From 707fca91ce64b098f3bc55721f630b6822d48bd8 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rapha=C3=ABl=20Gertz?= Date: Wed, 5 Apr 2017 22:23:51 +0200 Subject: [PATCH] Add man page documentation Fix package name Rename to acme prefixed command name Email change --- Acme.pm | 4 ++-- letscert => acmecert | 4 ++-- acmecert.1 | 31 +++++++++++++++++++++++++++++++ letsconf => acmeconf | 11 +++++++---- acmeconf.1 | 31 +++++++++++++++++++++++++++++++ letscron => acmecron | 24 +++++++++++++++++++----- acmecron.1 | 17 +++++++++++++++++ 7 files changed, 109 insertions(+), 13 deletions(-) rename letscert => acmecert (92%) create mode 100644 acmecert.1 rename letsconf => acmeconf (94%) create mode 100644 acmeconf.1 rename letscron => acmecron (87%) create mode 100644 acmecron.1 diff --git a/Acme.pm b/Acme.pm index bff7def..2ce7e03 100644 --- a/Acme.pm +++ b/Acme.pm @@ -15,8 +15,8 @@ # # Copyright (C) 2016 - 2017 Raphaël Gertz -# acme package -package acme; +# Acme package +package Acme; # Best practice use strict; diff --git a/letscert b/acmecert similarity index 92% rename from letscert rename to acmecert index 7c843c6..f8694cb 100755 --- a/letscert +++ b/acmecert @@ -13,7 +13,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . # -# Copyright (C) 2016 - 2017 Raphaël Gertz +# Copyright (C) 2016 - 2017 Raphaël Gertz # Best practice use strict; @@ -44,7 +44,7 @@ if (scalar(@ARGV) < 2) { } # Create new object -my $acme = acme->new(shift @ARGV, $debug, $prod, @ARGV); +my $acme = Acme->new(shift @ARGV, $debug, $prod, @ARGV); # Prepare environement $acme->prepare(); diff --git a/acmecert.1 b/acmecert.1 new file mode 100644 index 0000000..cbacb9b --- /dev/null +++ b/acmecert.1 @@ -0,0 +1,31 @@ +.\" Manpage for acmecert. +.\" Contact acme@rapsys.eu to correct errors or typos. +.TH man 1 "05 Apr 2017" "0.7" "acmecert man page" +.SH NAME +acmecert \- generate a single certificate +.SH SYNOPSIS +acmecert [-(r|-redhat|d|-debian)] [example.com[,www.example.com,...]] [...] +.SH DESCRIPTION +acmecert is a basic script generating a single certificate based on parameters. +.SH OPTIONS +The acmecert takes options. + +Use -d for debug directive. + +Use -p for production mode. + +These directives require to be followed by an email address and the domain and alternative domain list. +.SH EXAMPLE 1 +.TP +.B acmecert -d webmaster@example.com example.com www.example.com ssl.example.com +will generate a certificate for example.com with www.example.com and ssl.example.com alternatives domains with debug mode active. +.SH EXAMPLE 2 +.TP +.B acmecert -p webmaster@example.com example.com www.example.com ssl.example.com +will generate a certificate for example.com with www.example.com and ssl.example.com alternatives domains with production mode active. +.SH SEE ALSO +acmecron(1),acmecert(1) +.SH BUGS +No known bugs. +.SH AUTHOR +Raphaël Gertz (rapsys) diff --git a/letsconf b/acmeconf similarity index 94% rename from letsconf rename to acmeconf index cc0f077..c5b9134 100755 --- a/letsconf +++ b/acmeconf @@ -13,7 +13,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . # -# Copyright (C) 2016 - 2017 Raphaël Gertz +# Copyright (C) 2016 - 2017 Raphaël Gertz # Best practice use strict; @@ -26,9 +26,6 @@ use Tie::IxHash; # Load POSIX use POSIX qw(EXIT_SUCCESS EXIT_FAILURE); -# XXX: Debug -use Data::Dumper; - # Init redhat my @redhat = (); @@ -91,6 +88,9 @@ for my $key (@redhat) { # Private key #XXX: required key => '/etc/pki/tls/private/'.$domain.'.pem', + # Private account key + #XXX: required + account => '/etc/acme/account.pem', # Mail address #XXX: required mail => 'webmaster@'.$domain, @@ -118,6 +118,9 @@ for my $key (@debian) { # Private key #XXX: required key => '/etc/ssl/private/'.$domain.'.key', + # Private account key + #XXX: required + account => '/etc/acme/account.pem', # Mail address #XXX: required mail => 'webmaster@'.$domain, diff --git a/acmeconf.1 b/acmeconf.1 new file mode 100644 index 0000000..4fdc92a --- /dev/null +++ b/acmeconf.1 @@ -0,0 +1,31 @@ +.\" Manpage for acmeconf. +.\" Contact acme@rapsys.eu to correct errors or typos. +.TH man 1 "05 Apr 2017" "0.7" "acmeconf man page" +.SH NAME +acmeconf \- create a new configuration template +.SH SYNOPSIS +acmeconf [-(r|-redhat|d|-debian)] [example.com[,www.example.com,...]] [...] +.SH DESCRIPTION +acmeconf is a basic script generating a template configuration for generating letsencrypt certificate. +.SH OPTIONS +The acmeconf takes options. + +Use -r or --redhat directive for a distribution using redhat certificate path (/etc/pki/tls). + +Use -d or --debian for a distribution using debian like certificate base path (/etc/ssl). + +These directives can be followed by domain and alternative(s) domain(s) list each separated by a coma, the first one of the list will be used as principal domain name. +.SH EXAMPLE 1 +.TP +.B acmeconf -r example.com,www.example.com,ssl.example.com > /etc/acme/config +will generate redhat like template configuration file for example.com as principal domain and www.example.com with ssl.example.com as alternatives domains. +.SH EXAMPLE 2 +.TP +.B acmeconf -r example.com,www.example.com -r webmail.example.com,imap.example.com,smtp.example.com | sudo tee /etc/acme/config +will generate redhat like template configuration file for example.com as principal domain and www.example.com with ssl.example.com as alternatives domains and an other one for the mail.example.com domain with example.com and smtp.example.com as alternatives domain. +.SH SEE ALSO +acmecron(1),acmecert(1) +.SH BUGS +No known bugs. +.SH AUTHOR +Raphaël Gertz (rapsys) diff --git a/letscron b/acmecron similarity index 87% rename from letscron rename to acmecron index 9a96355..0ffeaad 100755 --- a/letscron +++ b/acmecron @@ -13,7 +13,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . # -# Copyright (C) 2016 - 2017 Raphaël Gertz +# Copyright (C) 2016 - 2017 Raphaël Gertz # Best practice use strict; @@ -31,7 +31,7 @@ use File::Spec; use File::Slurp qw(read_file write_file); use JSON qw(decode_json); use IPC::System::Simple qw(capturex $EXITVAL); -use Acme qw(CERT_DIR CONFIG DS KEY_DIR SERVER_CRT SERVER_KEY); +use Acme qw(CERT_DIR CONFIG DS KEY_DIR SERVER_CRT SERVER_KEY ACCOUNT_KEY); # Load POSIX use POSIX qw(strftime EXIT_SUCCESS EXIT_FAILURE); @@ -119,6 +119,20 @@ foreach (@{$config->{certificates}}) { next; } + # Unlink if is a symlink + if (-l KEY_DIR.DS.ACCOUNT_KEY) { + unless(unlink(KEY_DIR.DS.ACCOUNT_KEY)) { + carp('unlink '.KEY_DIR.DS.ACCOUNT_KEY.' failed: '.$!); + next; + } + } + + # Symlink to key + unless(symlink($_->{account}, KEY_DIR.DS.ACCOUNT_KEY)) { + carp('symlink '.$_->{account}.' to '.KEY_DIR.DS.ACCOUNT_KEY.' failed: '.$!); + next; + } + # Init args my @args = @{$_->{domains}}; @@ -135,13 +149,13 @@ foreach (@{$config->{certificates}}) { unshift(@args, '-d'); } - # Run letscert with args - my @out = capturex([0..1], 'letscert', @args); + # Run acmecert with args + my @out = capturex([0..1], 'acmecert', @args); # Deal with error if ($EXITVAL != 0) { print join("\n", @out) if ($debug); - carp('letscert '.join(', ', @args).' failed: '.$!); + carp('acmecert '.join(', ', @args).' failed: '.$!); next; } diff --git a/acmecron.1 b/acmecron.1 new file mode 100644 index 0000000..f4d36ab --- /dev/null +++ b/acmecron.1 @@ -0,0 +1,17 @@ +.\" Manpage for acmecron. +.\" Contact acme@rapsys.eu to correct errors or typos. +.TH man 1 "05 Apr 2017" "0.7" "acmecron man page" +.SH NAME +acmecron \- generate all certificate listed in configuration file if required +.SH SYNOPSIS +acmecron [-d] +.SH DESCRIPTION +acmecron is a basic script generating all certificate listed in configuration if not present or older than 60 days. It will run acmecert with right options for every listed certificate if required. +.SH OPTIONS +The acmeconf takes one option for enabling debug mode. +.SH SEE ALSO +acmeconf(1),acmecert(1) +.SH BUGS +No known bugs. +.SH AUTHOR +Raphaël Gertz (rapsys) -- 2.41.1