Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Simplify installation using a script #4

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open

Simplify installation using a script #4

wants to merge 10 commits into from

Conversation

Alphix
Copy link
Contributor

@Alphix Alphix commented Oct 24, 2022

Here's a bunch of patches which simplify the installation by providing an installation script.

Also, some bugfixes (2 first patches, should be applied whether you agree with the rest of the PR or not)

Added features:

  • short hostnames (turris) will be redirected to the FQDN (turris.example.com)
  • acme.sh is used via the webroot functionality instead of standalone (which means no messing with default turris files or disabling port 80)
  • connections on port 80 (except letsencrypt) will be redirected to https
  • no messing with the files below /root
  • self-contained installation directory
  • acme.sh is provided by a git submodule
  • uninstallation script

Alphix added 10 commits October 23, 2022 12:13
@Alphix
Add ssl.ca-file directive to lighttp config
d533d93 
Turns out that it is expected by some clients (for example, wget expects
it, while Chrome does just fine without).
@Alphix
Fix set-default-ca invocation for acme.sh
946c5a8 
Turns out that "install" and "set-default-ca" are separate actions and
that only one can be performed per acme.sh invocation (I missed this
because acme.sh was already installed when testing).
@Alphix
Switch from standalone to webroot
d7e1685 
Using the webroot support in acme.sh means that it is not necessary
to stop lighttpd from listening on port 80, which simplifies
the configuration.
@Alphix
Add support for short hostnames
28f590f 
Automatically redirect e.g. "turris" -> "turris.example.com".

Also simplify the README by merging two steps.
@Alphix
Add acme.sh submodule
af7cd41 
This makes the installation process simpler.
@Alphix
Add --no-profile to acme.sh installation command
3a8bbba 
Not messing with files under /root seems to be a saner default.
@Alphix
Move default acme installation below the turris-omnia-tls directory
29d181f 
This makes the turris-omnia-tls directory self-contained and
reduces the clutter below /srv.
@Alphix
Add installation script
81a400a 
The README.md instructions are fine....automation is even better :D
@Alphix
Use a custom crontab
a8bf946 
Using a custom crontab instead of messing with root's crontab makes
installation/uninstallation easier.
@Alphix
Add an uninstallation script
1958ea9
@Alphix
Copy link
Contributor Author

Alphix commented Mar 21, 2023

@davidjb: ping?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Alphix