RuhNetConsulting
/
getssl
mirror of https://github.com/srvrco/getssl
1
0
Fork 0
Code Issues 0 Projects 0 Releases 51 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1138 Commits
14 Branches
15 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
getssl/test/test-config/getssl-dns01.cfg

60 lines
2.2 KiB
Raw Permalink Blame History

# Test that the script works with dns
VALIDATE_VIA_DNS=true
# Speed up the test by reducing the number or retries and the wait between retries.
DNS_WAIT=2
DNS_WAIT_COUNT=11
DNS_EXTRA_WAIT=0
if [ -z "$STAGING" ]; then
# Settings for challtestserv dns provider running in local docker
CA="https://pebble:14000/dir"
DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_challtestsrv"
DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_challtestsrv"
AUTH_DNS_SERVER=10.30.50.3
else
# Settings for external dns provider and staging server
CA="https://acme-staging-v02.api.letsencrypt.org/directory"
# Re-use the account key when calling the staging server (otherwise hit limits)
ACCOUNT_KEY="${HOME}/account.key"
DEACTIVATE_AUTH="true"
DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_${dynamic_dns}"
DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_${dynamic_dns}"
PUBLIC_DNS_SERVER="8.8.8.8" # resolver1.infoserve.de"
if [[ "${dynamic_dns}" == "dynu" ]]; then
AUTH_DNS_SERVER=ns1.dynu.com
elif [[ "${dynamic_dns}" != "acmedns" ]]; then
AUTH_DNS_SERVER=ns1.duckdns.org
fi
CHECK_ALL_AUTH_DNS="true"
CHECK_PUBLIC_DNS_SERVER="true"
if [[ "${dynamic_dns}" != "acmedns" ]]; then
DNS_WAIT=30
DNS_WAIT_COUNT=20
DNS_EXTRA_WAIT=120
fi
fi
# Additional domains - this could be multiple domains / subdomains in a comma separated list
SANS=""
# Location for all your certs, these can either be on the server (full path name)
# or using ssh /sftp as for the ACL
DOMAIN_CERT_LOCATION="/etc/nginx/pki/server.crt"
DOMAIN_KEY_LOCATION="/etc/nginx/pki/private/server.key"
CA_CERT_LOCATION="/etc/nginx/pki/chain.crt"
DOMAIN_CHAIN_LOCATION="" # this is the domain cert and CA cert
DOMAIN_PEM_LOCATION="" # this is the domain_key, domain cert and CA cert
# The command needed to reload apache / nginx or whatever you use
RELOAD_CMD="cp /getssl/test/test-config/nginx-ubuntu-ssl ${NGINX_CONFIG} && /getssl/test/restart-nginx"
# Define the server type and confirm correct certificate is installed
SERVER_TYPE="https"
CHECK_REMOTE="true"
if [[ -s "$DOMAIN_DIR/getssl_test_specific.cfg" ]]; then
. $DOMAIN_DIR/getssl_test_specific.cfg
fi