Currently, you must read ten paragraphs about writing renewal hooks
before you find that most distributions will automatically renew certs
for you. This is burying the lede in a major way; moving it up to the
header seems a better choice.
* Clarify UNIX only
* Have people develop natively.
Some systems like Arch Linux and macOS require --debug in order to install
dependencies.
Our bootstrapping script for macOS works, so let's let people who want to
develop natively.
* briefly mention docker as dev option
* remove bad _common.sh info
* update OS dep section
* Remove sudo from certbot-auto usage
When sudo isn't available, Certbot is able to fall back to su. Removing it from
the instructions here allows the command to work when its run in minimal
systems like Docker where sudo may not be installed.
* copy advice about missing interpreters
* Improve integration tests docs
Explain what a boulder is and tell people they probably should just let the
tests run in Travis.
* Don't tell people to run integration tests.
I don't think any paid Certbot devs run integration tests locally and instead
rely on Travis. Let's not make others do it.
* fix spacing
* you wouldn't download a CA
* address review comments
* Revert "document default is ACMEv2 (#5818)"
This reverts commit 2c502e6f8b.
* Revert "Update default to ACMEv2 server (#5722)"
This reverts commit 4d706ac77e.
* Release 0.22.1
(cherry picked from commit 05c75e34e2)
* Bump version to 0.23.0
(cherry picked from commit 6fd3a57791)
* Release 0.22.2
(cherry picked from commit ea445ed11e)
* Bump version to 0.23.0
(cherry picked from commit cbe87d451c66931a084f4e513d899aae085a37d3)
- Fix code to log separate error messages when either SSLCertificateFile or SSLCertificateKeyFile -
directives are not found.
- Update the section in install.rst where the relevant error is referenced.
- Edit a docstring where 'cert' previously referred to certificate.
- Edit test_deploy_cert_invalid_vhost in the test suite to cover changes.
Fixes#5525.
* Drop support for EOL Python 2.6
* Use more helpful assertIn/NotIn instead of assertTrue/False
* Drop support for EOL Python 3.3
* Remove redundant Python 3.3 code
* Restore code for RHEL 6 and virtualenv for Py2.7
* Revert pipstrap.py to upstream
* Merge py26_packages and non_py26_packages into all_packages
* Revert changes to *-auto in root
* Update by calling letsencrypt-auto-source/build.py
* Revert permissions for pipstrap.py
- Dev / test cycles are one use case for the "running a local copy of
the client" instructions, but simply running bleeding edge Certbot is
another
- So edit the docs to once again explain how to just run bleeding edge
Certbot, without (say) always getting staging certs.
* Add hook dir constants
* Add hook dir properties to configuration
* test hook dir properties
* reuse certbot.util.is_exe
* Add certbot.hooks.list_hooks
* test list_hooks
* Run pre-hooks in directory
* Run deploy-hooks in directory
* Run post-hooks in directory
* Refactor and update certbot/tests/hook_test.py
* Add integration tests for hook directories
* Have Certbot create hook directories.
* document renewal hook directories
* Add --no-directory-hooks
* Make minor note about locale independent sorting
- adding what.rst to index.rst
- Bigger link to instruction generator in intro.rst, some edits to what.rst in response to comments on What is a Certificate? section first draft #4370
- Responding to St_Ranger's comment on 4370
- Edits to using.rst related to --expand
- Initial edit pass through challenges.rst
- Edits to what.rst and challenges.rst to resolve#3664 and #4153
- Incorpoprating feedback from #4370
- Finally going after those last few comments before the restructuring of the plugin stuff (coming soon)
- Fixing --expand example in using.rst and adding to Apache/NGINX bullet in challenges.rst
* Add TLS-SNI-01 support to Manual plugin
* Add environment variable CERTBOT_SNI_DOMAIN for manual-auth-hook
* Make AuthenticatorTest inherit from TempDirTestCase
* Add test_get_z_domain()
* Document CERTBOT_SNI_DOMAIN in docs/using.rst
Implement an Authenticator which can fulfill a dns-01 challenge using the
Cloudflare API. Applicable only for domains using Cloudflare for DNS.
Testing Done:
* `tox -e py27`
* `tox -e lint`
* Manual testing:
* Used `certbot certonly --dns-cloudflare -d`, specifying a
credentials file as a command line argument. Verified that a
certificate was successfully obtained without user interaction.
* Used `certbot certonly --dns-cloudflare -d`, without specifying a
credentials file as a command line argument. Verified that the user
was prompted and that a certificate was successfully obtained.
* Used `certbot certonly -d`. Verified that the user was prompted for
a credentials file after selecting cloudflare interactively and
that a certificate was successfully obtained.
* Used `certbot renew --force-renewal`. Verified that certificates
were renewed without user interaction.
* Negative testing:
* Path to non-existent credentials file.
* Credentials file with unsafe permissions (644).
* Credentials file missing e-mail address.
* Credentials file with blank API key.
* Credentials file with incorrect e-mail address.
* Credentials file with malformed API key.
* Credentials file with invalid API key.
* Domain name not registered to Cloudflare account.
* Mention python 3 support in setup.py
* Build universal (py2 and py3 compatible) wheels
* Mention Python 3.3+ support in docs
* we work on python 3.6 too
Add port/package URL for py-acme
Use Freshports URL's instead of SVNWeb (repository) links as they provide (binary) package installation installation as well as further port/package information such as vulnerabilities, revision history and bug reports for each port respectively.
1. Replace the outdated reference to "vritualenv", "see below" -> "see above".
2. Replace the awkward sentence (partially incorrect) about installing on FreeBSD.
It can be installed via different ways: "pkg" is not exclusive. I am not aware of any reason why it canNOT be installed from ports. Some people prefer build and install everything from ports. (The previous version of the description implies that ports cannot be used.)
Move "Writing your own plugin" under Code components and layout, with the other
plugin docs.
Include instructions on how to install a plugin into a virtualenv and how to check
for its presence.
Document that users can install third-party plugins systemwide, but not with
certbot-auto.
Remove obsolete information from Authenticators section and make the section
more informative.
Remove IDisplay sub-section since it repeats information in the main "Plugin
architecture" section.
* remove instructions about removed Vagrantfile
* rewrite docker instructions
* say where docker-compose can be run
* give better intro for macOS devs
* prompt people for permission to install OS packages
* reword awkward sentence
* Change WORKDIR to /opt/certbot/src
This change is OK because all paths used in Dockerfile-dev are absolute paths.
* remove 'cd src' instructions for Dockerfile-dev
* Improve docker-compose testing instructions
Correct tagging format.
Add request for random offsets for renewal.
Make all bulleted lists consistent.
Remove obsolete `letsencrypt` package for Fedora.
Remove discouraged letshelp-certbot package.
Recommend faster-running commands with clearer output first, building up to
slow, noisy, `tox` last.
Remove outdated Boulder testing advice, and outdated Boulder testing scripts
(Vagrantfile, mac-bootstrap.sh, boulder-start.sh). Update Boulder testing
section.
Fill out "directory structure" section of contributing guide a little better.
