summaryrefslogtreecommitdiffstats
path: root/dehydrated (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-02-19Completely stop and start apache in dehydrated hook to ensure OCSP renewals.Daniel Baumann1-1/+2
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-11-22Adding dehydrated hook to cleanup extra files.Daniel Baumann1-0/+77
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-11-22Using shortnames for extra certificates in dehydrated extra hooks.Daniel Baumann2-22/+19
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-11-22Using certdir variable in dehydrated hook instead of hardcoded path.Daniel Baumann1-4/+4
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-11-08Correcting cosmetic typo in dehydrated extra-cert hook output.Daniel Baumann1-2/+2
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-10-30Improving CA filename prefix in dehydrated deploy_cert.extra hook.Daniel Baumann1-4/+4
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-10-30Improving comment in dehydrated deploy_cert.chrony hook.Daniel Baumann1-1/+1
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-10-30Correcting file handling errors in dehydrated deploy_cert.extra hook.Daniel Baumann1-3/+3
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-10-28Providing individual root and intermediate certificate files in dehydrated ↵Daniel Baumann1-3/+18
extra hook. Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-10-04Updating dehydrated TODO file.Daniel Baumann1-2/+1
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-09-06Updating dig alternative handling similar to nsupdate for consistency.Daniel Baumann1-2/+12
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-09-06Temporarily passing tsig string to bind in dehydrated-nsupdate to unbreak ↵Daniel Baumann1-3/+21
bind support, bind requires a different keyfile format as knot. Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-09-06Improving wording of TSIG lookup hierarchy in dehydrated-nsupdate.1.Daniel Baumann1-1/+1
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-07-07Reworking fix-permission dehydrated hook.Daniel Baumann1-6/+4
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-07-07Reworking service-reload dehydrated hook.Daniel Baumann1-27/+73
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-07-07Adding postfix to service-reload dehydrated hook.Daniel Baumann1-0/+9
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-07-07Reworking chrony workaround (#1013882) now that we know it's going to be ↵Daniel Baumann2-12/+5
permanent. Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-07-07Merging the different extra certificate files into one dehydrated hook ↵Daniel Baumann4-61/+25
handling all extra copies. Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-07-04Adding privkey-fullchain hooks as used by postfix for dehydrated.Daniel Baumann2-0/+55
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-26Adding dehydrated hook to workaround certificate handling in chrony (#1013882).Daniel Baumann1-0/+42
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-25Updating dehydrated-tools TODO file.Daniel Baumann1-0/+1
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-14Updating dehydrated-tools TODO file.Daniel Baumann1-3/+1
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-14Completing existing dehydrated-tools manpages.Daniel Baumann3-79/+133
Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-14Handling comments in TSIG keyfiles in dehydrated-nsupdate to support ↵Daniel Baumann1-1/+4
disabling TSIG for individual records. Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-14Adding support for individual TSIG files per record, zone, and nameserver ↵Daniel Baumann1-5/+30
rather than having one global key for all updates in dehydrated-nsupdate. Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
2022-06-14Adding quotes arround some variables in dehydrated-tools to prevent globbing ↵Daniel Baumann2-6/+6
and word splitting. Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-06-11Only restarting kresd in dehydrated exit_hook.service-reload if tls is ↵Daniel Baumann1-1/+1
configured. Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-06-05Handling ipv4-only/ipv6-only nameservers on ipv4-only/ipv6-only systems.Daniel Baumann2-3/+35
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-05-07Updating dehydrated todo file.Daniel Baumann1-0/+1
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-04-30Restarting kresd threads only if at least one exists to support building ↵Daniel Baumann1-10/+13
chroots in dehydrated service-reload hook. Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-04-30Avoid failing if /var/lib/dehydrated/certs doesn't exist in dehydrated ↵Daniel Baumann1-0/+5
fix-permissions hook. Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-04-14Using a variable to keep the list of services to restart in dehydrated hook ↵Daniel Baumann1-1/+3
for easier readability. Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-04-14Adding knot-resolver handling in dehydrated service-reload hook.Daniel Baumann1-0/+15
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-04-14Adding knot to list of services to restart in dehydrated hook.Daniel Baumann1-1/+1
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-01-05Temporarily reverting json support in dehydrated-nsupdate, not ready just yet.Daniel Baumann2-43/+4
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2022-01-05Updating copyright notices for 2022.Daniel Baumann13-13/+13
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Adding reference to dehydrated.log in dehydrated-cron manpage.Daniel Baumann1-0/+3
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Harmonizing dehydrated manpage Makefile.Daniel Baumann1-3/+3
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Completing clean targets in dehydrated Makefile.Daniel Baumann1-1/+2
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Updating dehydrated TODO file.Daniel Baumann1-0/+3
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Adding support for kdigs out-of-tree json output to dehydrated-nsupdate.Daniel Baumann2-4/+43
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Running dehydrated with keep-going to ensure as much certificates are ↵Daniel Baumann1-1/+1
fetched as possible. Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-12-31Using long-options for dehydrated in its cronjob.Daniel Baumann1-2/+2
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-28Actually run dehydrated in dehydrated-cron.Daniel Baumann1-0/+3
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-07Handling IDN domains in dehydrated-nsupdate by not expanding the punycode.Daniel Baumann2-2/+5
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-07Updating dehydrated todo file.Daniel Baumann1-1/+2
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-07Adding initial dehydrated-cron manpage.Daniel Baumann3-0/+86
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-07Adding initial dehydrated-nsupdate manpage.Daniel Baumann2-1/+118
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-07Adding initial dehydrated-hook manpage.Daniel Baumann1-0/+109
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>
2021-09-07Adding manpage tooling for dehydrated-tools.Daniel Baumann3-1/+98
Signed-off-by: Daniel Baumann <mail@daniel-baumann.ch>