From 4eba712b102740666fff6bd0f9c69ef6b56dfecb Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 16 Aug 2023 16:15:41 -0400 Subject: [PATCH 01/14] Add compose V2 support to letsencrypt container --- helpers/template.py | 7 +++++++ templates/nginx-certbot/init-letsencrypt.sh.tpl | 12 ++++++------ 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/helpers/template.py b/helpers/template.py index 84d91cc..8ccf622 100644 --- a/helpers/template.py +++ b/helpers/template.py @@ -317,6 +317,13 @@ def _get_value(property_, true_value='', false_value='#', if config.local_install else _get_value('service_account_whitelisted_hosts') ), + 'DOCKER_COMPOSE_CMD': _get_value( + 'compose_version', 'docker-compose', 'docker', 'v1' + ), + # Keep leading space in front of suffix if any + 'DOCKER_COMPOSE_SUFFIX': _get_value( + 'compose_version', '', ' compose', 'v1' + ) } @staticmethod diff --git a/templates/nginx-certbot/init-letsencrypt.sh.tpl b/templates/nginx-certbot/init-letsencrypt.sh.tpl index a05acb4..3d2b1f6 100644 --- a/templates/nginx-certbot/init-letsencrypt.sh.tpl +++ b/templates/nginx-certbot/init-letsencrypt.sh.tpl @@ -9,7 +9,7 @@ DATA_PATH="./data/certbot" EMAIL="" # Adding a valid address is strongly recommended STAGING=0 # Set to 1 if you're testing your setup to avoid hitting request limits MKDIR_CMD=$$(which mkdir) -DOCKER_COMPOSE_CMD=$$(which docker-compose) +DOCKER_COMPOSE_CMD="$$(which ${DOCKER_COMPOSE_CMD})" CURL_CMD=$$(which curl) @@ -31,7 +31,7 @@ fi echo "### Creating dummy certificate for $${DOMAINS_CSV} ..." DOMAINS_PATH="/etc/letsencrypt/live/$$DOMAINS" $$MKDIR_CMD -p "$$DATA_PATH/conf/live/$$DOMAINS" -$$DOCKER_COMPOSE_CMD run --rm --entrypoint "\ +$$DOCKER_COMPOSE_CMD ${DOCKER_COMPOSE_SUFFIX} run --rm --entrypoint "\ openssl req -x509 -nodes -newkey rsa:1024 -days 1\ -keyout '$$DOMAINS_PATH/privkey.pem' \ -out '$$DOMAINS_PATH/fullchain.pem' \ @@ -40,11 +40,11 @@ echo echo "### Starting nginx ..." -$$DOCKER_COMPOSE_CMD up --force-recreate -d nginx_ssl_proxy +$$DOCKER_COMPOSE_CMD ${DOCKER_COMPOSE_SUFFIX} up --force-recreate -d nginx_ssl_proxy echo echo "### Deleting dummy certificate for $${DOMAINS_CSV} ..." -$$DOCKER_COMPOSE_CMD run --rm --entrypoint "\ +$$DOCKER_COMPOSE_CMD ${DOCKER_COMPOSE_SUFFIX} run --rm --entrypoint "\ rm -Rf /etc/letsencrypt/live/$$DOMAINS && \ rm -Rf /etc/letsencrypt/archive/$$DOMAINS && \ rm -Rf /etc/letsencrypt/renewal/$$DOMAINS.conf" certbot @@ -67,7 +67,7 @@ esac # Enable staging mode if needed if [ $$STAGING != "0" ]; then STAGING_ARG="--staging"; fi -$$DOCKER_COMPOSE_CMD run --rm --entrypoint "\ +$$DOCKER_COMPOSE_CMD ${DOCKER_COMPOSE_SUFFIX} run --rm --entrypoint "\ certbot certonly --webroot -w /var/www/certbot \ $$STAGING_ARG \ $$EMAIL_ARG \ @@ -78,4 +78,4 @@ $$DOCKER_COMPOSE_CMD run --rm --entrypoint "\ echo echo "### Reloading nginx ..." -$$DOCKER_COMPOSE_CMD exec nginx_ssl_proxy nginx -s reload +$$DOCKER_COMPOSE_CMD ${DOCKER_COMPOSE_SUFFIX} exec nginx_ssl_proxy nginx -s reload From 0a25594d533c1c75f48cd1c0d4aad2f4680c652f Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 13 Sep 2023 09:46:08 -0400 Subject: [PATCH 02/14] Update README --- readme.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/readme.md b/readme.md index e0a6595..58909f5 100644 --- a/readme.md +++ b/readme.md @@ -147,9 +147,9 @@ User can choose between 2 types of installations: ## Requirements - Linux 5 / macOS 6 -- Python 3.7+ -- [Docker](https://www.docker.com/get-started "") & [Docker Compose](https://docs.docker.com/compose/install/ "") -- Available TCP Ports: 7 +- Python 3.8+ +- [Docker](https://www.docker.com/get-started "") 7 +- Available TCP Ports: 8 1. 80 NGINX 1. 443 NGINX (if you use kobo-install with LetsEncrypt proxy) @@ -163,11 +163,13 @@ User can choose between 2 types of installations: - _If you use a firewall, be sure to open traffic publicly on NGINX port, otherwise kobo-install cannot work_ - _By default, additional ports are not exposed except when using multi servers configuration. If you choose to expose them, **be sure to not expose them publicly** (e.g. use a firewall and allow traffic between front-end and back-end containers only. NGINX port still has to stay publicly opened though)._ -5) _It has been tested with Ubuntu 14.04, 16.04 and 18.04, CentOS 8_ +5) _It has been tested with Ubuntu 18.04, 20.04 and 22.04_ 6) _Docker on macOS is slow. First boot usually takes a while to be ready. You may have to answer `Yes` once or twice to question `Wait for another 600 seconds?` when prompted_ -7) _These are defaults but can be customized with advanced options_ +7) _Compose V1 is still supported but reached its EOL_ + +8) _These are defaults but can be customized with advanced options_ ## Tests From 9692acc0a60f83358ead637e8364631171c92e03 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 13 Sep 2023 12:38:30 -0400 Subject: [PATCH 03/14] Remove leading space on compose suffix --- helpers/template.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/template.py b/helpers/template.py index 8ccf622..0814152 100644 --- a/helpers/template.py +++ b/helpers/template.py @@ -322,7 +322,7 @@ def _get_value(property_, true_value='', false_value='#', ), # Keep leading space in front of suffix if any 'DOCKER_COMPOSE_SUFFIX': _get_value( - 'compose_version', '', ' compose', 'v1' + 'compose_version', '', 'compose', 'v1' ) } From 9eb6ecd5c0c09be0b605a72903423d4c2dbcd004 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 13 Sep 2023 15:11:24 -0400 Subject: [PATCH 04/14] Fix restart letsencrypt when running setup with existing installs --- helpers/command.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/helpers/command.py b/helpers/command.py index 61b84e7..8063d03 100644 --- a/helpers/command.py +++ b/helpers/command.py @@ -374,10 +374,11 @@ def start(cls, frontend_only=False, force_setup=False): # Let's Encrypt NGINX container needs kobo-docker NGINX # container to be started first config.init_letsencrypt() - else: - proxy_command = run_docker_compose(dict_, ['up', '-d']) - CLI.run_command(proxy_command, - config.get_letsencrypt_repo_path()) + + proxy_command = run_docker_compose(dict_, ['up', '-d']) + CLI.run_command( + proxy_command, config.get_letsencrypt_repo_path() + ) if dict_['maintenance_enabled']: CLI.colored_print( From b0754ee2c4b5c716d1d38cf8ffa65da810a3faae Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 13 Sep 2023 16:09:53 -0400 Subject: [PATCH 05/14] Check from domains folder when renewing certificate --- templates/nginx-certbot/init-letsencrypt.sh.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/nginx-certbot/init-letsencrypt.sh.tpl b/templates/nginx-certbot/init-letsencrypt.sh.tpl index 3d2b1f6..87e8d33 100644 --- a/templates/nginx-certbot/init-letsencrypt.sh.tpl +++ b/templates/nginx-certbot/init-letsencrypt.sh.tpl @@ -13,7 +13,7 @@ DOCKER_COMPOSE_CMD="$$(which ${DOCKER_COMPOSE_CMD})" CURL_CMD=$$(which curl) -if [ -d "$$DATA_PATH" ]; then +if [ -d "$$DATA_PATH/conf/live/$$DOMAINS" ]; then read -p "Existing data found for $$DOMAINS_CSV. Continue and replace existing certificate? (y/N) " decision if [ "$$decision" != "Y" ] && [ "$$decision" != "y" ]; then exit From 7c399483d8727aa3019ab10c7b8b3801ea02a7c3 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 13 Sep 2023 16:30:56 -0400 Subject: [PATCH 06/14] Typo in README --- readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/readme.md b/readme.md index 58909f5..367d4ed 100644 --- a/readme.md +++ b/readme.md @@ -167,7 +167,7 @@ User can choose between 2 types of installations: 6) _Docker on macOS is slow. First boot usually takes a while to be ready. You may have to answer `Yes` once or twice to question `Wait for another 600 seconds?` when prompted_ -7) _Compose V1 is still supported but reached its EOL_ +7) _Compose V1 is still supported but has reached its EOL from July 2023_ 8) _These are defaults but can be customized with advanced options_ From c654f6ca08deee14c18542a3e04e68db04694774 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 13 Sep 2023 16:35:21 -0400 Subject: [PATCH 07/14] Bump version to 8.1.1 --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index ee6bb04..ef85012 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -32,7 +32,7 @@ class Config(metaclass=Singleton): DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' KOBO_DOCKER_BRANCH = '2.023.21b' - KOBO_INSTALL_VERSION = '8.1.0' + KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( string.ascii_letters From 8e713bb2c97d61660c28ace90efae820479275e1 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 20 Sep 2023 16:13:03 -0400 Subject: [PATCH 08/14] Use release 2.023.37 of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index ef85012..6cef422 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.21b' + KOBO_DOCKER_BRANCH = '2.023.37' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( From b991bcaa60849f5b079eaac56916605d8e1108fe Mon Sep 17 00:00:00 2001 From: "John N. Milner" Date: Fri, 29 Sep 2023 15:39:14 -0400 Subject: [PATCH 09/14] Use release 2.023.37d of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index 6cef422..a18522a 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.37' + KOBO_DOCKER_BRANCH = '2.023.37d' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( From 919d0ce2c7c46ff7d1dc9188c6fb103acf718939 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Tue, 3 Oct 2023 16:14:45 -0400 Subject: [PATCH 10/14] Use release 2.023.37e of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index a18522a..d411032 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.37d' + KOBO_DOCKER_BRANCH = '2.023.37e' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( From 26d3344bf82b6ccd4eb0c2fb81f0d203152f1a93 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 4 Oct 2023 17:02:45 -0400 Subject: [PATCH 11/14] Use release 2.023.37f of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index d411032..f505aba 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.37e' + KOBO_DOCKER_BRANCH = '2.023.37f' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( From 188e86a814487749db772c6c71ccd4851b66b0db Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Tue, 10 Oct 2023 11:26:54 -0400 Subject: [PATCH 12/14] Use release 2.023.37g of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index f505aba..77c9cce 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.37f' + KOBO_DOCKER_BRANCH = '2.023.37g' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( From 75b63940bec8c8dfc5df83955909635492b2c153 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Wed, 18 Oct 2023 12:18:02 -0400 Subject: [PATCH 13/14] Use release 2.023.37h of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index 77c9cce..ea10b93 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.37g' + KOBO_DOCKER_BRANCH = '2.023.37h' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = ( From 11727c3259e925345c53757ee2bc8a1e44ec65e8 Mon Sep 17 00:00:00 2001 From: Olivier Leger Date: Mon, 30 Oct 2023 17:05:34 -0400 Subject: [PATCH 14/14] Use release 2.023.37i of kobo-docker --- helpers/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/config.py b/helpers/config.py index ea10b93..dffecaf 100644 --- a/helpers/config.py +++ b/helpers/config.py @@ -31,7 +31,7 @@ class Config(metaclass=Singleton): DEFAULT_PROXY_PORT = '8080' DEFAULT_NGINX_PORT = '80' DEFAULT_NGINX_HTTPS_PORT = '443' - KOBO_DOCKER_BRANCH = '2.023.37h' + KOBO_DOCKER_BRANCH = '2.023.37i' KOBO_INSTALL_VERSION = '8.1.1' MAXIMUM_AWS_CREDENTIAL_ATTEMPTS = 3 ALLOWED_PASSWORD_CHARACTERS = (