mirror of
https://github.com/linuxserver/docker-swag.git
synced 2026-03-22 05:59:03 +09:00
Compare commits
2 Commits
renewal-ho
...
2.11.0-ls3
| Author | SHA1 | Date | |
|---|---|---|---|
|
94c72584a7 | ||
|
|
59d1c8a724 |
@@ -131,7 +131,7 @@ RUN \
|
|||||||
certbot-dns-transip \
|
certbot-dns-transip \
|
||||||
certbot-dns-vultr \
|
certbot-dns-vultr \
|
||||||
certbot-plugin-gandi \
|
certbot-plugin-gandi \
|
||||||
cryptography==42.0.7 \
|
cryptography \
|
||||||
future \
|
future \
|
||||||
requests && \
|
requests && \
|
||||||
echo "**** enable OCSP stapling from base ****" && \
|
echo "**** enable OCSP stapling from base ****" && \
|
||||||
|
|||||||
@@ -131,7 +131,7 @@ RUN \
|
|||||||
certbot-dns-transip \
|
certbot-dns-transip \
|
||||||
certbot-dns-vultr \
|
certbot-dns-vultr \
|
||||||
certbot-plugin-gandi \
|
certbot-plugin-gandi \
|
||||||
cryptography==42.0.7 \
|
cryptography \
|
||||||
future \
|
future \
|
||||||
requests && \
|
requests && \
|
||||||
echo "**** enable OCSP stapling from base ****" && \
|
echo "**** enable OCSP stapling from base ****" && \
|
||||||
|
|||||||
@@ -4,7 +4,7 @@ acme 2.11.0 python
|
|||||||
alpine-baselayout 3.6.5-r0 apk
|
alpine-baselayout 3.6.5-r0 apk
|
||||||
alpine-baselayout-data 3.6.5-r0 apk
|
alpine-baselayout-data 3.6.5-r0 apk
|
||||||
alpine-keys 2.4-r1 apk
|
alpine-keys 2.4-r1 apk
|
||||||
alpine-release 3.20.2-r0 apk
|
alpine-release 3.20.3-r0 apk
|
||||||
aom-libs 3.9.1-r0 apk
|
aom-libs 3.9.1-r0 apk
|
||||||
apache2-utils 2.4.62-r0 apk
|
apache2-utils 2.4.62-r0 apk
|
||||||
apk-tools 2.14.4-r0 apk
|
apk-tools 2.14.4-r0 apk
|
||||||
@@ -14,15 +14,15 @@ argon2-libs 20190702-r5 apk
|
|||||||
attrs 24.2.0 python
|
attrs 24.2.0 python
|
||||||
autocommand 2.2.2 python
|
autocommand 2.2.2 python
|
||||||
azure-common 1.1.28 python
|
azure-common 1.1.28 python
|
||||||
azure-core 1.30.2 python
|
azure-core 1.31.0 python
|
||||||
azure-identity 1.17.1 python
|
azure-identity 1.18.0 python
|
||||||
azure-mgmt-core 1.4.0 python
|
azure-mgmt-core 1.4.0 python
|
||||||
azure-mgmt-dns 8.1.0 python
|
azure-mgmt-dns 8.1.0 python
|
||||||
backports-tarfile 1.2.0 python
|
backports-tarfile 1.2.0 python
|
||||||
bash 5.2.26-r0 apk
|
bash 5.2.26-r0 apk
|
||||||
beautifulsoup4 4.12.3 python
|
beautifulsoup4 4.12.3 python
|
||||||
boto3 1.35.14 python
|
boto3 1.35.24 python
|
||||||
botocore 1.35.14 python
|
botocore 1.35.24 python
|
||||||
brotli-libs 1.1.0-r2 apk
|
brotli-libs 1.1.0-r2 apk
|
||||||
bs4 0.0.2 python
|
bs4 0.0.2 python
|
||||||
busybox 1.36.1-r29 apk
|
busybox 1.36.1-r29 apk
|
||||||
@@ -89,7 +89,7 @@ coreutils-env 9.5-r1 apk
|
|||||||
coreutils-fmt 9.5-r1 apk
|
coreutils-fmt 9.5-r1 apk
|
||||||
coreutils-sha512sum 9.5-r1 apk
|
coreutils-sha512sum 9.5-r1 apk
|
||||||
cryptography 43.0.1 python
|
cryptography 43.0.1 python
|
||||||
curl 8.9.1-r1 apk
|
curl 8.10.0-r0 apk
|
||||||
distro 1.9.0 python
|
distro 1.9.0 python
|
||||||
dns-lexicon 3.18.0 python
|
dns-lexicon 3.18.0 python
|
||||||
dnslib 0.9.25 python
|
dnslib 0.9.25 python
|
||||||
@@ -98,7 +98,7 @@ domeneshop 0.4.4 python
|
|||||||
fail2ban 1.1.0 python
|
fail2ban 1.1.0 python
|
||||||
fail2ban 1.1.0-r0 apk
|
fail2ban 1.1.0-r0 apk
|
||||||
fail2ban-pyc 1.1.0-r0 apk
|
fail2ban-pyc 1.1.0-r0 apk
|
||||||
filelock 3.15.4 python
|
filelock 3.16.1 python
|
||||||
findutils 4.9.0-r5 apk
|
findutils 4.9.0-r5 apk
|
||||||
fontconfig 2.15.0-r1 apk
|
fontconfig 2.15.0-r1 apk
|
||||||
freetype 2.13.2-r0 apk
|
freetype 2.13.2-r0 apk
|
||||||
@@ -115,9 +115,9 @@ gnupg-keyboxd 2.4.5-r0 apk
|
|||||||
gnupg-utils 2.4.5-r0 apk
|
gnupg-utils 2.4.5-r0 apk
|
||||||
gnupg-wks-client 2.4.5-r0 apk
|
gnupg-wks-client 2.4.5-r0 apk
|
||||||
gnutls 3.8.5-r0 apk
|
gnutls 3.8.5-r0 apk
|
||||||
google-api-core 2.19.2 python
|
google-api-core 2.20.0 python
|
||||||
google-api-python-client 2.144.0 python
|
google-api-python-client 2.146.0 python
|
||||||
google-auth 2.34.0 python
|
google-auth 2.35.0 python
|
||||||
google-auth-httplib2 0.2.0 python
|
google-auth-httplib2 0.2.0 python
|
||||||
googleapis-common-protos 1.65.0 python
|
googleapis-common-protos 1.65.0 python
|
||||||
gpg 2.4.5-r0 apk
|
gpg 2.4.5-r0 apk
|
||||||
@@ -128,13 +128,14 @@ gpgv 2.4.5-r0 apk
|
|||||||
httplib2 0.22.0 python
|
httplib2 0.22.0 python
|
||||||
icu-data-en 74.2-r0 apk
|
icu-data-en 74.2-r0 apk
|
||||||
icu-libs 74.2-r0 apk
|
icu-libs 74.2-r0 apk
|
||||||
idna 3.8 python
|
idna 3.10 python
|
||||||
importlib-metadata 8.0.0 python
|
importlib-metadata 8.0.0 python
|
||||||
importlib-resources 6.4.0 python
|
importlib-resources 6.4.0 python
|
||||||
inflect 7.3.1 python
|
inflect 7.3.1 python
|
||||||
iptables 1.8.10-r3 apk
|
iptables 1.8.10-r3 apk
|
||||||
iptables-legacy 1.8.10-r3 apk
|
iptables-legacy 1.8.10-r3 apk
|
||||||
isodate 0.6.1 python
|
isodate 0.6.1 python
|
||||||
|
jaraco-collections 5.1.0 python
|
||||||
jaraco-context 5.3.0 python
|
jaraco-context 5.3.0 python
|
||||||
jaraco-functools 4.0.1 python
|
jaraco-functools 4.0.1 python
|
||||||
jaraco-text 3.12.1 python
|
jaraco-text 3.12.1 python
|
||||||
@@ -150,7 +151,7 @@ libavif 1.0.4-r0 apk
|
|||||||
libbsd 0.12.2-r0 apk
|
libbsd 0.12.2-r0 apk
|
||||||
libbz2 1.0.8-r6 apk
|
libbz2 1.0.8-r6 apk
|
||||||
libcrypto3 3.3.2-r0 apk
|
libcrypto3 3.3.2-r0 apk
|
||||||
libcurl 8.9.1-r1 apk
|
libcurl 8.10.0-r0 apk
|
||||||
libdav1d 1.4.2-r0 apk
|
libdav1d 1.4.2-r0 apk
|
||||||
libedit 20240517.3.1-r0 apk
|
libedit 20240517.3.1-r0 apk
|
||||||
libevent 2.1.12-r7 apk
|
libevent 2.1.12-r7 apk
|
||||||
@@ -173,10 +174,10 @@ libmcrypt 2.5.8-r10 apk
|
|||||||
libmd 1.1.0-r0 apk
|
libmd 1.1.0-r0 apk
|
||||||
libmemcached-libs 1.1.4-r1 apk
|
libmemcached-libs 1.1.4-r1 apk
|
||||||
libmnl 1.0.5-r2 apk
|
libmnl 1.0.5-r2 apk
|
||||||
libncursesw 6.4_p20240420-r0 apk
|
libncursesw 6.4_p20240420-r1 apk
|
||||||
libnftnl 1.2.6-r0 apk
|
libnftnl 1.2.6-r0 apk
|
||||||
libpanelw 6.4_p20240420-r0 apk
|
libpanelw 6.4_p20240420-r1 apk
|
||||||
libpng 1.6.43-r0 apk
|
libpng 1.6.44-r0 apk
|
||||||
libpq 16.3-r0 apk
|
libpq 16.3-r0 apk
|
||||||
libproc2 4.0.4-r0 apk
|
libproc2 4.0.4-r0 apk
|
||||||
libpsl 0.21.5-r1 apk
|
libpsl 0.21.5-r1 apk
|
||||||
@@ -217,7 +218,7 @@ musl 1.2.5-r0 apk
|
|||||||
musl-utils 1.2.5-r0 apk
|
musl-utils 1.2.5-r0 apk
|
||||||
my-test-package 1.0 python
|
my-test-package 1.0 python
|
||||||
nano 8.0-r0 apk
|
nano 8.0-r0 apk
|
||||||
ncurses-terminfo-base 6.4_p20240420-r0 apk
|
ncurses-terminfo-base 6.4_p20240420-r1 apk
|
||||||
netcat-openbsd 1.226-r0 apk
|
netcat-openbsd 1.226-r0 apk
|
||||||
nettle 3.9.1-r0 apk
|
nettle 3.9.1-r0 apk
|
||||||
nghttp2-libs 1.62.1-r0 apk
|
nghttp2-libs 1.62.1-r0 apk
|
||||||
@@ -308,11 +309,11 @@ popt 1.19-r3 apk
|
|||||||
portalocker 2.10.1 python
|
portalocker 2.10.1 python
|
||||||
procps-ng 4.0.4-r0 apk
|
procps-ng 4.0.4-r0 apk
|
||||||
proto-plus 1.24.0 python
|
proto-plus 1.24.0 python
|
||||||
protobuf 5.28.0 python
|
protobuf 5.28.2 python
|
||||||
pyacmedns 0.4 python
|
pyacmedns 0.4 python
|
||||||
pyasn1 0.6.0 python
|
pyasn1 0.6.1 python
|
||||||
pyasn1-modules 0.4.0 python
|
pyasn1-modules 0.4.1 python
|
||||||
pyc 3.12.3-r2 apk
|
pyc 3.12.6-r0 apk
|
||||||
pycparser 2.22 python
|
pycparser 2.22 python
|
||||||
pyjwt 2.9.0 python
|
pyjwt 2.9.0 python
|
||||||
pynamecheap 0.0.3 python
|
pynamecheap 0.0.3 python
|
||||||
@@ -323,10 +324,10 @@ pyrfc3339 1.1 python
|
|||||||
python-dateutil 2.9.0.post0 python
|
python-dateutil 2.9.0.post0 python
|
||||||
python-digitalocean 1.17.0 python
|
python-digitalocean 1.17.0 python
|
||||||
python-transip 0.6.0 python
|
python-transip 0.6.0 python
|
||||||
python3 3.12.3-r2 apk
|
python3 3.12.6-r0 apk
|
||||||
python3-pyc 3.12.3-r2 apk
|
python3-pyc 3.12.6-r0 apk
|
||||||
python3-pycache-pyc0 3.12.3-r2 apk
|
python3-pycache-pyc0 3.12.6-r0 apk
|
||||||
pytz 2024.1 python
|
pytz 2024.2 python
|
||||||
pyyaml 6.0.2 python
|
pyyaml 6.0.2 python
|
||||||
readline 8.2.10-r0 apk
|
readline 8.2.10-r0 apk
|
||||||
requests 2.32.3 python
|
requests 2.32.3 python
|
||||||
@@ -335,7 +336,7 @@ requests-mock 1.12.1 python
|
|||||||
rsa 4.9 python
|
rsa 4.9 python
|
||||||
s3transfer 0.10.2 python
|
s3transfer 0.10.2 python
|
||||||
scanelf 1.3.7-r2 apk
|
scanelf 1.3.7-r2 apk
|
||||||
setuptools 74.1.2 python
|
setuptools 75.1.0 python
|
||||||
shadow 4.15.1-r0 apk
|
shadow 4.15.1-r0 apk
|
||||||
six 1.16.0 python
|
six 1.16.0 python
|
||||||
skalibs 2.14.1.1-r0 apk
|
skalibs 2.14.1.1-r0 apk
|
||||||
@@ -347,10 +348,10 @@ tldextract 5.1.2 python
|
|||||||
tomli 2.0.1 python
|
tomli 2.0.1 python
|
||||||
typeguard 4.3.0 python
|
typeguard 4.3.0 python
|
||||||
typing-extensions 4.12.2 python (+1 duplicate)
|
typing-extensions 4.12.2 python (+1 duplicate)
|
||||||
tzdata 2024a-r1 apk
|
tzdata 2024b-r0 apk
|
||||||
unixodbc 2.3.12-r0 apk
|
unixodbc 2.3.12-r0 apk
|
||||||
uritemplate 4.1.1 python
|
uritemplate 4.1.1 python
|
||||||
urllib3 2.2.2 python
|
urllib3 2.2.3 python
|
||||||
utmps-libs 0.1.2.2-r1 apk
|
utmps-libs 0.1.2.2-r1 apk
|
||||||
wheel 0.43.0 python
|
wheel 0.43.0 python
|
||||||
wheel 0.44.0 python
|
wheel 0.44.0 python
|
||||||
|
|||||||
0
root/app/le-renew.sh
Executable file → Normal file
0
root/app/le-renew.sh
Executable file → Normal file
2
root/defaults/etc/letsencrypt/renewal-hooks/deploy/10-default
Executable file → Normal file
2
root/defaults/etc/letsencrypt/renewal-hooks/deploy/10-default
Executable file → Normal file
@@ -1,9 +1,7 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
# Notice: This file will be overwritten when updated by lsio. Add your custom scripts into a new file in this folder.
|
|
||||||
|
|
||||||
cd /config/keys/letsencrypt || exit 1
|
cd /config/keys/letsencrypt || exit 1
|
||||||
echo "**** Generating pfx and fullchain bundle certs ****"
|
|
||||||
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
|
||||||
sleep 1
|
sleep 1
|
||||||
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem
|
||||||
|
|||||||
3
root/defaults/etc/letsencrypt/renewal-hooks/post/10-nginx
Executable file → Normal file
3
root/defaults/etc/letsencrypt/renewal-hooks/post/10-nginx
Executable file → Normal file
@@ -1,18 +1,15 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
# Notice: This file will be overwritten when updated by lsio. Add your custom scripts into a new file in this folder.
|
|
||||||
|
|
||||||
# shellcheck source=/dev/null
|
# shellcheck source=/dev/null
|
||||||
. /config/.donoteditthisfile.conf
|
. /config/.donoteditthisfile.conf
|
||||||
|
|
||||||
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
|
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
|
||||||
if pgrep -f "s6-supervise svc-nginx" >/dev/null; then
|
if pgrep -f "s6-supervise svc-nginx" >/dev/null; then
|
||||||
echo "**** Starting Nginx ****"
|
|
||||||
s6-svc -u /run/service/svc-nginx
|
s6-svc -u /run/service/svc-nginx
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if pgrep -f "nginx:" >/dev/null; then
|
if pgrep -f "nginx:" >/dev/null; then
|
||||||
echo "**** Reloading Nginx to load the new cert ****"
|
|
||||||
s6-svc -h /run/service/svc-nginx
|
s6-svc -h /run/service/svc-nginx
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|||||||
2
root/defaults/etc/letsencrypt/renewal-hooks/pre/10-nginx
Executable file → Normal file
2
root/defaults/etc/letsencrypt/renewal-hooks/pre/10-nginx
Executable file → Normal file
@@ -1,13 +1,11 @@
|
|||||||
#!/usr/bin/with-contenv bash
|
#!/usr/bin/with-contenv bash
|
||||||
# shellcheck shell=bash
|
# shellcheck shell=bash
|
||||||
# Notice: This file will be overwritten when updated by lsio. Add your custom scripts into a new file in this folder.
|
|
||||||
|
|
||||||
# shellcheck source=/dev/null
|
# shellcheck source=/dev/null
|
||||||
. /config/.donoteditthisfile.conf
|
. /config/.donoteditthisfile.conf
|
||||||
|
|
||||||
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
|
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
|
||||||
if pgrep -f "nginx:" >/dev/null; then
|
if pgrep -f "nginx:" >/dev/null; then
|
||||||
echo "**** Stopping Nginx in preparation of cert generation/renewal ****"
|
|
||||||
s6-svc -d /run/service/svc-nginx
|
s6-svc -d /run/service/svc-nginx
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|||||||
@@ -68,9 +68,14 @@ lsiown -R abc:abc /config/dns-conf
|
|||||||
|
|
||||||
# copy default renewal hooks
|
# copy default renewal hooks
|
||||||
chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
|
chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
|
||||||
cp -Rf /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/ 2> >(grep -v 'cp: not replacing')
|
cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/ 2> >(grep -v 'cp: not replacing')
|
||||||
lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
|
lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
|
||||||
|
|
||||||
|
# replace nginx service location in renewal hooks
|
||||||
|
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
|
||||||
|
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
|
||||||
|
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|s6-supervise nginx|s6-supervise svc-nginx|g' {} \;
|
||||||
|
|
||||||
# create original config file if it doesn't exist, move non-hidden legacy file to hidden
|
# create original config file if it doesn't exist, move non-hidden legacy file to hidden
|
||||||
if [[ -f "/config/donoteditthisfile.conf" ]]; then
|
if [[ -f "/config/donoteditthisfile.conf" ]]; then
|
||||||
mv /config/donoteditthisfile.conf /config/.donoteditthisfile.conf
|
mv /config/donoteditthisfile.conf /config/.donoteditthisfile.conf
|
||||||
|
|||||||
Reference in New Issue
Block a user