Replace acme_tiny.py with certbot as ACME client

build/Dockerfile-control

@@ -32,15 +32,22 @@ RUN export DEBIAN_FRONTEND=noninteractive \
 FROM ubuntu:focal
 
 RUN export DEBIAN_FRONTEND=noninteractive \
+    && apt update \
+    && apt install -y --no-install-recommends --reinstall software-properties-common \
+    && add-apt-repository -y ppa:deadsnakes/ppa \
     && apt-get update \
     && apt-get install -y --no-install-recommends \
         ca-certificates \
         cron \
         curl \
-        python3 \
+        python3.10-venv \
         softhsm2 \
         tzdata \
         ucspi-tcp \
+    && python3.10 -m venv /opt/certbot \
+    && /opt/certbot/bin/pip install --upgrade pip \
+    && /opt/certbot/bin/pip install certbot \
+    && ln -sf /opt/certbot/bin/certbot /usr/bin/certbot \
     && rm -rf /var/lib/apt/lists/*
 
 COPY --from=boulder-tools /usr/local/bin/minica /usr/local/bin/minica
@@ -48,7 +55,6 @@ COPY --from=boulder-tools /usr/local/bin/minica /usr/local/bin/minica
 COPY --from=builder /usr/bin/docker /usr/bin/docker
 COPY --from=builder /usr/libexec/docker/cli-plugins/docker-compose /usr/libexec/docker/cli-plugins/docker-compose
 
-COPY tmp/acme_tiny.py /opt/labca/
 COPY tmp/backup /opt/labca/
 COPY tmp/checkcrl /opt/labca/
 COPY tmp/checkrenew /opt/labca/

build/build.sh

@@ -53,7 +53,6 @@ BASEDIR=/go/src/labca
 docker run -v $TMP_DIR/admin:$BASEDIR:cached -v $TMP_DIR:$BASEDIR/bin -w $BASEDIR -e GIT_VERSION=$GIT_VERSION $BUILD_IMAGE ./setup.sh
 
 cp -rp $cloneDir/gui/setup.sh $TMP_DIR/admin/
-cp -rp $cloneDir/acme_tiny.py $TMP_DIR/
 cp -rp $cloneDir/backup $TMP_DIR/
 cp -rp $cloneDir/checkcrl $TMP_DIR/
 cp -rp $cloneDir/checkrenew $TMP_DIR/