mirror of
https://github.com/outbackdingo/labca.git
synced 2026-01-27 18:19:33 +00:00
Merge branch 'release/21.08'
* release/21.08: Bump boulder version to release-2021-08-02 Make labca user member of the docker group (#7)
This commit is contained in:
Arjan H
@@ -1,16 +1,16 @@
|
||||
diff --git a/cmd/bad-key-revoker/main.go b/cmd/bad-key-revoker/main.go
|
||||
index a78efee19..1c08b7035 100644
|
||||
index 2d6d17f16..e09948cfc 100644
|
||||
--- a/cmd/bad-key-revoker/main.go
|
||||
+++ b/cmd/bad-key-revoker/main.go
|
||||
@@ -14,6 +14,7 @@ import (
|
||||
"time"
|
||||
@@ -15,6 +15,7 @@ import (
|
||||
|
||||
"github.com/honeycombio/beeline-go"
|
||||
"github.com/jmhodges/clock"
|
||||
+ "github.com/letsencrypt/boulder/bdns"
|
||||
"github.com/letsencrypt/boulder/cmd"
|
||||
"github.com/letsencrypt/boulder/core"
|
||||
"github.com/letsencrypt/boulder/db"
|
||||
@@ -345,6 +346,9 @@ func main() {
|
||||
@@ -348,6 +349,9 @@ func main() {
|
||||
TLS cmd.TLSConfig
|
||||
RAService *cmd.GRPCClientConfig
|
||||
|
||||
@@ -20,7 +20,7 @@ index a78efee19..1c08b7035 100644
|
||||
// MaximumRevocations specifies the maximum number of certificates associated with
|
||||
// a key hash that bad-key-revoker will attempt to revoke. If the number of certificates
|
||||
// is higher than MaximumRevocations bad-key-revoker will error out and refuse to
|
||||
@@ -372,6 +376,12 @@ func main() {
|
||||
@@ -375,6 +379,12 @@ func main() {
|
||||
|
||||
Syslog cmd.SyslogConfig
|
||||
Beeline cmd.BeelineConfig
|
||||
@@ -33,7 +33,7 @@ index a78efee19..1c08b7035 100644
|
||||
}
|
||||
configPath := flag.String("config", "", "File path to the configuration file for this service")
|
||||
flag.Parse()
|
||||
@@ -417,6 +427,30 @@ func main() {
|
||||
@@ -424,6 +434,32 @@ func main() {
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to RA")
|
||||
rac := rapb.NewRegistrationAuthorityClient(conn)
|
||||
|
||||
@@ -47,24 +47,26 @@ index a78efee19..1c08b7035 100644
|
||||
+ if len(config.Common.DNSResolver) != 0 {
|
||||
+ config.BadKeyRevoker.DNSResolvers = append(config.BadKeyRevoker.DNSResolvers, config.Common.DNSResolver)
|
||||
+ }
|
||||
+ servers, err := bdns.NewStaticProvider(config.BadKeyRevoker.DNSResolvers)
|
||||
+ cmd.FailOnError(err, "Couldn't parse static DNS server(s)")
|
||||
+ if !config.Common.DNSAllowLoopbackAddresses {
|
||||
+ r := bdns.New(
|
||||
+ dnsTimeout,
|
||||
+ bdns.NewStaticProvider(config.BadKeyRevoker.DNSResolvers),
|
||||
+ servers,
|
||||
+ scope,
|
||||
+ clk,
|
||||
+ dnsTries,
|
||||
+ logger)
|
||||
+ resolver = r
|
||||
+ } else {
|
||||
+ r := bdns.NewTest(dnsTimeout, bdns.NewStaticProvider(config.BadKeyRevoker.DNSResolvers), scope, clk, dnsTries, logger)
|
||||
+ r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger)
|
||||
+ resolver = r
|
||||
+ }
|
||||
+
|
||||
var smtpRoots *x509.CertPool
|
||||
if config.BadKeyRevoker.Mailer.SMTPTrustedRootFile != "" {
|
||||
pem, err := ioutil.ReadFile(config.BadKeyRevoker.Mailer.SMTPTrustedRootFile)
|
||||
@@ -438,6 +472,7 @@ func main() {
|
||||
@@ -445,6 +481,7 @@ func main() {
|
||||
config.BadKeyRevoker.Mailer.Username,
|
||||
smtpPassword,
|
||||
smtpRoots,
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
diff --git a/core/interfaces.go b/core/interfaces.go
|
||||
index edbf531fa..1de27cc82 100644
|
||||
index 4e03131cb..43468ca3b 100644
|
||||
--- a/core/interfaces.go
|
||||
+++ b/core/interfaces.go
|
||||
@@ -96,6 +96,7 @@ type PolicyAuthority interface {
|
||||
@@ -94,6 +94,7 @@ type PolicyAuthority interface {
|
||||
WillingToIssueWildcards(identifiers []identifier.ACMEIdentifier) error
|
||||
ChallengesFor(domain identifier.ACMEIdentifier) ([]Challenge, error)
|
||||
ChallengeTypeEnabled(t AcmeChallenge) bool
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
diff --git a/docker-compose.yml b/docker-compose.yml
|
||||
index ec5150a2a..ea23aa838 100644
|
||||
index 713667d60..0a384c8ab 100644
|
||||
--- a/docker-compose.yml
|
||||
+++ b/docker-compose.yml
|
||||
@@ -4,10 +4,11 @@ services:
|
||||
image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.16.5_2021-06-11}
|
||||
image: &boulder_image letsencrypt/boulder-tools:${BOULDER_TOOLS_TAG:-go1.16.6_2021-07-12}
|
||||
environment:
|
||||
FAKE_DNS: 10.77.77.77
|
||||
- BOULDER_CONFIG_DIR: test/config
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
diff --git a/cmd/expiration-mailer/main.go b/cmd/expiration-mailer/main.go
|
||||
index 95c8a035..2ff70d7d 100644
|
||||
index 9f56157dd..8cc77676c 100644
|
||||
--- a/cmd/expiration-mailer/main.go
|
||||
+++ b/cmd/expiration-mailer/main.go
|
||||
@@ -20,6 +20,7 @@ import (
|
||||
@@ -42,7 +42,7 @@ index 95c8a035..2ff70d7d 100644
|
||||
}
|
||||
|
||||
func initStats(stats prometheus.Registerer) mailerStats {
|
||||
@@ -507,6 +517,30 @@ func main() {
|
||||
@@ -510,6 +520,32 @@ func main() {
|
||||
cmd.FailOnError(err, "Failed to load credentials and create gRPC connection to SA")
|
||||
sac := bgrpc.NewStorageAuthorityClient(sapb.NewStorageAuthorityClient(conn))
|
||||
|
||||
@@ -56,24 +56,26 @@ index 95c8a035..2ff70d7d 100644
|
||||
+ if len(c.Common.DNSResolver) != 0 {
|
||||
+ c.Mailer.DNSResolvers = append(c.Mailer.DNSResolvers, c.Common.DNSResolver)
|
||||
+ }
|
||||
+ servers, err := bdns.NewStaticProvider(c.Mailer.DNSResolvers)
|
||||
+ cmd.FailOnError(err, "Couldn't parse static DNS server(s)")
|
||||
+ if !c.Common.DNSAllowLoopbackAddresses {
|
||||
+ r := bdns.New(
|
||||
+ dnsTimeout,
|
||||
+ bdns.NewStaticProvider(c.Mailer.DNSResolvers),
|
||||
+ servers,
|
||||
+ scope,
|
||||
+ clk,
|
||||
+ dnsTries,
|
||||
+ logger)
|
||||
+ resolver = r
|
||||
+ } else {
|
||||
+ r := bdns.NewTest(dnsTimeout, bdns.NewStaticProvider(c.Mailer.DNSResolvers), scope, clk, dnsTries, logger)
|
||||
+ r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger)
|
||||
+ resolver = r
|
||||
+ }
|
||||
+
|
||||
var smtpRoots *x509.CertPool
|
||||
if c.Mailer.SMTPTrustedRootFile != "" {
|
||||
pem, err := ioutil.ReadFile(c.Mailer.SMTPTrustedRootFile)
|
||||
@@ -542,6 +576,7 @@ func main() {
|
||||
@@ -545,6 +581,7 @@ func main() {
|
||||
c.Mailer.Username,
|
||||
smtpPassword,
|
||||
smtpRoots,
|
||||
|
||||
5
install
5
install
@@ -24,7 +24,7 @@ dockerComposeVersion="1.28.5"
|
||||
|
||||
labcaUrl="https://github.com/hakwerk/labca/"
|
||||
boulderUrl="https://github.com/letsencrypt/boulder/"
|
||||
boulderTag="release-2021-07-12"
|
||||
boulderTag="release-2021-08-02"
|
||||
|
||||
#
|
||||
# Color configuration
|
||||
@@ -394,6 +394,9 @@ install_extra() {
|
||||
apt update &>>$installLog
|
||||
install_pkg "docker-ce"
|
||||
|
||||
# Make sure the labca user has docker permissions
|
||||
usermod -aG docker labca
|
||||
|
||||
msg_info "Install binary 'docker-compose'"
|
||||
local dcver=""
|
||||
[ -x /usr/local/bin/docker-compose ] && dcver="`/usr/local/bin/docker-compose --version`"
|
||||
|
||||
@@ -83,17 +83,19 @@ func main() {
|
||||
if len(c.Common.DNSResolver) != 0 {
|
||||
c.Mailer.DNSResolvers = append(c.Mailer.DNSResolvers, c.Common.DNSResolver)
|
||||
}
|
||||
servers, err := bdns.NewStaticProvider(c.Mailer.DNSResolvers)
|
||||
cmd.FailOnError(err, "Couldn't parse static DNS server(s)")
|
||||
if !c.Common.DNSAllowLoopbackAddresses {
|
||||
r := bdns.New(
|
||||
dnsTimeout,
|
||||
bdns.NewStaticProvider(c.Mailer.DNSResolvers),
|
||||
servers,
|
||||
scope,
|
||||
clk,
|
||||
dnsTries,
|
||||
logger)
|
||||
resolver = r
|
||||
} else {
|
||||
r := bdns.NewTest(dnsTimeout, bdns.NewStaticProvider(c.Mailer.DNSResolvers), scope, clk, dnsTries, logger)
|
||||
r := bdns.NewTest(dnsTimeout, servers, scope, clk, dnsTries, logger)
|
||||
resolver = r
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user