Skip to content

Add a subdirectory glob for pem-dir, allow use under frontend config sections #294

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add a subdirectory glob for pem-dir, allow use under frontend config sections #294

wants to merge 1 commit into from

Conversation

@dmz-uk
Copy link

@dmz-uk dmz-uk commented Jan 16, 2019

Adds a new configuration option pem-dir-subdir-glob, which will (recursively) drag in matching subdirectories when scanning pem-dir. The semantics may not be great (matches directory name not full path), but it makes it a relatively simple change.

e.g.
pem-dir "/etc/hitch/pem.d"
pem-dir-subdir-glob "conf.d"
will also scan all subdirectories under /etc/hitch/pem.d named conf.d for pem files, "*" is generally more useful to include all subdirectories.

The change also allows pem-dir / pem-dir-glob / pem-dir-subdir-glob to be used inside frontend configuration sections.

@dmz-uk
Copy link
Author

dmz-uk commented Jan 22, 2019

Couldn't replicate the test failure using gcc, but as reported elsewhere am getting test06-ticket-resume.sh failure on build with or without this change, which is a known issue?

@dmz-uk dmz-uk mentioned this pull request Feb 4, 2019
Open
@blakilox
Copy link

blakilox commented Jan 21, 2020

I tried for hours to get this to match pem files like
/etc/letsencrypt/live/myfirstdomain.com/hitch-bundle.pem
/etc/letsencrypt/live/myseconddomain.com/hitch-bundle.pem

for instance hitch.conf
pem-dir = "/etc/letsencrypt/live/"
pem-dir-glob = ".pem"
pem-dir-subdir-glob = ""

manually adding the pem file lines it works fine
It would be very nice if it could scan through the letsencrypt/live folder subdirectories for bundled pem files
Hmmm thanks

@dmz-uk
Copy link
Author

dmz-uk commented Jan 21, 2020
edited
Loading

I tried for hours to get this to match pem files like
/etc/letsencrypt/live/myfirstdomain.com/hitch-bundle.pem
/etc/letsencrypt/live/myseconddomain.com/hitch-bundle.pem

for instance hitch.conf
pem-dir = "/etc/letsencrypt/live/"
pem-dir-glob = ".pem" pem-dir-subdir-glob = ""

manually adding the pem file lines it works fine
It would be very nice if it could scan through the letsencrypt/live folder subdirectories for bundled pem files
Hmmm thanks

I don't know what to say -- we are using this and it scans subdirectories successfully, could it be the trailing /?

pem-dir = "/etc/letsencrypt/live"
pem-dir-glob = "*.pem"
pem-dir-subdir-glob="*"

@blakilox
Copy link

blakilox commented Jan 22, 2020
edited
Loading

Thanks dmz-uk eventually I got it to work, as you advised above I needed that *.pem
I could not get it to match my hitch bundles until I renamed them with the domain name, this probably stands to reason
(it made more sense for me to create a post-hook script in letsencrypt to do that re-naming and have it put all the files into a single directory (I used etc/letsencrypt/active for my certs)
it did not need the training slash in the pem-dir
so I ended up with like
pem-dir = "/etc/letsencrypt/active"
pem-dir-glob = "star.pem"
(This editor seems not to let me put a star, lol )
Anyway Cheers for your help you pointed me the right way thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dmz-uk @blakilox