Compare commits

..

101 Commits

Author SHA1 Message Date
LinuxServer-CI
118a76530e Bot Updating Package Versions 2023-10-24 00:07:06 +00:00
LinuxServer-CI
0499547b96 Bot Updating Package Versions 2023-10-21 03:17:27 +00:00
LinuxServer-CI
9cf01a0085 Bot Updating Package Versions 2023-10-20 01:05:07 +00:00
LinuxServer-CI
2b5a2785d6 Bot Updating Package Versions 2023-10-14 03:18:59 +00:00
LinuxServer-CI
202db184b3 Bot Updating Package Versions 2023-10-10 16:23:56 +00:00
LinuxServer-CI
3ed39caf43 Bot Updating Package Versions 2023-10-07 03:22:54 +00:00
LinuxServer-CI
9353e4e8a5 Bot Updating Templated Files 2023-10-07 03:19:04 +00:00
LinuxServer-CI
39e3159f39 Bot Updating Templated Files 2023-10-07 03:16:45 +00:00
Roxedus
9ba44dccee Merge pull request #415 from linuxserver/2.7-fix 2023-10-04 01:33:49 +02:00
Roxedus
49f6fb2b6e Update detection 2023-10-04 00:33:00 +02:00
LinuxServer-CI
693c24173b Bot Updating Package Versions 2023-10-03 20:17:30 +00:00
LinuxServer-CI
8a90cf85d8 Bot Updating Package Versions 2023-10-01 16:32:35 +00:00
LinuxServer-CI
fd958fe6b3 Bot Updating Templated Files 2023-10-01 16:29:08 +00:00
Eric Nemchik
eb8f12b5de Merge pull request #412 from Platzii/directadmin-fix
Fix "unrecognized arguments" issue in DirectAdmin DNS plugin
2023-10-01 11:27:34 -05:00
Simon Lepla
dae223ca0f Fix "unrecognized arguments" issue in DirectAdmin DNS plugin 2023-10-01 12:07:41 +02:00
LinuxServer-CI
14226ce700 Bot Updating Package Versions 2023-09-30 03:22:11 +00:00
LinuxServer-CI
b64bb62303 Bot Updating Package Versions 2023-09-23 03:18:35 +00:00
LinuxServer-CI
f478a200e8 Bot Updating Package Versions 2023-09-19 19:17:39 +00:00
LinuxServer-CI
40200982d1 Bot Updating Package Versions 2023-09-19 19:12:05 +00:00
Adam
3476f8b6f6 Merge pull request #406 from linuxserver/namecheap 2023-09-19 20:08:26 +01:00
LinuxServer-CI
3e9dc80ed4 Bot Updating Package Versions 2023-09-16 03:17:06 +00:00
LinuxServer-CI
4486d528d1 Bot Updating Package Versions 2023-09-09 03:19:54 +00:00
LinuxServer-CI
e0032ecfd4 Bot Updating Package Versions 2023-09-02 03:16:49 +00:00
Eric Nemchik
b1c1262a2c Add Namecheap DNS plugin
Signed-off-by: GitHub <noreply@github.com>
2023-08-28 14:38:34 +00:00
LinuxServer-CI
3b49643c78 Bot Updating Package Versions 2023-08-26 03:18:54 +00:00
LinuxServer-CI
0f9d247ba4 Bot Updating Package Versions 2023-08-19 03:17:05 +00:00
LinuxServer-CI
cab0b86b65 Bot Updating Package Versions 2023-08-12 19:50:39 +00:00
Eric Nemchik
4d3875d37e Merge pull request #403 from linuxserver/freedns
Freedns
2023-08-12 14:45:40 -05:00
Eric Nemchik
badea52047 Add FreeDNS plugin
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2023-08-12 13:55:53 -05:00
Eric Nemchik
97baf76a10 Get available DNS Authenticator plugins from CLI
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2023-08-12 13:47:44 -05:00
LinuxServer-CI
6ed02e1e00 Bot Updating Package Versions 2023-08-12 03:18:10 +00:00
LinuxServer-CI
a6778ab7c7 Bot Updating Package Versions 2023-08-07 14:06:58 +00:00
LinuxServer-CI
95c791acfc Bot Updating Templated Files 2023-08-07 14:01:37 +00:00
Eric Nemchik
42ccafc064 Merge pull request #390 from ejach/certbot-dns-bunny
Added certbot-dns-bunny to allow Bunny dns verification
2023-08-07 09:00:03 -05:00
Eric Nemchik
6b7cdb26f1 Update readme-vars.yml 2023-08-07 08:46:20 -05:00
Evan J
e19a030eff Merge branch 'master' into certbot-dns-bunny 2023-08-07 09:08:36 -04:00
LinuxServer-CI
4d4cb0ca74 Bot Updating Package Versions 2023-08-05 03:18:48 +00:00
Evan J
9554582962 Merge branch 'master' into certbot-dns-bunny 2023-07-29 08:00:04 -04:00
LinuxServer-CI
42ebe4a584 Bot Updating Package Versions 2023-07-29 00:21:48 +00:00
Eric Nemchik
b9f5763ee5 Merge pull request #398 from linuxserver/fix-ini-value-remove
Fix removing ini values
2023-07-28 19:17:06 -05:00
Eric Nemchik
2b0bf5869c Fix removing ini values
- missing -i flag
- use word boundary instead of space

Signed-off-by: GitHub <noreply@github.com>
2023-07-28 18:59:20 +00:00
Evan J
b46830f214 Merge branch 'master' into certbot-dns-bunny 2023-07-28 13:13:29 -04:00
LinuxServer-CI
66a8694772 Bot Updating Package Versions 2023-07-28 11:52:17 +00:00
LinuxServer-CI
33568e1bd3 Bot Updating Templated Files 2023-07-28 11:48:32 +00:00
Eric Nemchik
0004cd1ce8 Merge pull request #376 from gilesp/master
Adds certbot-dns-dreamhost to allow dreamhost dns verification
2023-07-28 06:46:11 -05:00
Giles Paterson
8dbd50ac06 Updates changelog date 2023-07-28 10:40:14 +01:00
Eric Nemchik
cae42496e2 Merge branch 'master' into certbot-dns-bunny 2023-07-27 09:44:46 -05:00
Eric Nemchik
2f8c5b4487 Merge branch 'master' into master 2023-07-27 09:32:01 -05:00
LinuxServer-CI
9f75c7a713 Bot Updating Package Versions 2023-07-27 14:24:01 +00:00
Eric Nemchik
262c1013aa Merge pull request #339 from linuxserver/certbot-revamp-config-file
Use config file with certbot
2023-07-27 09:20:30 -05:00
Eric Nemchik
54e4cfa047 Merge branch 'master' into certbot-revamp-config-file 2023-07-27 08:05:58 -05:00
LinuxServer-CI
97ba6a7de9 Bot Updating Package Versions 2023-07-22 03:17:29 +00:00
LinuxServer-CI
f11a753445 Bot Updating Package Versions 2023-07-15 03:33:59 +00:00
Eric Nemchik
ee6153c817 Merge branch 'master' into certbot-revamp-config-file 2023-07-10 18:45:22 -05:00
LinuxServer-CI
93424877a9 Bot Updating Package Versions 2023-07-08 03:32:56 +00:00
Evan J
eaf8b3648b Merge branch 'master' into certbot-dns-bunny 2023-07-03 14:32:18 +00:00
LinuxServer-CI
b754cedda2 Bot Updating Templated Files 2023-07-01 15:08:48 +00:00
Eric Nemchik
0d05560652 Merge pull request #393 from linuxserver/typo
Update readme-vars.yml
2023-07-01 10:06:35 -05:00
Eric Nemchik
7f9b637353 Update readme-vars.yml
Fix typo
2023-07-01 09:52:38 -05:00
LinuxServer-CI
675d67bbd4 Bot Updating Package Versions 2023-07-01 03:37:47 +00:00
LinuxServer-CI
402d513115 Bot Updating Templated Files 2023-07-01 03:33:10 +00:00
Evan J
fac669ea43 Added certbot-dns-bunny 2023-06-25 20:31:19 +01:00
LinuxServer-CI
3aab75dc8b Bot Updating Package Versions 2023-06-24 03:32:04 +00:00
LinuxServer-CI
b2e8d8c8ab Bot Updating Package Versions 2023-06-17 03:18:40 +00:00
Giles Paterson
973abbefbb Merge branch 'linuxserver:master' into master 2023-06-16 10:09:14 +01:00
LinuxServer-CI
dede63fdcf Bot Updating Package Versions 2023-06-10 03:19:40 +00:00
LinuxServer-CI
bee6793d45 Bot Updating Package Versions 2023-06-09 14:21:26 +00:00
Eric Nemchik
29e9daa606 Merge pull request #381 from linuxserver/suppress-not-replacing
Suppress cp: not replacing
2023-06-09 09:17:40 -05:00
LinuxServer-CI
57c0d1f81e Bot Updating Package Versions 2023-06-07 12:44:02 +00:00
Eric Nemchik
416bef8a2e Merge pull request #383 from linuxserver/php-auth
Add auth comments for php location
2023-06-07 07:39:45 -05:00
Eric Nemchik
500d5606e4 Update default.conf.sample date 2023-06-05 13:41:08 -05:00
Eric Nemchik
500fd0c634 Add auth comments for php location 2023-06-05 13:37:01 -05:00
LinuxServer-CI
adf38bcd2b Bot Updating Package Versions 2023-06-03 03:17:12 +00:00
Eric Nemchik
5255b117f9 Suppress cp: not replacing
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2023-06-01 19:09:13 -05:00
Eric Nemchik
d7a8d6cc6a Merge branch 'master' into certbot-revamp-config-file 2023-05-31 11:33:45 -05:00
Giles Paterson
d67459e852 Merge branch 'linuxserver:master' into master 2023-05-31 12:10:41 +01:00
Giles Paterson
0ddb5be5f5 adds dreamhost dns plugin 2023-05-31 12:08:48 +01:00
LinuxServer-CI
60f6fafc53 Bot Updating Package Versions 2023-05-31 04:10:29 +00:00
Eric Nemchik
d5c530af49 Merge pull request #375 from linuxserver/fail2ban-plex-regex
Remove broken fail2ban plex regex
2023-05-30 23:06:49 -05:00
Eric Nemchik
be215d62aa Remove broken fail2ban plex regex
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2023-05-30 21:38:25 -05:00
LinuxServer-CI
db54dfaf71 Bot Updating Package Versions 2023-05-30 14:17:31 +00:00
Eric Nemchik
0d70436ddb Merge pull request #372 from linuxserver/3.18
Rebase to Alpine 3.18, deprecate armhf
2023-05-30 09:12:36 -05:00
Eric Nemchik
49d848b639 Remove mailparse
Does not exist for php82 in alpine 3.18

Signed-off-by: Eric Nemchik <eric@nemchik.com>
2023-05-29 18:16:41 -05:00
Eric Nemchik
2df15e7b96 Merge remote-tracking branch 'origin/master' into 3.18
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2023-05-29 17:14:36 -05:00
Eric Nemchik
7a6c539527 Rebase to Alpine 3.18, deprecate armhf 2023-05-27 16:57:54 -05:00
LinuxServer-CI
230ad93b35 Bot Updating Package Versions 2023-05-27 03:20:24 +00:00
LinuxServer-CI
cc3e0b590e Bot Updating Templated Files 2023-05-27 03:16:34 +00:00
LinuxServer-CI
f9a5348035 Bot Updating Package Versions 2023-05-20 03:17:47 +00:00
LinuxServer-CI
ba685e7fd0 Bot Updating Package Versions 2023-05-18 14:13:47 +00:00
Eric Nemchik
9d695718f0 Merge branch 'master' into certbot-revamp-config-file 2023-05-11 13:45:38 -05:00
Eric Nemchik
908571dea8 Merge branch 'master' into certbot-revamp-config-file 2023-05-07 09:17:28 -05:00
Eric Nemchik
d7e2455e7a Merge remote-tracking branch 'origin/master' into certbot-revamp-config-file 2023-04-23 08:02:46 -05:00
Eric Nemchik
ebd233860e Merge remote-tracking branch 'origin/master' into certbot-revamp-config-file 2023-03-10 15:10:35 +00:00
Eric Nemchik
5fb909d7dc Use existing EAB values for revoke
Attempt to revoke by name if cert path does not exist
2023-02-18 21:20:45 -06:00
Eric Nemchik
fd6d8764a2 Fix spelling 2023-02-18 19:40:43 -06:00
Eric Nemchik
ab7c85e4de Don't match whole line in cli.ini search for agree-tos 2023-02-18 19:35:33 -06:00
Eric Nemchik
d60847483d ensure config files exist and has at least one value set
set_ini_value does not work on empty files
2023-02-18 19:08:28 -06:00
Eric Nemchik
53bb2e284f Add descriptive comments to set_ini_value 2023-02-18 18:42:59 -06:00
Eric Nemchik
43e50ffb03 Rewrite domain handling
Use jq instead of python for ZeroSSL vars
2023-02-18 18:28:03 -06:00
Eric Nemchik
18019fb216 Adjust REV_ACMESERVER handling 2023-02-18 17:26:34 -06:00
Eric Nemchik
d57dffef82 Use config file with certbot 2023-02-18 10:05:06 -06:00
17 changed files with 756 additions and 877 deletions

View File

@@ -53,7 +53,6 @@ body:
options:
- x86-64
- arm64
- armhf
validations:
required: true
- type: textarea

View File

@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.17
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.18
# set version label
ARG BUILD_DATE
@@ -24,7 +24,7 @@ RUN \
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
apk add --no-cache \
fail2ban \
gnupg \
memcached \
@@ -45,59 +45,53 @@ RUN \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php81-bcmath \
php81-bz2 \
php81-ctype \
php81-curl \
php81-dom \
php81-exif \
php81-ftp \
php81-gd \
php81-gmp \
php81-iconv \
php81-imap \
php81-intl \
php81-ldap \
php81-mysqli \
php81-mysqlnd \
php81-opcache \
php81-pdo_mysql \
php81-pdo_odbc \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-pear \
php81-pecl-apcu \
php81-pecl-mailparse \
php81-pecl-memcached \
php81-pecl-redis \
php81-pgsql \
php81-phar \
php81-posix \
php81-soap \
php81-sockets \
php81-sodium \
php81-sqlite3 \
php81-tokenizer \
php81-xmlreader \
php81-xsl \
php81-zip \
php82-bcmath \
php82-bz2 \
php82-dom \
php82-exif \
php82-ftp \
php82-gd \
php82-gmp \
php82-imap \
php82-intl \
php82-ldap \
php82-mysqli \
php82-mysqlnd \
php82-opcache \
php82-pdo_mysql \
php82-pdo_odbc \
php82-pdo_pgsql \
php82-pdo_sqlite \
php82-pear \
php82-pecl-apcu \
php82-pecl-memcached \
php82-pecl-redis \
php82-pgsql \
php82-posix \
php82-soap \
php82-sockets \
php82-sodium \
php82-sqlite3 \
php82-tokenizer \
php82-xmlreader \
php82-xsl \
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php81-pecl-mcrypt \
php81-pecl-xmlrpc && \
php82-pecl-mcrypt && \
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
fi && \
python3 -m ensurepip && \
pip3 install -U --no-cache-dir \
python3 -m venv /lsiopy && \
pip install -U --no-cache-dir \
pip \
wheel && \
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
certbot-dns-aliyun \
certbot-dns-azure \
certbot-dns-bunny \
certbot-dns-cloudflare \
certbot-dns-cpanel \
certbot-dns-desec \
@@ -108,8 +102,10 @@ RUN \
certbot-dns-dnspod \
certbot-dns-do \
certbot-dns-domeneshop \
certbot-dns-dreamhost \
certbot-dns-duckdns \
certbot-dns-dynu \
certbot-dns-freedns \
certbot-dns-gehirn \
certbot-dns-godaddy \
certbot-dns-google \
@@ -122,6 +118,7 @@ RUN \
certbot-dns-linode \
certbot-dns-loopia \
certbot-dns-luadns \
certbot-dns-namecheap \
certbot-dns-netcup \
certbot-dns-njalla \
certbot-dns-nsone \

View File

@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.17
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.18
# set version label
ARG BUILD_DATE
@@ -24,7 +24,7 @@ RUN \
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
apk add --no-cache \
fail2ban \
gnupg \
memcached \
@@ -45,59 +45,53 @@ RUN \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php81-bcmath \
php81-bz2 \
php81-ctype \
php81-curl \
php81-dom \
php81-exif \
php81-ftp \
php81-gd \
php81-gmp \
php81-iconv \
php81-imap \
php81-intl \
php81-ldap \
php81-mysqli \
php81-mysqlnd \
php81-opcache \
php81-pdo_mysql \
php81-pdo_odbc \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-pear \
php81-pecl-apcu \
php81-pecl-mailparse \
php81-pecl-memcached \
php81-pecl-redis \
php81-pgsql \
php81-phar \
php81-posix \
php81-soap \
php81-sockets \
php81-sodium \
php81-sqlite3 \
php81-tokenizer \
php81-xmlreader \
php81-xsl \
php81-zip \
php82-bcmath \
php82-bz2 \
php82-dom \
php82-exif \
php82-ftp \
php82-gd \
php82-gmp \
php82-imap \
php82-intl \
php82-ldap \
php82-mysqli \
php82-mysqlnd \
php82-opcache \
php82-pdo_mysql \
php82-pdo_odbc \
php82-pdo_pgsql \
php82-pdo_sqlite \
php82-pear \
php82-pecl-apcu \
php82-pecl-memcached \
php82-pecl-redis \
php82-pgsql \
php82-posix \
php82-soap \
php82-sockets \
php82-sodium \
php82-sqlite3 \
php82-tokenizer \
php82-xmlreader \
php82-xsl \
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php81-pecl-mcrypt \
php81-pecl-xmlrpc && \
php82-pecl-mcrypt && \
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
fi && \
python3 -m ensurepip && \
pip3 install -U --no-cache-dir \
python3 -m venv /lsiopy && \
pip install -U --no-cache-dir \
pip \
wheel && \
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
certbot-dns-aliyun \
certbot-dns-azure \
certbot-dns-bunny \
certbot-dns-cloudflare \
certbot-dns-cpanel \
certbot-dns-desec \
@@ -108,8 +102,10 @@ RUN \
certbot-dns-dnspod \
certbot-dns-do \
certbot-dns-domeneshop \
certbot-dns-dreamhost \
certbot-dns-duckdns \
certbot-dns-dynu \
certbot-dns-freedns \
certbot-dns-gehirn \
certbot-dns-godaddy \
certbot-dns-google \
@@ -122,6 +118,7 @@ RUN \
certbot-dns-linode \
certbot-dns-loopia \
certbot-dns-luadns \
certbot-dns-namecheap \
certbot-dns-netcup \
certbot-dns-njalla \
certbot-dns-nsone \

View File

@@ -1,186 +0,0 @@
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.17
# set version label
ARG BUILD_DATE
ARG VERSION
ARG CERTBOT_VERSION
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="nemchik"
# environment settings
ENV DHLEVEL=2048 ONLY_SUBDOMAINS=false AWS_CONFIG_FILE=/config/dns-conf/route53.ini
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies \
build-base \
cargo \
libffi-dev \
libxml2-dev \
libxslt-dev \
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
fail2ban \
gnupg \
memcached \
nginx-mod-http-brotli \
nginx-mod-http-dav-ext \
nginx-mod-http-echo \
nginx-mod-http-fancyindex \
nginx-mod-http-geoip2 \
nginx-mod-http-headers-more \
nginx-mod-http-image-filter \
nginx-mod-http-perl \
nginx-mod-http-redis2 \
nginx-mod-http-set-misc \
nginx-mod-http-upload-progress \
nginx-mod-http-xslt-filter \
nginx-mod-mail \
nginx-mod-rtmp \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php81-bcmath \
php81-bz2 \
php81-ctype \
php81-curl \
php81-dom \
php81-exif \
php81-ftp \
php81-gd \
php81-gmp \
php81-iconv \
php81-imap \
php81-intl \
php81-ldap \
php81-mysqli \
php81-mysqlnd \
php81-opcache \
php81-pdo_mysql \
php81-pdo_odbc \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-pear \
php81-pecl-apcu \
php81-pecl-mailparse \
php81-pecl-memcached \
php81-pecl-redis \
php81-pgsql \
php81-phar \
php81-posix \
php81-soap \
php81-sockets \
php81-sodium \
php81-sqlite3 \
php81-tokenizer \
php81-xmlreader \
php81-xsl \
php81-zip \
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php81-pecl-mcrypt \
php81-pecl-xmlrpc && \
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
fi && \
python3 -m ensurepip && \
pip3 install -U --no-cache-dir \
pip \
wheel && \
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
certbot-dns-aliyun \
certbot-dns-azure \
certbot-dns-cloudflare \
certbot-dns-cpanel \
certbot-dns-desec \
certbot-dns-digitalocean \
certbot-dns-directadmin \
certbot-dns-dnsimple \
certbot-dns-dnsmadeeasy \
certbot-dns-dnspod \
certbot-dns-do \
certbot-dns-domeneshop \
certbot-dns-duckdns \
certbot-dns-dynu \
certbot-dns-gehirn \
certbot-dns-godaddy \
certbot-dns-google \
certbot-dns-google-domains \
certbot-dns-he \
certbot-dns-hetzner \
certbot-dns-infomaniak \
certbot-dns-inwx \
certbot-dns-ionos \
certbot-dns-linode \
certbot-dns-loopia \
certbot-dns-luadns \
certbot-dns-netcup \
certbot-dns-njalla \
certbot-dns-nsone \
certbot-dns-ovh \
certbot-dns-porkbun \
certbot-dns-rfc2136 \
certbot-dns-route53 \
certbot-dns-sakuracloud \
certbot-dns-standalone \
certbot-dns-transip \
certbot-dns-vultr \
certbot-plugin-gandi \
cryptography \
future \
requests && \
echo "**** enable OCSP stapling from base ****" && \
sed -i \
's|#ssl_stapling on;|ssl_stapling on;|' \
/defaults/nginx/ssl.conf.sample && \
sed -i \
's|#ssl_stapling_verify on;|ssl_stapling_verify on;|' \
/defaults/nginx/ssl.conf.sample && \
sed -i \
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
/defaults/nginx/ssl.conf.sample && \
echo "**** correct ip6tables legacy issue ****" && \
rm \
/sbin/ip6tables && \
ln -s \
/sbin/ip6tables-nft /sbin/ip6tables && \
echo "**** remove unnecessary fail2ban filters ****" && \
rm \
/etc/fail2ban/jail.d/alpine-ssh.conf && \
echo "**** copy fail2ban default action and filter to /defaults ****" && \
mkdir -p /defaults/fail2ban && \
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
echo "**** define allowipv6 to silence warning ****" && \
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
echo "**** copy proxy confs to /defaults ****" && \
mkdir -p \
/defaults/nginx/proxy-confs && \
curl -o \
/tmp/proxy-confs.tar.gz -L \
"https://github.com/linuxserver/reverse-proxy-confs/tarball/master" && \
tar xf \
/tmp/proxy-confs.tar.gz -C \
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
echo "**** cleanup ****" && \
apk del --purge \
build-dependencies && \
rm -rf \
/tmp/* \
$HOME/.cache \
$HOME/.cargo
# copy local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

265
Jenkinsfile vendored
View File

@@ -16,7 +16,6 @@ pipeline {
GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab')
GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0')
GITLAB_NAMESPACE=credentials('gitlab-namespace-id')
SCARF_TOKEN=credentials('scarf_api_key')
EXT_PIP = 'certbot'
BUILD_VERSION_ARG = 'CERTBOT_VERSION'
LS_USER = 'linuxserver'
@@ -40,7 +39,12 @@ pipeline {
// Setup all the basic environment variables needed for the build
stage("Set ENV Variables base"){
steps{
sh '''docker pull quay.io/skopeo/stable:v1 || : '''
sh '''#! /bin/bash
containers=$(docker ps -aq)
if [[ -n "${containers}" ]]; then
docker stop ${containers}
fi
docker system prune -af --volumes || : '''
script{
env.EXIT_STATUS = ''
env.LS_RELEASE = sh(
@@ -158,7 +162,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
}
@@ -181,7 +185,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
}
@@ -204,12 +208,12 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
}
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
@@ -275,7 +279,7 @@ pipeline {
echo "Jenkinsfile is up to date."
fi
# Stage 2 - Delete old templates
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml"
OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml Dockerfile.armhf"
for i in ${OLD_TEMPLATES}; do
if [[ -f "${i}" ]]; then
TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}"
@@ -311,24 +315,25 @@ pipeline {
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows
mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE
cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || :
cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || :
cd ${TEMPDIR}/repo/${LS_REPO}/
if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then
echo ".jenkins-external" >> .gitignore
git add .gitignore
fi
git add ${TEMPLATED_FILES}
git add readme-vars.yml ${TEMPLATED_FILES}
git commit -m 'Bot Updating Templated Files'
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git --all
echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
else
echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER}
fi
mkdir -p ${TEMPDIR}/gitbook
git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/gitbook/docker-documentation
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/gitbook/docker-documentation/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/gitbook/docker-documentation/images/
cd ${TEMPDIR}/gitbook/docker-documentation/
git add images/docker-${CONTAINER_NAME}.md
mkdir -p ${TEMPDIR}/docs
git clone https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/
cd ${TEMPDIR}/docs/docker-documentation
git add docs/images/docker-${CONTAINER_NAME}.md
git commit -m 'Bot Updating Documentation'
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all
fi
@@ -337,6 +342,8 @@ pipeline {
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
fi
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
cd ${TEMPDIR}/unraid/templates/
@@ -417,36 +424,6 @@ pipeline {
"visibility":"public"}' '''
}
}
/* #######################
Scarf.sh package registry
####################### */
// Add package to Scarf.sh and set permissions
stage("Scarf.sh package registry"){
when {
branch "master"
environment name: 'EXIT_STATUS', value: ''
}
steps{
sh '''#! /bin/bash
set -e
PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/swag") | .uuid')
if [ -z "${PACKAGE_UUID}" ]; then
echo "Adding package to Scarf.sh"
curl -sX POST https://scarf.sh/api/v1/organizations/linuxserver-ci/packages \
-H "Authorization: Bearer ${SCARF_TOKEN}" \
-H "Content-Type: application/json" \
-d '{"name":"linuxserver/swag",\
"shortDescription":"example description",\
"libraryType":"docker",\
"website":"https://github.com/linuxserver/docker-swag",\
"backendUrl":"https://ghcr.io/linuxserver/swag",\
"publicUrl":"https://lscr.io/linuxserver/swag"}' || :
else
echo "Package already exists on Scarf.sh"
fi
'''
}
}
/* ###############
Build Container
############### */
@@ -509,41 +486,6 @@ pipeline {
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
}
}
stage('Build ARMHF') {
agent {
label 'ARMHF'
}
steps {
echo "Running on node: ${NODE_NAME}"
echo 'Logging into Github'
sh '''#! /bin/bash
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
'''
sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf"
sh "docker buildx build \
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
--label \"org.opencontainers.image.authors=linuxserver.io\" \
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-swag\" \
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-swag\" \
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
--label \"org.opencontainers.image.title=Swag\" \
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
--no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
retry(5) {
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
}
sh '''docker rmi \
${IMAGE}:arm32v7-${META_TAG} \
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
}
}
stage('Build ARM64') {
agent {
label 'ARM64'
@@ -574,9 +516,12 @@ pipeline {
retry(5) {
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
}
sh '''docker rmi \
${IMAGE}:arm64v8-${META_TAG} \
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
sh '''#! /bin/bash
containers=$(docker ps -aq)
if [[ -n "${containers}" ]]; then
docker stop ${containers}
fi
docker system prune -af --volumes || : '''
}
}
}
@@ -637,13 +582,6 @@ pipeline {
environment name: 'EXIT_STATUS', value: ''
}
steps {
sh '''#! /bin/bash
echo "Packages were updated. Cleaning up the image and exiting."
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
docker rmi ${IMAGE}:amd64-${META_TAG}
else
docker rmi ${IMAGE}:${META_TAG}
fi'''
script{
env.EXIT_STATUS = 'ABORTED'
}
@@ -661,13 +599,6 @@ pipeline {
}
}
steps {
sh '''#! /bin/bash
echo "There are no package updates. Cleaning up the image and exiting."
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
docker rmi ${IMAGE}:amd64-${META_TAG}
else
docker rmi ${IMAGE}:${META_TAG}
fi'''
script{
env.EXIT_STATUS = 'ABORTED'
}
@@ -695,9 +626,7 @@ pipeline {
set -e
docker pull ghcr.io/linuxserver/ci:latest
if [ "${MULTIARCH}" == "true" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
docker run --rm \
@@ -768,17 +697,6 @@ pipeline {
done
'''
}
sh '''#! /bin/bash
for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
docker rmi \
${DELETEIMAGE}:${META_TAG} \
${DELETEIMAGE}:${EXT_RELEASE_TAG} \
${DELETEIMAGE}:latest || :
if [ -n "${SEMVER}" ]; then
docker rmi ${DELETEIMAGE}:${SEMVER} || :
fi
done
'''
}
}
}
@@ -811,8 +729,6 @@ pipeline {
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
if [ "${CI}" == "false" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
@@ -820,49 +736,47 @@ pipeline {
docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
fi
docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:amd64-latest
docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG}
docker push ${MANIFESTIMAGE}:arm32v7-latest
docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-latest
docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER}
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
fi
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
if [ -n "${SEMVER}" ]; then
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
fi
token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
digest=$(curl -s \
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Authorization: Bearer ${token}" \
"https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-latest")
if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest || :
docker manifest create ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:amd64-latest
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest
fi
docker manifest push --purge ${MANIFESTIMAGE}:latest
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG}
@@ -872,29 +786,6 @@ pipeline {
done
'''
}
sh '''#! /bin/bash
for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
docker rmi \
${DELETEIMAGE}:amd64-${META_TAG} \
${DELETEIMAGE}:amd64-latest \
${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \
${DELETEIMAGE}:arm32v7-${META_TAG} \
${DELETEIMAGE}:arm32v7-latest \
${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \
${DELETEIMAGE}:arm64v8-${META_TAG} \
${DELETEIMAGE}:arm64v8-latest \
${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || :
if [ -n "${SEMVER}" ]; then
docker rmi \
${DELETEIMAGE}:amd64-${SEMVER} \
${DELETEIMAGE}:arm32v7-${SEMVER} \
${DELETEIMAGE}:arm64v8-${SEMVER} || :
fi
done
docker rmi \
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :
'''
}
}
}
@@ -928,6 +819,41 @@ pipeline {
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
}
}
// Add protection to the release branch
stage('Github-Release-Branch-Protection') {
when {
branch "master"
environment name: 'CHANGE_ID', value: ''
environment name: 'EXIT_STATUS', value: ''
}
steps {
echo "Setting up protection for release branch master"
sh '''#! /bin/bash
curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/master/protection \
-d $(jq -c . << EOF
{
"required_status_checks": null,
"enforce_admins": false,
"required_pull_request_reviews": {
"dismiss_stale_reviews": false,
"require_code_owner_reviews": false,
"require_last_push_approval": false,
"required_approving_review_count": 1
},
"restrictions": null,
"required_linear_history": false,
"allow_force_pushes": false,
"allow_deletions": false,
"block_creations": false,
"required_conversation_resolution": true,
"lock_branch": false,
"allow_fork_syncing": false,
"required_signatures": false
}
EOF
) '''
}
}
// Use helper container to sync the current README on master to the dockerhub endpoint
stage('Sync-README') {
when {
@@ -965,7 +891,6 @@ pipeline {
stage('Pull Request Comment') {
when {
not {environment name: 'CHANGE_ID', value: ''}
environment name: 'CI', value: 'true'
environment name: 'EXIT_STATUS', value: ''
}
steps {
@@ -1019,16 +944,24 @@ pipeline {
echo "$escaped_table"
}
# Retrieve JSON data from URL
data=$(get_json "$CI_JSON_URL")
# Create table from JSON data
table=$(build_table "$data")
echo -e "$table"
if [[ "${CI}" = "true" ]]; then
# Retrieve JSON data from URL
data=$(get_json "$CI_JSON_URL")
# Create table from JSON data
table=$(build_table "$data")
echo -e "$table"
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
-d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}"'''
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
-d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}"
else
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
-d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}"
fi
'''
}
}
@@ -1055,6 +988,14 @@ pipeline {
}
}
cleanup {
sh '''#! /bin/bash
echo "Performing docker system prune!!"
containers=$(docker ps -aq)
if [[ -n "${containers}" ]]; then
docker stop ${containers}
fi
docker system prune -af --volumes || :
'''
cleanWs()
}
}

147
README.md
View File

@@ -1,6 +1,5 @@
<!-- DO NOT EDIT THIS FILE MANUALLY -->
<!-- Please read the https://github.com/linuxserver/docker-swag/blob/master/.github/CONTRIBUTING.md -->
<!-- DO NOT EDIT THIS FILE MANUALLY -->
<!-- Please read https://github.com/linuxserver/docker-swag/blob/master/.github/CONTRIBUTING.md -->
[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io)
[![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!")
@@ -56,7 +55,7 @@ The architectures supported by this image are:
| :----: | :----: | ---- |
| x86-64 | ✅ | amd64-\<version tag\> |
| arm64 | ✅ | arm64v8-\<version tag\> |
| armhf | | arm32v7-\<version tag\> |
| armhf | | |
## Application Setup
@@ -68,7 +67,7 @@ The architectures supported by this image are:
* For `dns` validation, make sure to enter your credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`
* Cloudflare provides free accounts for managing dns and is very easy to use with this image. Make sure that it is set up for "dns only" instead of "dns + proxy"
* Google dns plugin is meant to be used with "Google Cloud DNS", a paid enterprise product, and not for "Google Domains DNS"
* DuckDNS only supoprts two types of DNS validated certificates (not both at the same time):
* DuckDNS only supports two types of DNS validated certificates (not both at the same time):
1. Certs that only cover your main subdomain (ie. `yoursubdomain.duckdns.org`, leave the `SUBDOMAINS` variable empty)
2. Certs that cover sub-subdomains of your main subdomain (ie. `*.yoursubdomain.duckdns.org`, set the `SUBDOMAINS` variable to `wildcard`)
* `--cap-add=NET_ADMIN` is required for fail2ban to modify iptables
@@ -138,7 +137,7 @@ Please follow the instructions [on this blog post](https://www.linuxserver.io/bl
## Usage
Here are some example snippets to help you get started creating a container.
To help you get started creating a container from this image you can either use docker-compose or the docker cli.
### docker-compose (recommended, [click here for more info](https://docs.linuxserver.io/general/docker-compose))
@@ -197,12 +196,11 @@ docker run -d \
-v /path/to/appdata/config:/config \
--restart unless-stopped \
lscr.io/linuxserver/swag:latest
```
## Parameters
Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
| Parameter | Function |
| :----: | --- |
@@ -215,7 +213,7 @@ Container images are configured using parameters passed at runtime (such as thos
| `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
| `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
| `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
| `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
| `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
| `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
@@ -234,10 +232,10 @@ You can set any environment variable from a file by using a special prepend `FIL
As an example:
```bash
-e FILE__PASSWORD=/run/secrets/mysecretpassword
-e FILE__MYVAR=/run/secrets/mysecretvariable
```
Will set the environment variable `PASSWORD` based on the contents of the `/run/secrets/mysecretpassword` file.
Will set the environment variable `MYVAR` based on the contents of the `/run/secrets/mysecretvariable` file.
## Umask for running applications
@@ -246,15 +244,20 @@ Keep in mind umask is not chmod it subtracts from permissions based on it's valu
## User / Group Identifiers
When using volumes (`-v` flags) permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
When using volumes (`-v` flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic.
In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below:
In this instance `PUID=1000` and `PGID=1000`, to find yours use `id your_user` as below:
```bash
$ id username
uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup)
id your_user
```
Example output:
```text
uid=1000(your_user) gid=1000(your_user) groups=1000(your_user)
```
## Docker Mods
@@ -265,12 +268,29 @@ We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to
## Support Info
* Shell access whilst the container is running: `docker exec -it swag /bin/bash`
* To monitor the logs of the container in realtime: `docker logs -f swag`
* container version number
* `docker inspect -f '{{ index .Config.Labels "build_version" }}' swag`
* image version number
* `docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/swag:latest`
* Shell access whilst the container is running:
```bash
docker exec -it swag /bin/bash
```
* To monitor the logs of the container in realtime:
```bash
docker logs -f swag
```
* Container version number:
```bash
docker inspect -f '{{ index .Config.Labels "build_version" }}' swag
```
* Image version number:
```bash
docker inspect -f '{{ index .Config.Labels "build_version" }}' lscr.io/linuxserver/swag:latest
```
## Updating Info
@@ -280,38 +300,83 @@ Below are the instructions for updating containers:
### Via Docker Compose
* Update all images: `docker-compose pull`
* or update a single image: `docker-compose pull swag`
* Let compose update all containers as necessary: `docker-compose up -d`
* or update a single container: `docker-compose up -d swag`
* You can also remove the old dangling images: `docker image prune`
* Update images:
* All images:
```bash
docker-compose pull
```
* Single image:
```bash
docker-compose pull swag
```
* Update containers:
* All containers:
```bash
docker-compose up -d
```
* Single container:
```bash
docker-compose up -d swag
```
* You can also remove the old dangling images:
```bash
docker image prune
```
### Via Docker Run
* Update the image: `docker pull lscr.io/linuxserver/swag:latest`
* Stop the running container: `docker stop swag`
* Delete the container: `docker rm swag`
* Update the image:
```bash
docker pull lscr.io/linuxserver/swag:latest
```
* Stop the running container:
```bash
docker stop swag
```
* Delete the container:
```bash
docker rm swag
```
* Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your `/config` folder and settings will be preserved)
* You can also remove the old dangling images: `docker image prune`
* You can also remove the old dangling images:
```bash
docker image prune
```
### Via Watchtower auto-updater (only use if you don't remember the original parameters)
* Pull the latest image at its tag and replace it with the same env variables in one run:
```bash
docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower \
--run-once swag
```
```bash
docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower \
--run-once swag
```
* You can also remove the old dangling images: `docker image prune`
**Note:** We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose).
**warning**: We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose).
### Image Update Notifications - Diun (Docker Image Update Notifier)
* We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
**tip**: We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
## Building locally
@@ -336,6 +401,12 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **01.10.23:** - Fix "unrecognized arguments" issue in DirectAdmin DNS plugin.
* **28.08.23:** - Add Namecheap DNS plugin.
* **12.08.23:** - Add FreeDNS plugin. Detect certbot DNS authenticators using CLI.
* **07.08.23:** - Add Bunny DNS Configuration.
* **27.07.23:** - Added support for dreamhost validation.
* **25.05.23:** - Rebase to Alpine 3.18, deprecate armhf.
* **27.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf, authentik-location.conf, authentik-server.conf - Simplify auth configs and fix Set-Cookie header bug.
* **13.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik.
* **25.03.23:** - Fix renewal post hook.

View File

@@ -6,6 +6,7 @@ external_type: pip_version
release_type: stable
release_tag: latest
ls_branch: master
build_armhf: false
repo_vars:
- EXT_PIP = 'certbot'
- BUILD_VERSION_ARG = 'CERTBOT_VERSION'

View File

@@ -1,339 +1,340 @@
NAME VERSION TYPE
ConfigArgParse 1.5.3 python
PyJWT 2.7.0 python
PyYAML 6.0 python
acme 2.6.0 python
alpine-baselayout 3.4.0-r0 apk
alpine-baselayout-data 3.4.0-r0 apk
alpine-keys 2.4-r1 apk
alpine-release 3.17.3-r0 apk
aom-libs 3.5.0-r0 apk
apache2-utils 2.4.57-r0 apk
apk-tools 2.12.10-r1 apk
apr 1.7.2-r0 apk
apr-util 1.6.3-r0 apk
argon2-libs 20190702-r2 apk
attrs 23.1.0 python
azure-common 1.1.28 python
azure-core 1.26.4 python
azure-identity 1.13.0 python
azure-mgmt-core 1.4.0 python
azure-mgmt-dns 8.0.0 python
bash 5.2.15-r0 apk
beautifulsoup4 4.12.2 python
boto3 1.26.135 python
botocore 1.29.135 python
brotli-libs 1.0.9-r9 apk
bs4 0.0.1 python
busybox 1.35.0 binary
busybox 1.35.0-r29 apk
busybox-binsh 1.35.0-r29 apk
c-client 2007f-r14 apk
ca-certificates 20230506-r0 apk
ca-certificates-bundle 20230506-r0 apk
cachetools 5.3.0 python
certbot 2.6.0 python
certbot-dns-acmedns 0.1.0 python
certbot-dns-aliyun 2.0.0 python
certbot-dns-azure 2.1.0 python
certbot-dns-cloudflare 2.6.0 python
certbot-dns-cpanel 0.4.0 python
certbot-dns-desec 1.2.1 python
certbot-dns-digitalocean 2.6.0 python
certbot-dns-directadmin 1.0.3 python
certbot-dns-dnsimple 2.6.0 python
certbot-dns-dnsmadeeasy 2.6.0 python
certbot-dns-dnspod 0.1.0 python
certbot-dns-do 0.31.0 python
certbot-dns-domeneshop 0.2.9 python
certbot-dns-duckdns 1.3 python
certbot-dns-dynu 0.0.4 python
certbot-dns-gehirn 2.6.0 python
certbot-dns-godaddy 0.2.2 python
certbot-dns-google 2.6.0 python
certbot-dns-google-domains 0.1.11 python
certbot-dns-he 1.0.0 python
certbot-dns-hetzner 2.0.0 python
certbot-dns-infomaniak 0.2.1 python
certbot-dns-inwx 2.2.0 python
certbot-dns-ionos 2022.11.24 python
certbot-dns-linode 2.6.0 python
certbot-dns-loopia 1.0.1 python
certbot-dns-luadns 2.6.0 python
certbot-dns-netcup 1.3.0 python
certbot-dns-njalla 1.0.0 python
certbot-dns-nsone 2.6.0 python
certbot-dns-ovh 2.6.0 python
certbot-dns-porkbun 0.8 python
certbot-dns-rfc2136 2.6.0 python
certbot-dns-route53 2.6.0 python
certbot-dns-sakuracloud 2.6.0 python
certbot-dns-standalone 1.1 python
certbot-dns-transip 0.5.2 python
certbot-dns-vultr 1.0.3 python
certbot-plugin-gandi 1.4.3 python
certifi 2023.5.7 python
cffi 1.15.1 python
charset-normalizer 3.1.0 python
cloudflare 2.11.1 python
configobj 5.0.8 python
coreutils 9.1-r0 apk
cryptography 40.0.2 python
curl 8.0.1-r0 apk
dataclasses-json 0.5.7 python
distro 1.8.0 python
dns-lexicon 3.11.7 python
dnslib 0.9.23 python
dnspython 2.3.0 python
domeneshop 0.4.3 python
fail2ban 1.0.2 python
fail2ban 1.0.2-r0 apk
filelock 3.12.0 python
fontconfig 2.14.1-r0 apk
freetype 2.12.1-r0 apk
future 0.18.3 python
gdbm 1.23-r0 apk
git 2.38.5-r0 apk
git-perl 2.38.5-r0 apk
gmp 6.2.1-r2 apk
gnupg 2.2.40-r0 apk
gnupg-dirmngr 2.2.40-r0 apk
gnupg-gpgconf 2.2.40-r0 apk
gnupg-utils 2.2.40-r0 apk
gnupg-wks-client 2.2.40-r0 apk
gnutls 3.7.8-r3 apk
google-api-core 2.11.0 python
google-api-python-client 2.86.0 python
google-auth 2.18.0 python
google-auth-httplib2 0.1.0 python
googleapis-common-protos 1.59.0 python
gpg 2.2.40-r0 apk
gpg-agent 2.2.40-r0 apk
gpg-wks-server 2.2.40-r0 apk
gpgsm 2.2.40-r0 apk
gpgv 2.2.40-r0 apk
httplib2 0.22.0 python
icu-data-en 72.1-r1 apk
icu-libs 72.1-r1 apk
idna 3.4 python
importlib-metadata 6.6.0 python
ip6tables 1.8.8-r2 apk
iptables 1.8.8-r2 apk
isodate 0.6.1 python
jmespath 1.0.1 python
josepy 1.13.0 python
jq 1.6-r2 apk
jsonlines 3.1.0 python
jsonpickle 3.0.1 python
libacl 2.3.1-r1 apk
libassuan 2.5.5-r1 apk
libattr 2.5.1-r2 apk
libavif 0.11.1-r0 apk
libbsd 0.11.7-r0 apk
libbz2 1.0.8-r4 apk
libc-utils 0.7.2-r3 apk
libcrypto3 3.0.8-r4 apk
libcurl 8.1.0-r0 apk
libdav1d 1.0.0-r2 apk
libedit 20221030.3.1-r0 apk
libevent 2.1.12-r5 apk
libexpat 2.5.0-r0 apk
libffi 3.4.4-r0 apk
libgcc 12.2.1_git20220924-r4 apk
libgcrypt 1.10.1-r0 apk
libgd 2.3.3-r3 apk
libgpg-error 1.46-r1 apk
libice 1.0.10-r1 apk
libidn 1.41-r0 apk
libintl 0.21.1-r1 apk
libjpeg-turbo 2.1.4-r0 apk
libksba 1.6.3-r0 apk
libldap 2.6.3-r6 apk
libmaxminddb-libs 1.7.1-r0 apk
libmcrypt 2.5.8-r10 apk
libmd 1.0.4-r0 apk
libmemcached-libs 1.0.18-r5 apk
libmnl 1.0.5-r0 apk
libnftnl 1.2.4-r0 apk
libpng 1.6.38-r0 apk
libpq 15.3-r0 apk
libproc 3.3.17-r2 apk
libsasl 2.1.28-r3 apk
libseccomp 2.5.4-r0 apk
libsm 1.2.3-r1 apk
libsodium 1.0.18-r2 apk
libssl3 3.0.8-r4 apk
libstdc++ 12.2.1_git20220924-r4 apk
libtasn1 4.19.0-r0 apk
libunistring 1.1-r0 apk
libuuid 2.38.1-r1 apk
libwebp 1.2.4-r1 apk
libx11 1.8.4-r0 apk
libxau 1.0.10-r0 apk
libxcb 1.15-r0 apk
libxdmcp 1.1.4-r0 apk
libxext 1.3.5-r0 apk
libxml2 2.10.4-r0 apk
libxpm 3.5.15-r0 apk
libxslt 1.1.37-r1 apk
libxt 1.2.1-r0 apk
libzip 1.9.2-r2 apk
linux-pam 1.5.2-r1 apk
logrotate 3.20.1-r3 apk
loopialib 0.2.0 python
lxml 4.9.2 python
lz4-libs 1.9.4-r1 apk
marshmallow 3.19.0 python
marshmallow-enum 1.5.1 python
memcached 1.6.17 binary
memcached 1.6.17-r0 apk
mock 5.0.2 python
mpdecimal 2.5.1-r1 apk
msal 1.22.0 python
msal-extensions 1.0.0 python
msrest 0.7.1 python
musl 1.2.3-r4 apk
musl-utils 1.2.3-r4 apk
mypy-extensions 1.0.0 python
nano 7.0-r0 apk
ncurses-libs 6.3_p20221119-r0 apk
ncurses-terminfo-base 6.3_p20221119-r0 apk
netcat-openbsd 1.130-r4 apk
nettle 3.8.1-r0 apk
nghttp2-libs 1.51.0-r0 apk
nginx 1.22.1-r0 apk
nginx-mod-devel-kit 1.22.1-r0 apk
nginx-mod-http-brotli 1.22.1-r0 apk
nginx-mod-http-dav-ext 1.22.1-r0 apk
nginx-mod-http-echo 1.22.1-r0 apk
nginx-mod-http-fancyindex 1.22.1-r0 apk
nginx-mod-http-geoip2 1.22.1-r0 apk
nginx-mod-http-headers-more 1.22.1-r0 apk
nginx-mod-http-image-filter 1.22.1-r0 apk
nginx-mod-http-perl 1.22.1-r0 apk
nginx-mod-http-redis2 1.22.1-r0 apk
nginx-mod-http-set-misc 1.22.1-r0 apk
nginx-mod-http-upload-progress 1.22.1-r0 apk
nginx-mod-http-xslt-filter 1.22.1-r0 apk
nginx-mod-mail 1.22.1-r0 apk
nginx-mod-rtmp 1.22.1-r0 apk
nginx-mod-stream 1.22.1-r0 apk
nginx-mod-stream-geoip2 1.22.1-r0 apk
nginx-vim 1.22.1-r0 apk
npth 1.6-r2 apk
oauthlib 3.2.2 python
oniguruma 6.9.8-r0 apk
openssl 3.0.8-r4 apk
p11-kit 0.24.1-r1 apk
packaging 23.1 python
parsedatetime 2.6 python
pcre 8.45-r2 apk
pcre2 10.42-r0 apk
perl 5.36.0-r1 apk
perl-error 0.17029-r1 apk
perl-git 2.38.5-r0 apk
php-cli 8.1.19 binary
php-fpm 8.1.19 binary
php81 8.1.19-r0 apk
php81-bcmath 8.1.19-r0 apk
php81-bz2 8.1.19-r0 apk
php81-common 8.1.19-r0 apk
php81-ctype 8.1.19-r0 apk
php81-curl 8.1.19-r0 apk
php81-dom 8.1.19-r0 apk
php81-exif 8.1.19-r0 apk
php81-fileinfo 8.1.19-r0 apk
php81-fpm 8.1.19-r0 apk
php81-ftp 8.1.19-r0 apk
php81-gd 8.1.19-r0 apk
php81-gmp 8.1.19-r0 apk
php81-iconv 8.1.19-r0 apk
php81-imap 8.1.19-r0 apk
php81-intl 8.1.19-r0 apk
php81-ldap 8.1.19-r0 apk
php81-mbstring 8.1.19-r0 apk
php81-mysqli 8.1.19-r0 apk
php81-mysqlnd 8.1.19-r0 apk
php81-opcache 8.1.19-r0 apk
php81-openssl 8.1.19-r0 apk
php81-pdo 8.1.19-r0 apk
php81-pdo_mysql 8.1.19-r0 apk
php81-pdo_odbc 8.1.19-r0 apk
php81-pdo_pgsql 8.1.19-r0 apk
php81-pdo_sqlite 8.1.19-r0 apk
php81-pear 8.1.19-r0 apk
php81-pecl-apcu 5.1.22-r0 apk
php81-pecl-igbinary 3.2.12-r0 apk
php81-pecl-mailparse 3.1.4-r0 apk
php81-pecl-mcrypt 1.0.6-r0 apk
php81-pecl-memcached 3.2.0-r0 apk
php81-pecl-redis 5.3.7-r0 apk
php81-pecl-xmlrpc 1.0.0_rc3-r1 apk
php81-pgsql 8.1.19-r0 apk
php81-phar 8.1.19-r0 apk
php81-posix 8.1.19-r0 apk
php81-session 8.1.19-r0 apk
php81-simplexml 8.1.19-r0 apk
php81-soap 8.1.19-r0 apk
php81-sockets 8.1.19-r0 apk
php81-sodium 8.1.19-r0 apk
php81-sqlite3 8.1.19-r0 apk
php81-tokenizer 8.1.19-r0 apk
php81-xml 8.1.19-r0 apk
php81-xmlreader 8.1.19-r0 apk
php81-xmlwriter 8.1.19-r0 apk
php81-xsl 8.1.19-r0 apk
php81-zip 8.1.19-r0 apk
pinentry 1.2.1-r0 apk
pip 23.1.2 python
pkb-client 1.2 python
popt 1.19-r0 apk
portalocker 2.7.0 python
procps 3.3.17-r2 apk
protobuf 4.23.0 python
publicsuffixlist 0.9.4 python
pyOpenSSL 23.1.1 python
pyRFC3339 1.1 python
pyacmedns 0.4 python
pyasn1 0.5.0 python
pyasn1-modules 0.3.0 python
pycparser 2.21 python
pyparsing 3.0.9 python
python 3.10.11 binary
python-dateutil 2.8.2 python
python-digitalocean 1.17.0 python
python-transip 0.6.0 python
python3 3.10.11-r0 apk
pytz 2023.3 python
readline 8.2.0-r0 apk
requests 2.30.0 python
requests-file 1.5.1 python
requests-mock 1.10.0 python
requests-oauthlib 1.3.1 python
rsa 4.9 python
s3transfer 0.6.1 python
scanelf 1.3.5-r1 apk
setuptools 65.5.0 python
shadow 4.13-r0 apk
six 1.16.0 python
skalibs 2.12.0.1-r0 apk
soupsieve 2.4.1 python
sqlite-libs 3.40.1-r0 apk
ssl_client 1.35.0-r29 apk
tiff 4.4.0-r3 apk
tldextract 3.4.2 python
typing-inspect 0.8.0 python
typing_extensions 4.5.0 python
tzdata 2023c-r0 apk
unixodbc 2.3.11-r0 apk
uritemplate 4.1.1 python
urllib3 1.26.15 python
utmps-libs 0.1.2.0-r1 apk
wheel 0.40.0 python
whois 5.5.14-r0 apk
xz 5.2.9-r0 apk
xz-libs 5.2.9-r0 apk
zipp 3.15.0 python
zlib 1.2.13-r0 apk
zope.interface 6.0 python
zstd-libs 1.5.5-r0 apk
NAME VERSION TYPE
ConfigArgParse 1.7 python
PyJWT 2.8.0 python
PyNamecheap 0.0.3 python
PyYAML 6.0.1 python
Simple Launcher Executable 1.1.0.14 dotnet
acme 2.7.2 python
alpine-baselayout 3.4.3-r1 apk
alpine-baselayout-data 3.4.3-r1 apk
alpine-keys 2.4-r1 apk
alpine-release 3.18.4-r0 apk
aom-libs 3.6.1-r0 apk
apache2-utils 2.4.58-r0 apk
apk-tools 2.14.0-r2 apk
apr 1.7.4-r0 apk
apr-util 1.6.3-r1 apk
argon2-libs 20190702-r4 apk
attrs 23.1.0 python
azure-common 1.1.28 python
azure-core 1.29.5 python
azure-identity 1.14.1 python
azure-mgmt-core 1.4.0 python
azure-mgmt-dns 8.1.0 python
bash 5.2.15-r5 apk
beautifulsoup4 4.12.2 python
boto3 1.28.69 python
botocore 1.31.69 python
brotli-libs 1.0.9-r14 apk
bs4 0.0.1 python
busybox 1.36.1-r4 apk
busybox-binsh 1.36.1-r4 apk
c-client 2007f-r15 apk
ca-certificates 20230506-r0 apk
ca-certificates-bundle 20230506-r0 apk
cachetools 5.3.1 python
certbot 2.7.2 python
certbot-dns-acmedns 0.1.0 python
certbot-dns-aliyun 2.0.0 python
certbot-dns-azure 2.4.0 python
certbot-dns-bunny 0.0.9 python
certbot-dns-cloudflare 2.7.2 python
certbot-dns-cpanel 0.4.0 python
certbot-dns-desec 1.2.1 python
certbot-dns-digitalocean 2.7.2 python
certbot-dns-directadmin 1.0.3 python
certbot-dns-dnsimple 2.6.0 python
certbot-dns-dnsmadeeasy 2.6.0 python
certbot-dns-dnspod 0.1.0 python
certbot-dns-do 0.31.0 python
certbot-dns-domeneshop 0.2.9 python
certbot-dns-dreamhost 1.0 python
certbot-dns-duckdns 1.3 python
certbot-dns-dynu 0.0.4 python
certbot-dns-freedns 0.1.0 python
certbot-dns-gehirn 2.6.0 python
certbot-dns-godaddy 0.2.2 python
certbot-dns-google 2.7.2 python
certbot-dns-google-domains 0.1.11 python
certbot-dns-he 1.0.0 python
certbot-dns-hetzner 2.0.0 python
certbot-dns-infomaniak 0.2.1 python
certbot-dns-inwx 2.2.0 python
certbot-dns-ionos 2022.11.24 python
certbot-dns-linode 2.6.0 python
certbot-dns-loopia 1.0.1 python
certbot-dns-luadns 2.6.0 python
certbot-dns-namecheap 1.0.0 python
certbot-dns-netcup 1.3.1 python
certbot-dns-njalla 1.0.0 python
certbot-dns-nsone 2.6.0 python
certbot-dns-ovh 2.6.0 python
certbot-dns-porkbun 0.8 python
certbot-dns-rfc2136 2.7.2 python
certbot-dns-route53 2.7.2 python
certbot-dns-sakuracloud 2.6.0 python
certbot-dns-standalone 1.1 python
certbot-dns-transip 0.5.2 python
certbot-dns-vultr 1.1.0 python
certbot-plugin-gandi 1.4.3 python
certifi 2023.7.22 python
cffi 1.16.0 python
charset-normalizer 3.3.1 python
cloudflare 2.12.4 python
configobj 5.0.8 python
coreutils 9.3-r1 apk
cryptography 41.0.4 python
curl 8.4.0-r0 apk
dataclasses-json 0.5.14 python
distro 1.8.0 python
dns-lexicon 3.11.7 python
dnslib 0.9.23 python
dnspython 2.4.2 python
domeneshop 0.4.3 python
fail2ban 1.0.2 python
fail2ban 1.0.2-r2 apk
fail2ban-pyc 1.0.2-r2 apk
filelock 3.12.4 python
fontconfig 2.14.2-r3 apk
freetype 2.13.0-r5 apk
future 0.18.3 python
gdbm 1.23-r1 apk
git 2.40.1-r0 apk
git-perl 2.40.1-r0 apk
gmp 6.2.1-r3 apk
gnupg 2.4.3-r0 apk
gnupg-dirmngr 2.4.3-r0 apk
gnupg-gpgconf 2.4.3-r0 apk
gnupg-keyboxd 2.4.3-r0 apk
gnupg-utils 2.4.3-r0 apk
gnupg-wks-client 2.4.3-r0 apk
gnutls 3.8.0-r2 apk
google-api-core 2.12.0 python
google-api-python-client 2.104.0 python
google-auth 2.23.3 python
google-auth-httplib2 0.1.1 python
googleapis-common-protos 1.61.0 python
gpg 2.4.3-r0 apk
gpg-agent 2.4.3-r0 apk
gpg-wks-server 2.4.3-r0 apk
gpgsm 2.4.3-r0 apk
gpgv 2.4.3-r0 apk
httplib2 0.22.0 python
icu-data-en 73.2-r2 apk
icu-libs 73.2-r2 apk
idna 3.4 python
importlib-metadata 6.8.0 python
ip6tables 1.8.9-r2 apk
iptables 1.8.9-r2 apk
isodate 0.6.1 python
jmespath 1.0.1 python
josepy 1.13.0 python
jq 1.6-r3 apk
jsonlines 4.0.0 python
jsonpickle 3.0.2 python
libacl 2.3.1-r3 apk
libassuan 2.5.6-r0 apk
libattr 2.5.1-r4 apk
libavif 0.11.1-r2 apk
libbsd 0.11.7-r1 apk
libbz2 1.0.8-r5 apk
libc-utils 0.7.2-r5 apk
libcrypto3 3.1.3-r0 apk
libcurl 8.4.0-r0 apk
libdav1d 1.2.1-r0 apk
libedit 20221030.3.1-r1 apk
libevent 2.1.12-r6 apk
libexpat 2.5.0-r1 apk
libffi 3.4.4-r2 apk
libgcc 12.2.1_git20220924-r10 apk
libgcrypt 1.10.2-r1 apk
libgd 2.3.3-r7 apk
libgpg-error 1.47-r1 apk
libice 1.1.1-r2 apk
libidn2 2.3.4-r1 apk
libintl 0.21.1-r7 apk
libjpeg-turbo 2.1.5.1-r3 apk
libksba 1.6.4-r0 apk
libldap 2.6.5-r0 apk
libmaxminddb-libs 1.7.1-r1 apk
libmcrypt 2.5.8-r10 apk
libmd 1.0.4-r2 apk
libmemcached-libs 1.1.4-r1 apk
libmnl 1.0.5-r1 apk
libncursesw 6.4_p20230506-r0 apk
libnftnl 1.2.5-r1 apk
libpanelw 6.4_p20230506-r0 apk
libpng 1.6.39-r3 apk
libpq 15.4-r0 apk
libproc2 4.0.4-r0 apk
libsasl 2.1.28-r4 apk
libseccomp 2.5.4-r2 apk
libsm 1.2.4-r1 apk
libsodium 1.0.18-r3 apk
libssl3 3.1.3-r0 apk
libstdc++ 12.2.1_git20220924-r10 apk
libtasn1 4.19.0-r1 apk
libunistring 1.1-r1 apk
libuuid 2.38.1-r8 apk
libwebp 1.3.2-r0 apk
libx11 1.8.4-r4 apk
libxau 1.0.11-r2 apk
libxcb 1.15-r1 apk
libxdmcp 1.1.4-r2 apk
libxext 1.3.5-r2 apk
libxml2 2.11.4-r0 apk
libxpm 3.5.16-r1 apk
libxslt 1.1.38-r0 apk
libxt 1.3.0-r2 apk
libzip 1.9.2-r2 apk
linux-pam 1.5.2-r10 apk
logrotate 3.21.0-r1 apk
loopialib 0.2.0 python
lxml 4.9.3 python
lz4-libs 1.9.4-r4 apk
marshmallow 3.20.1 python
memcached 1.6.21-r0 apk
mock 5.1.0 python
mpdecimal 2.5.1-r2 apk
msal 1.24.1 python
msal-extensions 1.0.0 python
musl 1.2.4-r2 apk
musl-utils 1.2.4-r2 apk
mypy-extensions 1.0.0 python
nano 7.2-r1 apk
ncurses-terminfo-base 6.4_p20230506-r0 apk
netcat-openbsd 1.219-r1 apk
nettle 3.8.1-r2 apk
nghttp2-libs 1.57.0-r0 apk
nginx 1.24.0-r7 apk
nginx-mod-devel-kit 1.24.0-r7 apk
nginx-mod-http-brotli 1.24.0-r7 apk
nginx-mod-http-dav-ext 1.24.0-r7 apk
nginx-mod-http-echo 1.24.0-r7 apk
nginx-mod-http-fancyindex 1.24.0-r7 apk
nginx-mod-http-geoip2 1.24.0-r7 apk
nginx-mod-http-headers-more 1.24.0-r7 apk
nginx-mod-http-image-filter 1.24.0-r7 apk
nginx-mod-http-perl 1.24.0-r7 apk
nginx-mod-http-redis2 1.24.0-r7 apk
nginx-mod-http-set-misc 1.24.0-r7 apk
nginx-mod-http-upload-progress 1.24.0-r7 apk
nginx-mod-http-xslt-filter 1.24.0-r7 apk
nginx-mod-mail 1.24.0-r7 apk
nginx-mod-rtmp 1.24.0-r7 apk
nginx-mod-stream 1.24.0-r7 apk
nginx-mod-stream-geoip2 1.24.0-r7 apk
nginx-vim 1.24.0-r7 apk
npth 1.6-r4 apk
oniguruma 6.9.8-r1 apk
openssl 3.1.3-r0 apk
p11-kit 0.24.1-r2 apk
packaging 23.2 python
parsedatetime 2.6 python
pcre 8.45-r3 apk
pcre2 10.42-r1 apk
perl 5.36.1-r2 apk
perl-error 0.17029-r1 apk
perl-git 2.40.1-r0 apk
php82 8.2.10-r0 apk
php82-bcmath 8.2.10-r0 apk
php82-bz2 8.2.10-r0 apk
php82-common 8.2.10-r0 apk
php82-ctype 8.2.10-r0 apk
php82-curl 8.2.10-r0 apk
php82-dom 8.2.10-r0 apk
php82-exif 8.2.10-r0 apk
php82-fileinfo 8.2.10-r0 apk
php82-fpm 8.2.10-r0 apk
php82-ftp 8.2.10-r0 apk
php82-gd 8.2.10-r0 apk
php82-gmp 8.2.10-r0 apk
php82-iconv 8.2.10-r0 apk
php82-imap 8.2.10-r0 apk
php82-intl 8.2.10-r0 apk
php82-ldap 8.2.10-r0 apk
php82-mbstring 8.2.10-r0 apk
php82-mysqli 8.2.10-r0 apk
php82-mysqlnd 8.2.10-r0 apk
php82-opcache 8.2.10-r0 apk
php82-openssl 8.2.10-r0 apk
php82-pdo 8.2.10-r0 apk
php82-pdo_mysql 8.2.10-r0 apk
php82-pdo_odbc 8.2.10-r0 apk
php82-pdo_pgsql 8.2.10-r0 apk
php82-pdo_sqlite 8.2.10-r0 apk
php82-pear 8.2.10-r0 apk
php82-pecl-apcu 5.1.22-r0 apk
php82-pecl-igbinary 3.2.14-r0 apk
php82-pecl-mcrypt 1.0.6-r0 apk
php82-pecl-memcached 3.2.0-r1 apk
php82-pecl-msgpack 2.2.0-r0 apk
php82-pecl-redis 6.0.2-r0 apk
php82-pgsql 8.2.10-r0 apk
php82-phar 8.2.10-r0 apk
php82-posix 8.2.10-r0 apk
php82-session 8.2.10-r0 apk
php82-simplexml 8.2.10-r0 apk
php82-soap 8.2.10-r0 apk
php82-sockets 8.2.10-r0 apk
php82-sodium 8.2.10-r0 apk
php82-sqlite3 8.2.10-r0 apk
php82-tokenizer 8.2.10-r0 apk
php82-xml 8.2.10-r0 apk
php82-xmlreader 8.2.10-r0 apk
php82-xmlwriter 8.2.10-r0 apk
php82-xsl 8.2.10-r0 apk
php82-zip 8.2.10-r0 apk
pinentry 1.2.1-r1 apk
pip 23.3.1 python
pkb-client 1.2 python
popt 1.19-r2 apk
portalocker 2.8.2 python
procps-ng 4.0.4-r0 apk
protobuf 4.24.4 python
publicsuffixlist 0.9.4 python
pyOpenSSL 23.2.0 python
pyRFC3339 1.1 python
pyacmedns 0.4 python
pyasn1 0.5.0 python
pyasn1-modules 0.3.0 python
pyc 0.1-r0 apk
pycparser 2.21 python
pyparsing 3.1.1 python
python-dateutil 2.8.2 python
python-digitalocean 1.17.0 python
python-transip 0.6.0 python
python3 3.11.6-r0 apk
python3-pyc 3.11.6-r0 apk
python3-pycache-pyc0 3.11.6-r0 apk
pytz 2023.3.post1 python
readline 8.2.1-r1 apk
requests 2.31.0 python
requests-file 1.5.1 python
requests-mock 1.11.0 python
rsa 4.9 python
s3transfer 0.7.0 python
scanelf 1.3.7-r1 apk
setuptools 65.5.0 python
shadow 4.13-r4 apk
six 1.16.0 python
skalibs 2.13.1.1-r1 apk
soupsieve 2.5 python
sqlite-libs 3.41.2-r2 apk
ssl_client 1.36.1-r4 apk
tiff 4.5.1-r0 apk
tldextract 5.0.1 python
typing-inspect 0.9.0 python
typing_extensions 4.8.0 python
tzdata 2023c-r1 apk
unixodbc 2.3.11-r2 apk
uritemplate 4.1.1 python
urllib3 1.26.18 python
utmps-libs 0.1.2.1-r1 apk
wheel 0.41.2 python
whois 5.5.17-r0 apk
xz-libs 5.4.3-r0 apk
zipp 3.17.0 python
zlib 1.2.13-r1 apk
zope.interface 6.1 python
zstd-libs 1.5.5-r4 apk

View File

@@ -14,7 +14,6 @@ project_blurb_optional_extras: []
available_architectures:
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
- { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
# development version
development_versions: false
@@ -51,7 +50,7 @@ opt_param_usage_include_env: true
opt_param_env_vars:
- { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
- { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
- { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `bunny`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `dreamhost`, `duckdns`, `dynu`, `freedns`, `gandi`, `gehirn`, `godaddy`, `google`, `google-domains`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `namecheap`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
- { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
- { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
- { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
@@ -84,7 +83,7 @@ app_setup_block: |
* For `dns` validation, make sure to enter your credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`
* Cloudflare provides free accounts for managing dns and is very easy to use with this image. Make sure that it is set up for "dns only" instead of "dns + proxy"
* Google dns plugin is meant to be used with "Google Cloud DNS", a paid enterprise product, and not for "Google Domains DNS"
* DuckDNS only supoprts two types of DNS validated certificates (not both at the same time):
* DuckDNS only supports two types of DNS validated certificates (not both at the same time):
1. Certs that only cover your main subdomain (ie. `yoursubdomain.duckdns.org`, leave the `SUBDOMAINS` variable empty)
2. Certs that cover sub-subdomains of your main subdomain (ie. `*.yoursubdomain.duckdns.org`, set the `SUBDOMAINS` variable to `wildcard`)
* `--cap-add=NET_ADMIN` is required for fail2ban to modify iptables
@@ -154,6 +153,12 @@ app_setup_block: |
# changelog
changelogs:
- { date: "01.10.23:", desc: "Fix \"unrecognized arguments\" issue in DirectAdmin DNS plugin." }
- { date: "28.08.23:", desc: "Add Namecheap DNS plugin." }
- { date: "12.08.23:", desc: "Add FreeDNS plugin. Detect certbot DNS authenticators using CLI." }
- { date: "07.08.23:", desc: "Add Bunny DNS Configuration." }
- { date: "27.07.23:", desc: "Added support for dreamhost validation." }
- { date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf." }
- { date: "27.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf, authentik-location.conf, authentik-server.conf - Simplify auth configs and fix Set-Cookie header bug." }
- { date: "13.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik." }
- { date: "25.03.23:", desc: "Fix renewal post hook." }

View File

@@ -0,0 +1,2 @@
# Bunny API token used by Certbot
dns_bunny_api_key = a65e8ebd-45ab-44d2-a542-40d4d009e3bf

View File

@@ -0,0 +1,4 @@
# Instructions: https://github.com/goncalo-leal/certbot-dns-dreamhost#usage
# Replace with your values
dns_dreamhost_baseurl = "https://api.dreamhost.com/"
dns_dreamhost_api_key = "<api_key>"

View File

@@ -0,0 +1,4 @@
# Instructions: https://github.com/schleuss/certbot_dns_freedns#credentials
# Replace with your values
dns_freedns_username = myremoteuser
dns_freedns_password = verysecureremoteuserpassword

View File

@@ -0,0 +1,4 @@
# Instructions: https://github.com/knoxell/certbot-dns-namecheap#credentials
# Namecheap API credentials used by Certbot
dns_namecheap_username=my-username
dns_namecheap_api_key=my-api-key

View File

@@ -3,5 +3,3 @@
[Definition]
failregex = ^<HOST>.*"(GET|POST|HEAD).*" (401) .*$
ignoreregex = .*(?i)plex.*

View File

@@ -1,4 +1,4 @@
## Version 2023/04/13 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
## Version 2023/06/05 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
# redirect all traffic to https
server {
@@ -52,6 +52,19 @@ server {
}
location ~ ^(.+\.php)(.*)$ {
# enable the next two lines for http auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
# enable for ldap auth (requires ldap-server.conf in the server block)
#include /config/nginx/ldap-location.conf;
# enable for Authelia (requires authelia-server.conf in the server block)
#include /config/nginx/authelia-location.conf;
# enable for Authentik (requires authentik-server.conf in the server block)
#include /config/nginx/authentik-location.conf;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;

View File

@@ -24,18 +24,37 @@ for i in "${SANED_VARS[@]}"; do
done
# check to make sure DNSPLUGIN is selected if dns validation is used
if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|google-domains|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details."
CERTBOT_DNS_AUTHENTICATORS=$(certbot plugins --authenticators 2>/dev/null | sed -e 's/^Entry point: EntryPoint(name='\''cpanel'\''/Entry point: EntryPoint(name='\''dns-cpanel'\''/' -e '/EntryPoint(name='\''dns-/!d' -e 's/^Entry point: EntryPoint(name='\''dns-\([^ ]*\)'\'',/\1/' | sort)
if [[ "${VALIDATION}" = "dns" ]] && ! echo "${CERTBOT_DNS_AUTHENTICATORS}" | grep -q "${DNSPLUGIN}"; then
echo "Please set the DNSPLUGIN variable to one of the following:"
echo "${CERTBOT_DNS_AUTHENTICATORS}"
sleep infinity
fi
# set_ini_value logic:
# - if the name is not found in the file, append the name=value to the end of the file
# - if the name is found in the file, replace the value
# - if the name is found in the file but commented out, uncomment the line and replace the value
# call set_ini_value with parameters: $1=name $2=value $3=file
function set_ini_value() {
name=${1//\//\\/}
value=${2//\//\\/}
sed -i \
-e '/^#\?\(\s*'"${name}"'\s*=\s*\).*/{s//\1'"${value}"'/;:a;n;ba;q}' \
-e '$a'"${name}"'='"${value}" "${3}"
}
# ensure config files exist and has at least one value set (set_ini_value does not work on empty files)
touch /config/etc/letsencrypt/cli.ini
grep -qF 'agree-tos' /config/etc/letsencrypt/cli.ini || echo 'agree-tos=true' >>/config/etc/letsencrypt/cli.ini
# copy dns default configs
cp -n /defaults/dns-conf/* /config/dns-conf/
cp -n /defaults/dns-conf/* /config/dns-conf/ 2> >(grep -v 'cp: not replacing')
lsiown -R abc:abc /config/dns-conf
# copy default renewal hooks
chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/
cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/ 2> >(grep -v 'cp: not replacing')
lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
# replace nginx service location in renewal hooks
@@ -157,21 +176,25 @@ if [[ ! "${URL}" = "${ORIGURL}" ]] ||
[[ ! "${CERTPROVIDER}" = "${ORIGCERTPROVIDER}" ]]; then
echo "Different validation parameters entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created"
if [[ "${ORIGCERTPROVIDER}" = "zerossl" ]] && [[ -n "${ORIGEMAIL}" ]]; then
REV_EAB_CREDS=$(curl -s https://api.zerossl.com/acme/eab-credentials-email --data "email=${ORIGEMAIL}")
REV_ZEROSSL_EAB_KID=$(echo "${REV_EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_kid'])")
REV_ZEROSSL_EAB_HMAC_KEY=$(echo "${REV_EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_hmac_key'])")
REV_ACMESERVER=("https://acme.zerossl.com/v2/DV90")
REV_ZEROSSL_EAB_KID=$(awk -F "=" '/eab-kid/ {print $2}' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf" | tr -d ' ')
REV_ZEROSSL_EAB_HMAC_KEY=$(awk -F "=" '/eab-hmac-key/ {print $2}' "/config/etc/letsencrypt/renewal/${ORIGDOMAIN}.conf" | tr -d ' ')
if [[ -z "${REV_ZEROSSL_EAB_KID}" ]] || [[ -z "${REV_ZEROSSL_EAB_HMAC_KEY}" ]]; then
echo "Unable to retrieve EAB credentials from ZeroSSL. Check the outgoing connections to api.zerossl.com and dns. Sleeping."
sleep infinity
REV_ZEROSSL_EAB_KID=$(awk -F "=" '/eab-kid/ {print $2}' /config/etc/letsencrypt/cli.ini | tr -d ' ')
REV_ZEROSSL_EAB_HMAC_KEY=$(awk -F "=" '/eab-hmac-key/ {print $2}' /config/etc/letsencrypt/cli.ini | tr -d ' ')
fi
if [[ -n "${REV_ZEROSSL_EAB_KID}" ]] && [[ -n "${REV_ZEROSSL_EAB_HMAC_KEY}" ]]; then
REV_ACMESERVER+=("--eab-kid" "${REV_ZEROSSL_EAB_KID}" "--eab-hmac-key" "${REV_ZEROSSL_EAB_HMAC_KEY}")
fi
REV_ACMESERVER="https://acme.zerossl.com/v2/DV90 --eab-kid ${REV_ZEROSSL_EAB_KID} --eab-hmac-key ${REV_ZEROSSL_EAB_HMAC_KEY}"
elif [[ "${ORIGSTAGING}" = "true" ]]; then
REV_ACMESERVER="https://acme-staging-v02.api.letsencrypt.org/directory"
REV_ACMESERVER=("https://acme-staging-v02.api.letsencrypt.org/directory")
else
REV_ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
REV_ACMESERVER=("https://acme-v02.api.letsencrypt.org/directory")
fi
if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server ${REV_ACMESERVER} || true
certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server "${REV_ACMESERVER[@]}" || true
else
certbot revoke --non-interactive --cert-name "${ORIGDOMAIN}" --server "${REV_ACMESERVER[@]}" || true
fi
rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
fi
@@ -182,9 +205,11 @@ echo -e "ORIGURL=\"${URL}\" ORIGSUBDOMAINS=\"${SUBDOMAINS}\" ORIGONLY_SUBDOMAINS
# Check if the cert is using the old LE root cert, revoke and regen if necessary
if [[ -f "/config/keys/letsencrypt/chain.pem" ]] && { [[ "${CERTPROVIDER}" == "letsencrypt" ]] || [[ "${CERTPROVIDER}" == "" ]]; } && [[ "${STAGING}" != "true" ]] && ! openssl x509 -in /config/keys/letsencrypt/chain.pem -noout -issuer | grep -q "ISRG Root X"; then
echo "The cert seems to be using the old LE root cert, which is no longer valid. Deleting and revoking."
REV_ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
REV_ACMESERVER=("https://acme-v02.api.letsencrypt.org/directory")
if [[ -f /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem ]]; then
certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server ${REV_ACMESERVER} || true
certbot revoke --non-interactive --cert-path /config/etc/letsencrypt/live/"${ORIGDOMAIN}"/fullchain.pem --server "${REV_ACMESERVER[@]}" || true
else
certbot revoke --non-interactive --cert-name "${ORIGDOMAIN}" --server "${REV_ACMESERVER[@]}" || true
fi
rm -rf /config/etc/letsencrypt/{accounts,archive,live,renewal}
fi
@@ -208,52 +233,51 @@ else
ACMESERVER="https://acme-v02.api.letsencrypt.org/directory"
fi
# figuring out url only vs url & subdomains vs subdomains only
set_ini_value "server" "${ACMESERVER}" /config/etc/letsencrypt/cli.ini
# figuring out domain only vs domain & subdomains vs subdomains only
DOMAINS_ARRAY=()
if [[ -z "${SUBDOMAINS}" ]] || [[ "${ONLY_SUBDOMAINS}" != true ]]; then
DOMAINS_ARRAY+=("${URL}")
fi
if [[ -n "${SUBDOMAINS}" ]]; then
echo "SUBDOMAINS entered, processing"
SUBDOMAINS_ARRAY=()
if [[ "${SUBDOMAINS}" = "wildcard" ]]; then
if [[ "${ONLY_SUBDOMAINS}" = true ]]; then
export URL_REAL="-d *.${URL}"
echo "Wildcard cert for only the subdomains of ${URL} will be requested"
else
export URL_REAL="-d *.${URL} -d ${URL}"
echo "Wildcard cert for ${URL} will be requested"
fi
SUBDOMAINS_ARRAY+=("*.${URL}")
echo "Wildcard cert for ${URL} will be requested"
else
echo "SUBDOMAINS entered, processing"
for job in $(echo "${SUBDOMAINS}" | tr "," " "); do
export SUBDOMAINS_REAL="${SUBDOMAINS_REAL} -d ${job}.${URL}"
SUBDOMAINS_ARRAY+=("${job}.${URL}")
done
if [[ "${ONLY_SUBDOMAINS}" = true ]]; then
URL_REAL="${SUBDOMAINS_REAL}"
echo "Only subdomains, no URL in cert"
else
URL_REAL="-d ${URL}${SUBDOMAINS_REAL}"
fi
echo "Sub-domains processed are: ${SUBDOMAINS_REAL}"
echo "Sub-domains processed are: $(echo "${SUBDOMAINS_ARRAY[*]}" | tr " " ",")"
fi
else
echo "No subdomains defined"
URL_REAL="-d ${URL}"
DOMAINS_ARRAY+=("${SUBDOMAINS_ARRAY[@]}")
fi
# add extra domains
if [[ -n "${EXTRA_DOMAINS}" ]]; then
echo "EXTRA_DOMAINS entered, processing"
EXTRA_DOMAINS_ARRAY=()
for job in $(echo "${EXTRA_DOMAINS}" | tr "," " "); do
export EXTRA_DOMAINS_REAL="${EXTRA_DOMAINS_REAL} -d ${job}"
EXTRA_DOMAINS_ARRAY+=("${job}")
done
echo "Extra domains processed are: ${EXTRA_DOMAINS_REAL}"
URL_REAL="${URL_REAL} ${EXTRA_DOMAINS_REAL}"
echo "Extra domains processed are: $(echo "${EXTRA_DOMAINS_ARRAY[*]}" | tr " " ",")"
DOMAINS_ARRAY+=("${EXTRA_DOMAINS_ARRAY[@]}")
fi
# setting domains in cli.ini
set_ini_value "domains" "$(echo "${DOMAINS_ARRAY[*]}" | tr " " ",")" /config/etc/letsencrypt/cli.ini
# figuring out whether to use e-mail and which
if [[ ${EMAIL} == *@* ]]; then
echo "E-mail address entered: ${EMAIL}"
EMAILPARAM="-m ${EMAIL} --no-eff-email"
set_ini_value "email" "${EMAIL}" /config/etc/letsencrypt/cli.ini
set_ini_value "no-eff-email" "true" /config/etc/letsencrypt/cli.ini
set_ini_value "register-unsafely-without-email" "false" /config/etc/letsencrypt/cli.ini
else
echo "No e-mail address entered or address invalid"
EMAILPARAM="--register-unsafely-without-email"
set_ini_value "register-unsafely-without-email" "true" /config/etc/letsencrypt/cli.ini
fi
# alter extension for error message
@@ -265,37 +289,41 @@ fi
# setting the validation method to use
if [[ "${VALIDATION}" = "dns" ]]; then
AUTHENTICATORPARAM="--authenticator dns-${DNSPLUGIN}"
DNSCREDENTIALSPARAM="--dns-${DNSPLUGIN}-credentials ${DNSCREDENTIALFILE}"
if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--dns-${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
set_ini_value "preferred-challenges" "dns" /config/etc/letsencrypt/cli.ini
set_ini_value "authenticator" "dns-${DNSPLUGIN}" /config/etc/letsencrypt/cli.ini
set_ini_value "dns-${DNSPLUGIN}-credentials" "${DNSCREDENTIALFILE}" /config/etc/letsencrypt/cli.ini
if [[ -n "${PROPAGATION}" ]]; then set_ini_value "dns-${DNSPLUGIN}-propagation-seconds" "${PROPAGATION}" /config/etc/letsencrypt/cli.ini; fi
# plugins that don't support setting credentials file
if [[ "${DNSPLUGIN}" =~ ^(route53|standalone)$ ]]; then
DNSCREDENTIALSPARAM=""
sed -i "/^dns-${DNSPLUGIN}-credentials\b/d" /config/etc/letsencrypt/cli.ini
fi
# plugins that don't support setting propagation
if [[ "${DNSPLUGIN}" =~ ^(azure|gandi|route53|standalone)$ ]]; then
if [[ -n "${PROPAGATION}" ]]; then echo "${DNSPLUGIN} dns plugin does not support setting propagation time"; fi
PROPAGATIONPARAM=""
sed -i "/^dns-${DNSPLUGIN}-propagation-seconds\b/d" /config/etc/letsencrypt/cli.ini
fi
# plugins that use old parameter naming convention
if [[ "${DNSPLUGIN}" =~ ^(cpanel)$ ]]; then
AUTHENTICATORPARAM="--authenticator ${DNSPLUGIN}"
DNSCREDENTIALSPARAM="--${DNSPLUGIN}-credentials ${DNSCREDENTIALFILE}"
if [[ -n "${PROPAGATION}" ]]; then PROPAGATIONPARAM="--${DNSPLUGIN}-propagation-seconds ${PROPAGATION}"; fi
sed -i "/^dns-${DNSPLUGIN}-credentials\b/d" /config/etc/letsencrypt/cli.ini
sed -i "/^dns-${DNSPLUGIN}-propagation-seconds\b/d" /config/etc/letsencrypt/cli.ini
set_ini_value "authenticator" "${DNSPLUGIN}" /config/etc/letsencrypt/cli.ini
set_ini_value "${DNSPLUGIN}-credentials" "${DNSCREDENTIALFILE}" /config/etc/letsencrypt/cli.ini
if [[ -n "${PROPAGATION}" ]]; then set_ini_value "${DNSPLUGIN}-propagation-seconds" "${PROPAGATION}" /config/etc/letsencrypt/cli.ini; fi
fi
# don't restore txt records when using DuckDNS plugin
if [[ "${DNSPLUGIN}" =~ ^(duckdns)$ ]]; then
AUTHENTICATORPARAM="${AUTHENTICATORPARAM} --dns-${DNSPLUGIN}-no-txt-restore"
set_ini_value "dns-${DNSPLUGIN}-no-txt-restore" "true" /config/etc/letsencrypt/cli.ini
fi
PREFCHAL="${AUTHENTICATORPARAM} ${DNSCREDENTIALSPARAM} ${PROPAGATIONPARAM}"
echo "${VALIDATION} validation via ${DNSPLUGIN} plugin is selected"
elif [[ "${VALIDATION}" = "tls-sni" ]]; then
PREFCHAL="--standalone --preferred-challenges http"
set_ini_value "preferred-challenges" "http" /config/etc/letsencrypt/cli.ini
set_ini_value "authenticator" "standalone" /config/etc/letsencrypt/cli.ini
echo "*****tls-sni validation has been deprecated, attempting http validation instead"
else
PREFCHAL="--standalone --preferred-challenges http"
set_ini_value "preferred-challenges" "http" /config/etc/letsencrypt/cli.ini
set_ini_value "authenticator" "standalone" /config/etc/letsencrypt/cli.ini
echo "http validation is selected"
fi
@@ -304,17 +332,17 @@ if [[ ! -f "/config/keys/letsencrypt/fullchain.pem" ]]; then
if [[ "${CERTPROVIDER}" = "zerossl" ]] && [[ -n "${EMAIL}" ]]; then
echo "Retrieving EAB from ZeroSSL"
EAB_CREDS=$(curl -s https://api.zerossl.com/acme/eab-credentials-email --data "email=${EMAIL}")
ZEROSSL_EAB_KID=$(echo "${EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_kid'])")
ZEROSSL_EAB_HMAC_KEY=$(echo "${EAB_CREDS}" | python3 -c "import sys, json; print(json.load(sys.stdin)['eab_hmac_key'])")
ZEROSSL_EAB_KID=$(echo "${EAB_CREDS}" | jq .eab_kid)
ZEROSSL_EAB_HMAC_KEY=$(echo "${EAB_CREDS}" | jq .eab_hmac_key)
if [[ -z "${ZEROSSL_EAB_KID}" ]] || [[ -z "${ZEROSSL_EAB_HMAC_KEY}" ]]; then
echo "Unable to retrieve EAB credentials from ZeroSSL. Check the outgoing connections to api.zerossl.com and dns. Sleeping."
sleep infinity
fi
ZEROSSL_EAB="--eab-kid ${ZEROSSL_EAB_KID} --eab-hmac-key ${ZEROSSL_EAB_HMAC_KEY}"
set_ini_value "eab-kid" "${ZEROSSL_EAB_KID}" /config/etc/letsencrypt/cli.ini
set_ini_value "eab-hmac-key" "${ZEROSSL_EAB_HMAC_KEY}" /config/etc/letsencrypt/cli.ini
fi
echo "Generating new certificate"
# shellcheck disable=SC2086
certbot certonly --non-interactive --renew-by-default --server ${ACMESERVER} ${ZEROSSL_EAB} ${PREFCHAL} --rsa-key-size 4096 ${EMAILPARAM} --agree-tos ${URL_REAL}
certbot certonly --non-interactive --renew-by-default
if [[ ! -d /config/keys/letsencrypt ]]; then
if [[ "${VALIDATION}" = "dns" ]]; then
echo "ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the ${DNSCREDENTIALFILE} file."

View File

@@ -15,7 +15,7 @@ if [[ ! -f /config/crontabs/root ]]; then
# if crontabs still do not exist in config (were not copied from system)
# copy crontab from included defaults (using -n, do not overwrite an existing file)
cp -n /etc/crontabs/root /config/crontabs/
cp -n /etc/crontabs/root /config/crontabs/ 2> >(grep -v 'cp: not replacing')
fi
# set permissions and import user crontabs
lsiown root:root /config/crontabs/root
@@ -31,7 +31,7 @@ if [[ ! -f /config/crontabs/abc ]]; then
# if crontabs still do not exist in config (were not copied from system)
# copy crontab from included defaults (using -n, do not overwrite an existing file)
cp -n /etc/crontabs/abc /config/crontabs/
cp -n /etc/crontabs/abc /config/crontabs/ 2> >(grep -v 'cp: not replacing')
fi
# set permissions and import user crontabs
lsiown abc:abc /config/crontabs/abc