# Check if the cert is using the old LE root cert, revoke and regen if necessary
-if [[ -f "/config/keys/letsencrypt/chain.pem" ]] && { [[ "${CERTPROVIDER}" == "letsencrypt" ]] || [[ "${CERTPROVIDER}" == "" ]]; } && [[ "${STAGING}" != "true" ]] && ! openssl x509 -in /config/keys/letsencrypt/chain.pem -noout -issuer | grep -q "ISRG Root X"; then
-    echo "The cert seems to be using the old LE root cert, which is no longer valid. Deleting and revoking."
-    REV_ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
-    if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
-        certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server ${REV_ACMESERVER}
-    fi
-    rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
-fi
-
 # generating certs if necessary
 if [[ ! -f "/config/keys/letsencrypt/fullchain.pem" ]]; then
     if [[ "${CERTPROVIDER}" = "zerossl" ]] && [[ -n "${EMAIL}" ]]; then
@@ -262,7 +312,7 @@ if [[ ! -f "/config/keys/letsencrypt/fullchain.pem" ]]; then
     certbot certonly --non-interactive --renew-by-default --server ${ACMESERVER} ${ZEROSSL_EAB} ${PREFCHAL} --rsa-key-size 4096 ${EMAILPARAM} --agree-tos ${URL_REAL}
     if [[ ! -d /config/keys/letsencrypt ]]; then
         if [[ "${VALIDATION}" = "dns" ]]; then
-            echo "ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/${FILENAME} file."
+            echo "ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the ${DNSCREDENTIALFILE} file."
         else
             echo "ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container"
         fi

root/etc/s6-overlay/s6-rc.d/init-certbot-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-certbot-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-certbot-config/run

root/etc/s6-overlay/s6-rc.d/init-crontabs-config/run

@@ -0,0 +1,30 @@
+#!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+
+# if root crontabs do not exist in config
+# copy root crontab from system
+if [[ ! -f /config/crontabs/root ]] && crontab -l -u root; then
+    crontab -l -u root >/config/crontabs/root
+fi
+
+# if root crontabs still do not exist in config (were not copied from system)
+# copy root crontab from included defaults
+if [[ ! -f /config/crontabs/root ]]; then
+    cp /etc/crontabs/root /config/crontabs/
+fi
+
+# if abc crontabs do not exist in config
+# copy abc crontab from system
+if [[ ! -f /config/crontabs/abc ]] && crontab -l -u abc; then
+    crontab -l -u abc >/config/crontabs/abc
+fi
+
+# if abc crontabs still do not exist in config (were not copied from system)
+# copy abc crontab from included defaults
+if [[ ! -f /config/crontabs/abc ]]; then
+    cp /etc/crontabs/abc /config/crontabs/
+fi
+
+# import user crontabs
+crontab -u root /config/crontabs/root
+crontab -u abc /config/crontabs/abc

root/etc/s6-overlay/s6-rc.d/init-crontabs-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-crontabs-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-crontabs-config/run

root/etc/s6-overlay/s6-rc.d/init-fail2ban-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-fail2ban-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-fail2ban-config/run

root/etc/s6-overlay/s6-rc.d/init-folders-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-folders-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-folders-config/run

root/etc/s6-overlay/s6-rc.d/init-nginx-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-nginx-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-nginx-config/run

root/etc/s6-overlay/s6-rc.d/init-outdated-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-outdated-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-outdated-config/run

root/etc/s6-overlay/s6-rc.d/init-permissions-config/run

@@ -2,7 +2,7 @@
 # shellcheck shell=bash
 
 # permissions
-chown -R abc:abc \
+lsiown -R abc:abc \
     /config
 chmod -R 0644 /etc/logrotate.d
 chmod -R +r /config/log

root/etc/s6-overlay/s6-rc.d/init-permissions-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-permissions-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-permissions-config/run

root/etc/s6-overlay/s6-rc.d/init-renew/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-renew/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-renew/run

root/etc/s6-overlay/s6-rc.d/init-require-url/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-require-url/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-require-url/run

root/etc/s6-overlay/s6-rc.d/init-samples-config/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-samples-config/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-samples-config/run

root/etc/s6-overlay/s6-rc.d/init-test-run/type

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-test-run/up

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-test-run/run

root/etc/s6-overlay/s6-rc.d/svc-fail2ban/type

@@ -0,0 +1 @@
+longrun