crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2025-08-08 04:02:10 +03:00
Code Activity

Release 0.11.0

Browse Source
This commit is contained in:
Brad Warren
2017-02-01 09:50:42 -08:00
parent aa389cf8aa
commit 30bc68ccde
12 changed files with 315 additions and 241 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
acme/setup.py
View File

@@ -4,7 +4,7 @@ from setuptools import setup
from setuptools import find_packages from setuptools import find_packages
version = '0.11.0.dev0' version = '0.11.0'
# Please update tox.ini when modifying dependency version requirements # Please update tox.ini when modifying dependency version requirements
install_requires = [ install_requires = [

2
certbot-apache/setup.py
View File

@@ -4,7 +4,7 @@ from setuptools import setup
from setuptools import find_packages from setuptools import find_packages
version = '0.11.0.dev0' version = '0.11.0'
# Please update tox.ini when modifying dependency version requirements # Please update tox.ini when modifying dependency version requirements
install_requires = [ install_requires = [

234
certbot-auto
View File

@@ -23,7 +23,7 @@ if [ -z "$VENV_PATH" ]; then
VENV_PATH="$XDG_DATA_HOME/$VENV_NAME" VENV_PATH="$XDG_DATA_HOME/$VENV_NAME"
fi fi
VENV_BIN="$VENV_PATH/bin" VENV_BIN="$VENV_PATH/bin"
LE_AUTO_VERSION="0.10.2" LE_AUTO_VERSION="0.11.0"
BASENAME=$(basename $0) BASENAME=$(basename $0)
USAGE="Usage: $BASENAME [OPTIONS] USAGE="Usage: $BASENAME [OPTIONS]
A self-updating wrapper script for the Certbot ACME client. When run, updates A self-updating wrapper script for the Certbot ACME client. When run, updates
@@ -38,8 +38,9 @@ Help for certbot itself cannot be provided until it is installed.
-n, --non-interactive, --noninteractive run without asking for user input -n, --non-interactive, --noninteractive run without asking for user input
--no-self-upgrade do not download updates --no-self-upgrade do not download updates
--os-packages-only install OS dependencies and exit --os-packages-only install OS dependencies and exit
-q, --quiet provide only update/error output
-v, --verbose provide more output -v, --verbose provide more output
-q, --quiet provide only update/error output;
implies --non-interactive
All arguments are accepted and forwarded to the Certbot client when run." All arguments are accepted and forwarded to the Certbot client when run."
@@ -84,6 +85,11 @@ if [ $BASENAME = "letsencrypt-auto" ]; then
HELP=0 HELP=0
fi fi
# Set ASSUME_YES to 1 if QUIET (i.e. --quiet implies --non-interactive)
if [ "$QUIET" = 1 ]; then
ASSUME_YES=1
fi
# Support for busybox and others where there is no "command", # Support for busybox and others where there is no "command",
# but "which" instead # but "which" instead
if command -v command > /dev/null 2>&1 ; then if command -v command > /dev/null 2>&1 ; then
@@ -99,7 +105,7 @@ fi
# certbot itself needs root access for almost all modes of operation # certbot itself needs root access for almost all modes of operation
# The "normal" case is that sudo is used for the steps that need root, but # The "normal" case is that sudo is used for the steps that need root, but
# this script *can* be run as root (not recommended), or fall back to using # this script *can* be run as root (not recommended), or fall back to using
# `su`. Auto-detection can be overrided by explicitly setting the # `su`. Auto-detection can be overridden by explicitly setting the
# environment variable LE_AUTO_SUDO to 'sudo', 'sudo_su' or '' as used below. # environment variable LE_AUTO_SUDO to 'sudo', 'sudo_su' or '' as used below.
# Because the parameters in `su -c` has to be a string, # Because the parameters in `su -c` has to be a string,
@@ -207,7 +213,11 @@ BootstrapDebCommon() {
# #
# - Debian 6.0.10 "squeeze" (x64) # - Debian 6.0.10 "squeeze" (x64)
$SUDO apt-get update || echo apt-get update hit problems but continuing anyway... if [ "$QUIET" = 1 ]; then
QUIET_FLAG='-qq'
fi
$SUDO apt-get $QUIET_FLAG update || echo apt-get update hit problems but continuing anyway...
# virtualenv binary can be found in different packages depending on # virtualenv binary can be found in different packages depending on
# distro version (#346) # distro version (#346)
@@ -215,74 +225,74 @@ BootstrapDebCommon() {
virtualenv= virtualenv=
# virtual env is known to apt and is installable # virtual env is known to apt and is installable
if apt-cache show virtualenv > /dev/null 2>&1 ; then if apt-cache show virtualenv > /dev/null 2>&1 ; then
if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then
virtualenv="virtualenv" virtualenv="virtualenv"
fi fi
fi fi
if apt-cache show python-virtualenv > /dev/null 2>&1; then if apt-cache show python-virtualenv > /dev/null 2>&1; then
virtualenv="$virtualenv python-virtualenv" virtualenv="$virtualenv python-virtualenv"
fi fi
augeas_pkg="libaugeas0 augeas-lenses" augeas_pkg="libaugeas0 augeas-lenses"
AUGVERSION=`LC_ALL=C apt-cache show --no-all-versions libaugeas0 | grep ^Version: | cut -d" " -f2` AUGVERSION=`LC_ALL=C apt-cache show --no-all-versions libaugeas0 | grep ^Version: | cut -d" " -f2`
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
YES_FLAG="-y" YES_FLAG="-y"
fi fi
AddBackportRepo() { AddBackportRepo() {
# ARGS: # ARGS:
BACKPORT_NAME="$1" BACKPORT_NAME="$1"
BACKPORT_SOURCELINE="$2" BACKPORT_SOURCELINE="$2"
echo "To use the Apache Certbot plugin, augeas needs to be installed from $BACKPORT_NAME." echo "To use the Apache Certbot plugin, augeas needs to be installed from $BACKPORT_NAME."
if ! grep -v -e ' *#' /etc/apt/sources.list | grep -q "$BACKPORT_NAME" ; then if ! grep -v -e ' *#' /etc/apt/sources.list | grep -q "$BACKPORT_NAME" ; then
# This can theoretically error if sources.list.d is empty, but in that case we don't care. # This can theoretically error if sources.list.d is empty, but in that case we don't care.
if ! grep -v -e ' *#' /etc/apt/sources.list.d/* 2>/dev/null | grep -q "$BACKPORT_NAME"; then if ! grep -v -e ' *#' /etc/apt/sources.list.d/* 2>/dev/null | grep -q "$BACKPORT_NAME"; then
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
/bin/echo -n "Installing augeas from $BACKPORT_NAME in 3 seconds..." /bin/echo -n "Installing augeas from $BACKPORT_NAME in 3 seconds..."
sleep 1s sleep 1s
/bin/echo -ne "\e[0K\rInstalling augeas from $BACKPORT_NAME in 2 seconds..." /bin/echo -ne "\e[0K\rInstalling augeas from $BACKPORT_NAME in 2 seconds..."
sleep 1s sleep 1s
/bin/echo -e "\e[0K\rInstalling augeas from $BACKPORT_NAME in 1 second ..." /bin/echo -e "\e[0K\rInstalling augeas from $BACKPORT_NAME in 1 second ..."
sleep 1s sleep 1s
add_backports=1 add_backports=1
else else
read -p "Would you like to enable the $BACKPORT_NAME repository [Y/n]? " response read -p "Would you like to enable the $BACKPORT_NAME repository [Y/n]? " response
case $response in case $response in
[yY][eE][sS]|[yY]|"") [yY][eE][sS]|[yY]|"")
add_backports=1;; add_backports=1;;
*) *)
add_backports=0;; add_backports=0;;
esac esac
fi fi
if [ "$add_backports" = 1 ]; then if [ "$add_backports" = 1 ]; then
$SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list" $SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list"
$SUDO apt-get update $SUDO apt-get $QUIET_FLAG update
fi fi
fi
fi
if [ "$add_backports" != 0 ]; then
$SUDO apt-get install $YES_FLAG --no-install-recommends -t "$BACKPORT_NAME" $augeas_pkg
augeas_pkg=
fi fi
fi
if [ "$add_backports" != 0 ]; then
$SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends -t "$BACKPORT_NAME" $augeas_pkg
augeas_pkg=
fi
} }
if dpkg --compare-versions 1.0 gt "$AUGVERSION" ; then if dpkg --compare-versions 1.0 gt "$AUGVERSION" ; then
if lsb_release -a | grep -q wheezy ; then if lsb_release -a | grep -q wheezy ; then
AddBackportRepo wheezy-backports "deb http://http.debian.net/debian wheezy-backports main" AddBackportRepo wheezy-backports "deb http://http.debian.net/debian wheezy-backports main"
elif lsb_release -a | grep -q precise ; then elif lsb_release -a | grep -q precise ; then
# XXX add ARM case # XXX add ARM case
AddBackportRepo precise-backports "deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse" AddBackportRepo precise-backports "deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse"
else else
echo "No libaugeas0 version is available that's new enough to run the" echo "No libaugeas0 version is available that's new enough to run the"
echo "Certbot apache plugin..." echo "Certbot apache plugin..."
fi fi
# XXX add a case for ubuntu PPAs # XXX add a case for ubuntu PPAs
fi fi
$SUDO apt-get install $YES_FLAG --no-install-recommends \ $SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends \
python \ python \
python-dev \ python-dev \
$virtualenv \ $virtualenv \
@@ -294,7 +304,6 @@ BootstrapDebCommon() {
ca-certificates \ ca-certificates \
if ! $EXISTS virtualenv > /dev/null ; then if ! $EXISTS virtualenv > /dev/null ; then
echo Failed to install a working \"virtualenv\" command, exiting echo Failed to install a working \"virtualenv\" command, exiting
exit 1 exit 1
@@ -323,6 +332,9 @@ BootstrapRpmCommon() {
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
yes_flag="-y" yes_flag="-y"
fi fi
if [ "$QUIET" = 1 ]; then
QUIET_FLAG='--quiet'
fi
if ! $SUDO $tool list *virtualenv >/dev/null 2>&1; then if ! $SUDO $tool list *virtualenv >/dev/null 2>&1; then
echo "To use Certbot, packages from the EPEL repository need to be installed." echo "To use Certbot, packages from the EPEL repository need to be installed."
@@ -331,14 +343,14 @@ BootstrapRpmCommon() {
exit 1 exit 1
fi fi
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
/bin/echo -n "Enabling the EPEL repository in 3 seconds..." /bin/echo -n "Enabling the EPEL repository in 3 seconds..."
sleep 1s sleep 1s
/bin/echo -ne "\e[0K\rEnabling the EPEL repository in 2 seconds..." /bin/echo -ne "\e[0K\rEnabling the EPEL repository in 2 seconds..."
sleep 1s sleep 1s
/bin/echo -e "\e[0K\rEnabling the EPEL repository in 1 seconds..." /bin/echo -e "\e[0K\rEnabling the EPEL repository in 1 seconds..."
sleep 1s sleep 1s
fi fi
if ! $SUDO $tool install $yes_flag epel-release; then if ! $SUDO $tool install $yes_flag $QUIET_FLAG epel-release; then
echo "Could not enable EPEL. Aborting bootstrap!" echo "Could not enable EPEL. Aborting bootstrap!"
exit 1 exit 1
fi fi
@@ -380,9 +392,9 @@ BootstrapRpmCommon() {
" "
fi fi
if ! $SUDO $tool install $yes_flag $pkgs; then if ! $SUDO $tool install $yes_flag $QUIET_FLAG $pkgs; then
echo "Could not install OS dependencies. Aborting bootstrap!" echo "Could not install OS dependencies. Aborting bootstrap!"
exit 1 exit 1
fi fi
} }
@@ -394,7 +406,11 @@ BootstrapSuseCommon() {
install_flags="-l" install_flags="-l"
fi fi
$SUDO zypper $zypper_flags in $install_flags \ if [ "$QUIET" = 1 ]; then
QUIET_FLAG='-qq'
fi
$SUDO zypper $QUIET_FLAG $zypper_flags in $install_flags \
python \ python \
python-devel \ python-devel \
python-virtualenv \ python-virtualenv \
@@ -432,7 +448,11 @@ BootstrapArchCommon() {
fi fi
if [ "$missing" ]; then if [ "$missing" ]; then
$SUDO pacman -S --needed $missing $noconfirm if [ "$QUIET" = 1]; then
$SUDO pacman -S --needed $missing $noconfirm > /dev/null
else
$SUDO pacman -S --needed $missing $noconfirm
fi
fi fi
} }
@@ -465,7 +485,11 @@ BootstrapGentooCommon() {
} }
BootstrapFreeBsd() { BootstrapFreeBsd() {
$SUDO pkg install -Ay \ if [ "$QUIET" = 1 ]; then
QUIET_FLAG="--quiet"
fi
$SUDO pkg install -Ay $QUIET_FLAG \
python \ python \
py27-virtualenv \ py27-virtualenv \
augeas \ augeas \
@@ -505,15 +529,15 @@ BootstrapMac() {
fi fi
if ! hash pip 2>/dev/null; then if ! hash pip 2>/dev/null; then
echo "pip not installed" echo "pip not installed"
echo "Installing pip..." echo "Installing pip..."
curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python
fi fi
if ! hash virtualenv 2>/dev/null; then if ! hash virtualenv 2>/dev/null; then
echo "virtualenv not installed." echo "virtualenv not installed."
echo "Installing with pip..." echo "Installing with pip..."
pip install virtualenv pip install virtualenv
fi fi
} }
@@ -523,26 +547,29 @@ BootstrapSmartOS() {
} }
BootstrapMageiaCommon() { BootstrapMageiaCommon() {
if ! $SUDO urpmi --force \ if [ "$QUIET" = 1 ]; then
python \ QUIET_FLAG='--quiet'
libpython-devel \ fi
python-virtualenv
if ! $SUDO urpmi --force $QUIET_FLAG \
python \
libpython-devel \
python-virtualenv
then then
echo "Could not install Python dependencies. Aborting bootstrap!" echo "Could not install Python dependencies. Aborting bootstrap!"
exit 1 exit 1
fi fi
if ! $SUDO urpmi --force \ if ! $SUDO urpmi --force $QUIET_FLAG \
git \ git \
gcc \ gcc \
python-augeas \ python-augeas \
openssl \ libopenssl-devel \
libopenssl-devel \ libffi-devel \
libffi-devel \ rootcerts
rootcerts
then then
echo "Could not install additional dependencies. Aborting bootstrap!" echo "Could not install additional dependencies. Aborting bootstrap!"
exit 1 exit 1
fi fi
} }
@@ -609,6 +636,11 @@ if [ "$1" = "--le-auto-phase2" ]; then
# --version output ran through grep due to python-cryptography DeprecationWarnings # --version output ran through grep due to python-cryptography DeprecationWarnings
# grep for both certbot and letsencrypt until certbot and shim packages have been released # grep for both certbot and letsencrypt until certbot and shim packages have been released
INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | grep "^certbot\|^letsencrypt" | cut -d " " -f 2) INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | grep "^certbot\|^letsencrypt" | cut -d " " -f 2)
if [ -z "$INSTALLED_VERSION" ]; then
echo "Error: couldn't get currently installed version for $VENV_BIN/letsencrypt: " 1>&2
"$VENV_BIN/letsencrypt" --version
exit 1
fi
else else
INSTALLED_VERSION="none" INSTALLED_VERSION="none"
fi fi
@@ -801,18 +833,18 @@ letsencrypt==0.7.0 \
# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE.
acme==0.10.2 \ acme==0.11.0 \
--hash=sha256:053bbf8d36be298e411e0fa397289307e1a888f419de1205931236114f8f825e \ --hash=sha256:9c084f9a62241a11231af63266f2f12ad696be590393a4ab4974276a47d63404 \
--hash=sha256:6465b66256849f8cd4269a43037d404b1ccf31a60d3c93fc628d6f6f4c43de78 --hash=sha256:1513ae74ee8424c739a953a552890830315669d95d105469d1cff5b7db9ae888
certbot==0.10.2 \ certbot==0.11.0 \
--hash=sha256:1e680cab3cda6c3079ee64066903f93e421df46a8d4db63264a6359f3d5ba63e \ --hash=sha256:cc94d890a8697b3bdbdc555bcf4ba93955f64324bc256b2ea710fd053fc03b8a \
--hash=sha256:33729ce100fc9d00d9820c81fc3ef9b95802b8d261f0cca0cce422bc568b1631 --hash=sha256:0f91fee360f9ce5e0584d0954fa3123832435f77f465915389032a90ac0248b1
certbot-apache==0.10.2 \ certbot-apache==0.11.0 \
--hash=sha256:c1f196506bf961e2171fb2af9feca8926100564b644acda1895acdf294c46e71 \ --hash=sha256:9a01883ca7e1159cff2a6e36bf97b83793c899c62944335f6ac2f59f9b3e8b5d \
--hash=sha256:8573275e74c8b74a9c7d7824636a37a4bc83327a7cc97a43b334fe8956ba8cb1 --hash=sha256:2b67871e7ae8bbfa7a2779fcd6444f28847fbb7a347ef4bfdb19fb55a0d75673
certbot-nginx==0.10.2 \ certbot-nginx==0.11.0 \
--hash=sha256:74c32bdaf2f3873aa811c3e2cdc205d3137b59c64dbcdca6f3982ed2a89b4f2a \ --hash=sha256:cfae45a42560e39889eebd287437556084c421a9e07a2deb3cbc0aeef92d2dab \
--hash=sha256:c8265ab4b4bc0a6a3a81d7f0b8ff2606dd28ebbb3cd045635862286b97af2c36 --hash=sha256:dbddffe47c8e8b2d1cf47fe393b434003270a45aec896f133492c855c77e6f08
UNLIKELY_EOF UNLIKELY_EOF
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
@@ -1024,7 +1056,7 @@ UNLIKELY_EOF
fi fi
else else
# Phase 1: Upgrade certbot-auto if neceesary, then self-invoke. # Phase 1: Upgrade certbot-auto if necessary, then self-invoke.
# #
# Each phase checks the version of only the thing it is responsible for # Each phase checks the version of only the thing it is responsible for
# upgrading. Phase 1 checks the version of the latest release of # upgrading. Phase 1 checks the version of the latest release of

2
certbot-compatibility-test/setup.py
View File

@@ -4,7 +4,7 @@ from setuptools import setup
from setuptools import find_packages from setuptools import find_packages
version = '0.11.0.dev0' version = '0.11.0'
install_requires = [ install_requires = [
'certbot', 'certbot',

2
certbot-nginx/setup.py
View File

@@ -4,7 +4,7 @@ from setuptools import setup
from setuptools import find_packages from setuptools import find_packages
version = '0.11.0.dev0' version = '0.11.0'
# Please update tox.ini when modifying dependency version requirements # Please update tox.ini when modifying dependency version requirements
install_requires = [ install_requires = [

2
certbot/__init__.py
View File

@@ -1,4 +1,4 @@
"""Certbot client.""" """Certbot client."""
# version number like 1.2.3a0, must have at least 2 parts, like 1.2 # version number like 1.2.3a0, must have at least 2 parts, like 1.2
__version__ = '0.11.0.dev0' __version__ = '0.11.0'

14
docs/cli-help.txt
View File

@@ -86,7 +86,7 @@ optional arguments:
statistics about success rates by OS and plugin. If statistics about success rates by OS and plugin. If
you wish to hide your server OS version from the Let's you wish to hide your server OS version from the Let's
Encrypt server, set this to "". (default: Encrypt server, set this to "". (default:
CertbotACMEClient/0.10.2 (Ubuntu 16.04.1 LTS) CertbotACMEClient/0.11.0 (Ubuntu 16.04.1 LTS)
Authenticator/XXX Installer/YYY) Authenticator/XXX Installer/YYY)
automation: automation:
@@ -120,7 +120,6 @@ automation:
system. This option cannot be used with --csr. system. This option cannot be used with --csr.
(default: False) (default: False)
--agree-tos Agree to the ACME Subscriber Agreement (default: Ask) --agree-tos Agree to the ACME Subscriber Agreement (default: Ask)
--account ACCOUNT_ID Account ID to use (default: None)
--duplicate Allow making a certificate lineage that duplicates an --duplicate Allow making a certificate lineage that duplicates an
existing one (both can be renewed in parallel) existing one (both can be renewed in parallel)
(default: False) (default: False)
@@ -280,6 +279,9 @@ delete:
revoke: revoke:
Options for revocation of certs Options for revocation of certs
--reason {keycompromise,affiliationchanged,superseded,unspecified,cessationofoperation}
Specify reason for revoking certificate. (default: 0)
register: register:
Options for account registration & modification Options for account registration & modification
@@ -301,6 +303,14 @@ register:
-m EMAIL, --email EMAIL -m EMAIL, --email EMAIL
Email used for registration and recovery contact. Email used for registration and recovery contact.
(default: Ask) (default: Ask)
--eff-email Share your e-mail address with EFF (default: None)
--no-eff-email Don't share your e-mail address with EFF (default:
None)
unregister:
Options for account deactivation.
--account ACCOUNT_ID Account ID to use (default: None)
install: install:
Options for modifying how a cert is deployed Options for modifying how a cert is deployed

234
letsencrypt-auto
View File

@@ -23,7 +23,7 @@ if [ -z "$VENV_PATH" ]; then
VENV_PATH="$XDG_DATA_HOME/$VENV_NAME" VENV_PATH="$XDG_DATA_HOME/$VENV_NAME"
fi fi
VENV_BIN="$VENV_PATH/bin" VENV_BIN="$VENV_PATH/bin"
LE_AUTO_VERSION="0.10.2" LE_AUTO_VERSION="0.11.0"
BASENAME=$(basename $0) BASENAME=$(basename $0)
USAGE="Usage: $BASENAME [OPTIONS] USAGE="Usage: $BASENAME [OPTIONS]
A self-updating wrapper script for the Certbot ACME client. When run, updates A self-updating wrapper script for the Certbot ACME client. When run, updates
@@ -38,8 +38,9 @@ Help for certbot itself cannot be provided until it is installed.
-n, --non-interactive, --noninteractive run without asking for user input -n, --non-interactive, --noninteractive run without asking for user input
--no-self-upgrade do not download updates --no-self-upgrade do not download updates
--os-packages-only install OS dependencies and exit --os-packages-only install OS dependencies and exit
-q, --quiet provide only update/error output
-v, --verbose provide more output -v, --verbose provide more output
-q, --quiet provide only update/error output;
implies --non-interactive
All arguments are accepted and forwarded to the Certbot client when run." All arguments are accepted and forwarded to the Certbot client when run."
@@ -84,6 +85,11 @@ if [ $BASENAME = "letsencrypt-auto" ]; then
HELP=0 HELP=0
fi fi
# Set ASSUME_YES to 1 if QUIET (i.e. --quiet implies --non-interactive)
if [ "$QUIET" = 1 ]; then
ASSUME_YES=1
fi
# Support for busybox and others where there is no "command", # Support for busybox and others where there is no "command",
# but "which" instead # but "which" instead
if command -v command > /dev/null 2>&1 ; then if command -v command > /dev/null 2>&1 ; then
@@ -99,7 +105,7 @@ fi
# certbot itself needs root access for almost all modes of operation # certbot itself needs root access for almost all modes of operation
# The "normal" case is that sudo is used for the steps that need root, but # The "normal" case is that sudo is used for the steps that need root, but
# this script *can* be run as root (not recommended), or fall back to using # this script *can* be run as root (not recommended), or fall back to using
# `su`. Auto-detection can be overrided by explicitly setting the # `su`. Auto-detection can be overridden by explicitly setting the
# environment variable LE_AUTO_SUDO to 'sudo', 'sudo_su' or '' as used below. # environment variable LE_AUTO_SUDO to 'sudo', 'sudo_su' or '' as used below.
# Because the parameters in `su -c` has to be a string, # Because the parameters in `su -c` has to be a string,
@@ -207,7 +213,11 @@ BootstrapDebCommon() {
# #
# - Debian 6.0.10 "squeeze" (x64) # - Debian 6.0.10 "squeeze" (x64)
$SUDO apt-get update || echo apt-get update hit problems but continuing anyway... if [ "$QUIET" = 1 ]; then
QUIET_FLAG='-qq'
fi
$SUDO apt-get $QUIET_FLAG update || echo apt-get update hit problems but continuing anyway...
# virtualenv binary can be found in different packages depending on # virtualenv binary can be found in different packages depending on
# distro version (#346) # distro version (#346)
@@ -215,74 +225,74 @@ BootstrapDebCommon() {
virtualenv= virtualenv=
# virtual env is known to apt and is installable # virtual env is known to apt and is installable
if apt-cache show virtualenv > /dev/null 2>&1 ; then if apt-cache show virtualenv > /dev/null 2>&1 ; then
if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then
virtualenv="virtualenv" virtualenv="virtualenv"
fi fi
fi fi
if apt-cache show python-virtualenv > /dev/null 2>&1; then if apt-cache show python-virtualenv > /dev/null 2>&1; then
virtualenv="$virtualenv python-virtualenv" virtualenv="$virtualenv python-virtualenv"
fi fi
augeas_pkg="libaugeas0 augeas-lenses" augeas_pkg="libaugeas0 augeas-lenses"
AUGVERSION=`LC_ALL=C apt-cache show --no-all-versions libaugeas0 | grep ^Version: | cut -d" " -f2` AUGVERSION=`LC_ALL=C apt-cache show --no-all-versions libaugeas0 | grep ^Version: | cut -d" " -f2`
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
YES_FLAG="-y" YES_FLAG="-y"
fi fi
AddBackportRepo() { AddBackportRepo() {
# ARGS: # ARGS:
BACKPORT_NAME="$1" BACKPORT_NAME="$1"
BACKPORT_SOURCELINE="$2" BACKPORT_SOURCELINE="$2"
echo "To use the Apache Certbot plugin, augeas needs to be installed from $BACKPORT_NAME." echo "To use the Apache Certbot plugin, augeas needs to be installed from $BACKPORT_NAME."
if ! grep -v -e ' *#' /etc/apt/sources.list | grep -q "$BACKPORT_NAME" ; then if ! grep -v -e ' *#' /etc/apt/sources.list | grep -q "$BACKPORT_NAME" ; then
# This can theoretically error if sources.list.d is empty, but in that case we don't care. # This can theoretically error if sources.list.d is empty, but in that case we don't care.
if ! grep -v -e ' *#' /etc/apt/sources.list.d/* 2>/dev/null | grep -q "$BACKPORT_NAME"; then if ! grep -v -e ' *#' /etc/apt/sources.list.d/* 2>/dev/null | grep -q "$BACKPORT_NAME"; then
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
/bin/echo -n "Installing augeas from $BACKPORT_NAME in 3 seconds..." /bin/echo -n "Installing augeas from $BACKPORT_NAME in 3 seconds..."
sleep 1s sleep 1s
/bin/echo -ne "\e[0K\rInstalling augeas from $BACKPORT_NAME in 2 seconds..." /bin/echo -ne "\e[0K\rInstalling augeas from $BACKPORT_NAME in 2 seconds..."
sleep 1s sleep 1s
/bin/echo -e "\e[0K\rInstalling augeas from $BACKPORT_NAME in 1 second ..." /bin/echo -e "\e[0K\rInstalling augeas from $BACKPORT_NAME in 1 second ..."
sleep 1s sleep 1s
add_backports=1 add_backports=1
else else
read -p "Would you like to enable the $BACKPORT_NAME repository [Y/n]? " response read -p "Would you like to enable the $BACKPORT_NAME repository [Y/n]? " response
case $response in case $response in
[yY][eE][sS]|[yY]|"") [yY][eE][sS]|[yY]|"")
add_backports=1;; add_backports=1;;
*) *)
add_backports=0;; add_backports=0;;
esac esac
fi fi
if [ "$add_backports" = 1 ]; then if [ "$add_backports" = 1 ]; then
$SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list" $SUDO sh -c "echo $BACKPORT_SOURCELINE >> /etc/apt/sources.list.d/$BACKPORT_NAME.list"
$SUDO apt-get update $SUDO apt-get $QUIET_FLAG update
fi fi
fi
fi
if [ "$add_backports" != 0 ]; then
$SUDO apt-get install $YES_FLAG --no-install-recommends -t "$BACKPORT_NAME" $augeas_pkg
augeas_pkg=
fi fi
fi
if [ "$add_backports" != 0 ]; then
$SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends -t "$BACKPORT_NAME" $augeas_pkg
augeas_pkg=
fi
} }
if dpkg --compare-versions 1.0 gt "$AUGVERSION" ; then if dpkg --compare-versions 1.0 gt "$AUGVERSION" ; then
if lsb_release -a | grep -q wheezy ; then if lsb_release -a | grep -q wheezy ; then
AddBackportRepo wheezy-backports "deb http://http.debian.net/debian wheezy-backports main" AddBackportRepo wheezy-backports "deb http://http.debian.net/debian wheezy-backports main"
elif lsb_release -a | grep -q precise ; then elif lsb_release -a | grep -q precise ; then
# XXX add ARM case # XXX add ARM case
AddBackportRepo precise-backports "deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse" AddBackportRepo precise-backports "deb http://archive.ubuntu.com/ubuntu precise-backports main restricted universe multiverse"
else else
echo "No libaugeas0 version is available that's new enough to run the" echo "No libaugeas0 version is available that's new enough to run the"
echo "Certbot apache plugin..." echo "Certbot apache plugin..."
fi fi
# XXX add a case for ubuntu PPAs # XXX add a case for ubuntu PPAs
fi fi
$SUDO apt-get install $YES_FLAG --no-install-recommends \ $SUDO apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends \
python \ python \
python-dev \ python-dev \
$virtualenv \ $virtualenv \
@@ -294,7 +304,6 @@ BootstrapDebCommon() {
ca-certificates \ ca-certificates \
if ! $EXISTS virtualenv > /dev/null ; then if ! $EXISTS virtualenv > /dev/null ; then
echo Failed to install a working \"virtualenv\" command, exiting echo Failed to install a working \"virtualenv\" command, exiting
exit 1 exit 1
@@ -323,6 +332,9 @@ BootstrapRpmCommon() {
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
yes_flag="-y" yes_flag="-y"
fi fi
if [ "$QUIET" = 1 ]; then
QUIET_FLAG='--quiet'
fi
if ! $SUDO $tool list *virtualenv >/dev/null 2>&1; then if ! $SUDO $tool list *virtualenv >/dev/null 2>&1; then
echo "To use Certbot, packages from the EPEL repository need to be installed." echo "To use Certbot, packages from the EPEL repository need to be installed."
@@ -331,14 +343,14 @@ BootstrapRpmCommon() {
exit 1 exit 1
fi fi
if [ "$ASSUME_YES" = 1 ]; then if [ "$ASSUME_YES" = 1 ]; then
/bin/echo -n "Enabling the EPEL repository in 3 seconds..." /bin/echo -n "Enabling the EPEL repository in 3 seconds..."
sleep 1s sleep 1s
/bin/echo -ne "\e[0K\rEnabling the EPEL repository in 2 seconds..." /bin/echo -ne "\e[0K\rEnabling the EPEL repository in 2 seconds..."
sleep 1s sleep 1s
/bin/echo -e "\e[0K\rEnabling the EPEL repository in 1 seconds..." /bin/echo -e "\e[0K\rEnabling the EPEL repository in 1 seconds..."
sleep 1s sleep 1s
fi fi
if ! $SUDO $tool install $yes_flag epel-release; then if ! $SUDO $tool install $yes_flag $QUIET_FLAG epel-release; then
echo "Could not enable EPEL. Aborting bootstrap!" echo "Could not enable EPEL. Aborting bootstrap!"
exit 1 exit 1
fi fi
@@ -380,9 +392,9 @@ BootstrapRpmCommon() {
" "
fi fi
if ! $SUDO $tool install $yes_flag $pkgs; then if ! $SUDO $tool install $yes_flag $QUIET_FLAG $pkgs; then
echo "Could not install OS dependencies. Aborting bootstrap!" echo "Could not install OS dependencies. Aborting bootstrap!"
exit 1 exit 1
fi fi
} }
@@ -394,7 +406,11 @@ BootstrapSuseCommon() {
install_flags="-l" install_flags="-l"
fi fi
$SUDO zypper $zypper_flags in $install_flags \ if [ "$QUIET" = 1 ]; then
QUIET_FLAG='-qq'
fi
$SUDO zypper $QUIET_FLAG $zypper_flags in $install_flags \
python \ python \
python-devel \ python-devel \
python-virtualenv \ python-virtualenv \
@@ -432,7 +448,11 @@ BootstrapArchCommon() {
fi fi
if [ "$missing" ]; then if [ "$missing" ]; then
$SUDO pacman -S --needed $missing $noconfirm if [ "$QUIET" = 1]; then
$SUDO pacman -S --needed $missing $noconfirm > /dev/null
else
$SUDO pacman -S --needed $missing $noconfirm
fi
fi fi
} }
@@ -465,7 +485,11 @@ BootstrapGentooCommon() {
} }
BootstrapFreeBsd() { BootstrapFreeBsd() {
$SUDO pkg install -Ay \ if [ "$QUIET" = 1 ]; then
QUIET_FLAG="--quiet"
fi
$SUDO pkg install -Ay $QUIET_FLAG \
python \ python \
py27-virtualenv \ py27-virtualenv \
augeas \ augeas \
@@ -505,15 +529,15 @@ BootstrapMac() {
fi fi
if ! hash pip 2>/dev/null; then if ! hash pip 2>/dev/null; then
echo "pip not installed" echo "pip not installed"
echo "Installing pip..." echo "Installing pip..."
curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python curl --silent --show-error --retry 5 https://bootstrap.pypa.io/get-pip.py | python
fi fi
if ! hash virtualenv 2>/dev/null; then if ! hash virtualenv 2>/dev/null; then
echo "virtualenv not installed." echo "virtualenv not installed."
echo "Installing with pip..." echo "Installing with pip..."
pip install virtualenv pip install virtualenv
fi fi
} }
@@ -523,26 +547,29 @@ BootstrapSmartOS() {
} }
BootstrapMageiaCommon() { BootstrapMageiaCommon() {
if ! $SUDO urpmi --force \ if [ "$QUIET" = 1 ]; then
python \ QUIET_FLAG='--quiet'
libpython-devel \ fi
python-virtualenv
if ! $SUDO urpmi --force $QUIET_FLAG \
python \
libpython-devel \
python-virtualenv
then then
echo "Could not install Python dependencies. Aborting bootstrap!" echo "Could not install Python dependencies. Aborting bootstrap!"
exit 1 exit 1
fi fi
if ! $SUDO urpmi --force \ if ! $SUDO urpmi --force $QUIET_FLAG \
git \ git \
gcc \ gcc \
python-augeas \ python-augeas \
openssl \ libopenssl-devel \
libopenssl-devel \ libffi-devel \
libffi-devel \ rootcerts
rootcerts
then then
echo "Could not install additional dependencies. Aborting bootstrap!" echo "Could not install additional dependencies. Aborting bootstrap!"
exit 1 exit 1
fi fi
} }
@@ -609,6 +636,11 @@ if [ "$1" = "--le-auto-phase2" ]; then
# --version output ran through grep due to python-cryptography DeprecationWarnings # --version output ran through grep due to python-cryptography DeprecationWarnings
# grep for both certbot and letsencrypt until certbot and shim packages have been released # grep for both certbot and letsencrypt until certbot and shim packages have been released
INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | grep "^certbot\|^letsencrypt" | cut -d " " -f 2) INSTALLED_VERSION=$("$VENV_BIN/letsencrypt" --version 2>&1 | grep "^certbot\|^letsencrypt" | cut -d " " -f 2)
if [ -z "$INSTALLED_VERSION" ]; then
echo "Error: couldn't get currently installed version for $VENV_BIN/letsencrypt: " 1>&2
"$VENV_BIN/letsencrypt" --version
exit 1
fi
else else
INSTALLED_VERSION="none" INSTALLED_VERSION="none"
fi fi
@@ -801,18 +833,18 @@ letsencrypt==0.7.0 \
# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE.
acme==0.10.2 \ acme==0.11.0 \
--hash=sha256:053bbf8d36be298e411e0fa397289307e1a888f419de1205931236114f8f825e \ --hash=sha256:9c084f9a62241a11231af63266f2f12ad696be590393a4ab4974276a47d63404 \
--hash=sha256:6465b66256849f8cd4269a43037d404b1ccf31a60d3c93fc628d6f6f4c43de78 --hash=sha256:1513ae74ee8424c739a953a552890830315669d95d105469d1cff5b7db9ae888
certbot==0.10.2 \ certbot==0.11.0 \
--hash=sha256:1e680cab3cda6c3079ee64066903f93e421df46a8d4db63264a6359f3d5ba63e \ --hash=sha256:cc94d890a8697b3bdbdc555bcf4ba93955f64324bc256b2ea710fd053fc03b8a \
--hash=sha256:33729ce100fc9d00d9820c81fc3ef9b95802b8d261f0cca0cce422bc568b1631 --hash=sha256:0f91fee360f9ce5e0584d0954fa3123832435f77f465915389032a90ac0248b1
certbot-apache==0.10.2 \ certbot-apache==0.11.0 \
--hash=sha256:c1f196506bf961e2171fb2af9feca8926100564b644acda1895acdf294c46e71 \ --hash=sha256:9a01883ca7e1159cff2a6e36bf97b83793c899c62944335f6ac2f59f9b3e8b5d \
--hash=sha256:8573275e74c8b74a9c7d7824636a37a4bc83327a7cc97a43b334fe8956ba8cb1 --hash=sha256:2b67871e7ae8bbfa7a2779fcd6444f28847fbb7a347ef4bfdb19fb55a0d75673
certbot-nginx==0.10.2 \ certbot-nginx==0.11.0 \
--hash=sha256:74c32bdaf2f3873aa811c3e2cdc205d3137b59c64dbcdca6f3982ed2a89b4f2a \ --hash=sha256:cfae45a42560e39889eebd287437556084c421a9e07a2deb3cbc0aeef92d2dab \
--hash=sha256:c8265ab4b4bc0a6a3a81d7f0b8ff2606dd28ebbb3cd045635862286b97af2c36 --hash=sha256:dbddffe47c8e8b2d1cf47fe393b434003270a45aec896f133492c855c77e6f08
UNLIKELY_EOF UNLIKELY_EOF
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
@@ -1024,7 +1056,7 @@ UNLIKELY_EOF
fi fi
else else
# Phase 1: Upgrade certbot-auto if neceesary, then self-invoke. # Phase 1: Upgrade certbot-auto if necessary, then self-invoke.
# #
# Each phase checks the version of only the thing it is responsible for # Each phase checks the version of only the thing it is responsible for
# upgrading. Phase 1 checks the version of the latest release of # upgrading. Phase 1 checks the version of the latest release of

14
letsencrypt-auto-source/certbot-auto.asc
View File

@@ -1,11 +1,11 @@
-----BEGIN PGP SIGNATURE----- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1 Version: GnuPG v1
iQEcBAABAgAGBQJYiWfOAAoJEE0XyZXNl3XyES8H/A77QJnVn4mNBv5+WDvOuxii iQEcBAABAgAGBQJYkh+9AAoJEE0XyZXNl3XyDFcH/RvYdrkHaLNfc7HX6cRgZvkM
OVch92SHT9FSrUpM0QNAB981SzjSt6vAwjdFjqyMYmfrITYl5Kfo9UjHJY3gfYAR 9XgP5j+Fsb44NP/U7FwVNHfgqe7OSSSHzNuXPt4/wZTRtXgQZjKU4fWlg8OTgNe8
S+oiSnBBJ1+9O1+s9kRt0/zwXS6iqIyT7gKM6ZQ5PPaKeB0Iw820m16QgOdMN6d3 MvTx7FL78GXOhMPC0DX3ZkYYOllApiAFHQuwOXroGb099PTr7msnatLunLk1yCUN
jBQlUIqg6Bl5y79znx8yAYXpIrbOj/Q1xcYpKjRcnyzgR7sWIGvJvVygtXcDN+QV wx/i+z0PHkJp+VDDb71sNOIwDtSzRx8w8/dtnnlODkDQWbbijkMUfslmEZnd5bRH
HUjtumjnqFON4+638N6xPeiJobTGgTwOLr91I0IhNWKCZ5hBgvm8Oq8r+cfZejCX 7vd2miuDkSR2dMdYLi+Zx0tkSib06kR8ahakPEIcDuZ5CI3fRESkmRUjOxFZOt/z
XIdtlvmcw08GiKsFY8WW7k9rK1/D8uy4Xx26KAAXmdY/xdyG9rOBHOui2N921nw= KqMVLMeEq0P81anlK3QCslwibhC88BlbafEma/FNPBZdzHz4UcQALWDGtYDn2tg=
=B8NE =+aXk
-----END PGP SIGNATURE----- -----END PGP SIGNATURE-----

26
letsencrypt-auto-source/letsencrypt-auto
View File

@@ -23,7 +23,7 @@ if [ -z "$VENV_PATH" ]; then
VENV_PATH="$XDG_DATA_HOME/$VENV_NAME" VENV_PATH="$XDG_DATA_HOME/$VENV_NAME"
fi fi
VENV_BIN="$VENV_PATH/bin" VENV_BIN="$VENV_PATH/bin"
LE_AUTO_VERSION="0.11.0.dev0" LE_AUTO_VERSION="0.11.0"
BASENAME=$(basename $0) BASENAME=$(basename $0)
USAGE="Usage: $BASENAME [OPTIONS] USAGE="Usage: $BASENAME [OPTIONS]
A self-updating wrapper script for the Certbot ACME client. When run, updates A self-updating wrapper script for the Certbot ACME client. When run, updates
@@ -833,18 +833,18 @@ letsencrypt==0.7.0 \
# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE.
acme==0.10.2 \ acme==0.11.0 \
--hash=sha256:053bbf8d36be298e411e0fa397289307e1a888f419de1205931236114f8f825e \ --hash=sha256:9c084f9a62241a11231af63266f2f12ad696be590393a4ab4974276a47d63404 \
--hash=sha256:6465b66256849f8cd4269a43037d404b1ccf31a60d3c93fc628d6f6f4c43de78 --hash=sha256:1513ae74ee8424c739a953a552890830315669d95d105469d1cff5b7db9ae888
certbot==0.10.2 \ certbot==0.11.0 \
--hash=sha256:1e680cab3cda6c3079ee64066903f93e421df46a8d4db63264a6359f3d5ba63e \ --hash=sha256:cc94d890a8697b3bdbdc555bcf4ba93955f64324bc256b2ea710fd053fc03b8a \
--hash=sha256:33729ce100fc9d00d9820c81fc3ef9b95802b8d261f0cca0cce422bc568b1631 --hash=sha256:0f91fee360f9ce5e0584d0954fa3123832435f77f465915389032a90ac0248b1
certbot-apache==0.10.2 \ certbot-apache==0.11.0 \
--hash=sha256:c1f196506bf961e2171fb2af9feca8926100564b644acda1895acdf294c46e71 \ --hash=sha256:9a01883ca7e1159cff2a6e36bf97b83793c899c62944335f6ac2f59f9b3e8b5d \
--hash=sha256:8573275e74c8b74a9c7d7824636a37a4bc83327a7cc97a43b334fe8956ba8cb1 --hash=sha256:2b67871e7ae8bbfa7a2779fcd6444f28847fbb7a347ef4bfdb19fb55a0d75673
certbot-nginx==0.10.2 \ certbot-nginx==0.11.0 \
--hash=sha256:74c32bdaf2f3873aa811c3e2cdc205d3137b59c64dbcdca6f3982ed2a89b4f2a \ --hash=sha256:cfae45a42560e39889eebd287437556084c421a9e07a2deb3cbc0aeef92d2dab \
--hash=sha256:c8265ab4b4bc0a6a3a81d7f0b8ff2606dd28ebbb3cd045635862286b97af2c36 --hash=sha256:dbddffe47c8e8b2d1cf47fe393b434003270a45aec896f133492c855c77e6f08
UNLIKELY_EOF UNLIKELY_EOF
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------

BIN
letsencrypt-auto-source/letsencrypt-auto.sig
View File

Binary file not shown.

24
letsencrypt-auto-source/pieces/letsencrypt-auto-requirements.txt
View File

@@ -171,15 +171,15 @@ letsencrypt==0.7.0 \
# THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE. # THE LINES BELOW ARE EDITED BY THE RELEASE SCRIPT; ADD ALL DEPENDENCIES ABOVE.
acme==0.10.2 \ acme==0.11.0 \
--hash=sha256:053bbf8d36be298e411e0fa397289307e1a888f419de1205931236114f8f825e \ --hash=sha256:9c084f9a62241a11231af63266f2f12ad696be590393a4ab4974276a47d63404 \
--hash=sha256:6465b66256849f8cd4269a43037d404b1ccf31a60d3c93fc628d6f6f4c43de78 --hash=sha256:1513ae74ee8424c739a953a552890830315669d95d105469d1cff5b7db9ae888
certbot==0.10.2 \ certbot==0.11.0 \
--hash=sha256:1e680cab3cda6c3079ee64066903f93e421df46a8d4db63264a6359f3d5ba63e \ --hash=sha256:cc94d890a8697b3bdbdc555bcf4ba93955f64324bc256b2ea710fd053fc03b8a \
--hash=sha256:33729ce100fc9d00d9820c81fc3ef9b95802b8d261f0cca0cce422bc568b1631 --hash=sha256:0f91fee360f9ce5e0584d0954fa3123832435f77f465915389032a90ac0248b1
certbot-apache==0.10.2 \ certbot-apache==0.11.0 \
--hash=sha256:c1f196506bf961e2171fb2af9feca8926100564b644acda1895acdf294c46e71 \ --hash=sha256:9a01883ca7e1159cff2a6e36bf97b83793c899c62944335f6ac2f59f9b3e8b5d \
--hash=sha256:8573275e74c8b74a9c7d7824636a37a4bc83327a7cc97a43b334fe8956ba8cb1 --hash=sha256:2b67871e7ae8bbfa7a2779fcd6444f28847fbb7a347ef4bfdb19fb55a0d75673
certbot-nginx==0.10.2 \ certbot-nginx==0.11.0 \
--hash=sha256:74c32bdaf2f3873aa811c3e2cdc205d3137b59c64dbcdca6f3982ed2a89b4f2a \ --hash=sha256:cfae45a42560e39889eebd287437556084c421a9e07a2deb3cbc0aeef92d2dab \
--hash=sha256:c8265ab4b4bc0a6a3a81d7f0b8ff2606dd28ebbb3cd045635862286b97af2c36 --hash=sha256:dbddffe47c8e8b2d1cf47fe393b434003270a45aec896f133492c855c77e6f08