certbot

mirror of https://github.com/certbot/certbot.git synced 2026-06-04 22:33:00 -04:00

History

Adrien Ferrand d5de24d9fc [Windows] Security model for files permissions - STEP 2 (#6895 ) This PR is the second part of #6497 to ease the integration, following the new plan propose by @bmw here: #6497 (comment) This PR creates the module certbot.compat.os, that delegates everything to os, and that will be the safeguard against problematic methods of the standard module. On top of that, a quality check wrapper is called in the lint tox environment. This wrapper calls pylint and ensures that standard os module is no used directly in the certbot codebase. Finally local oldest requirements are updated to ensure that tests will take the new logic when running. * Add executable permissions * Add the delegate certbot.compat.os module, add check coding style to enforce usage of certbot.compat.os instead of standard os * Load certbot.compat.os instead of os * Move existing compat test * Update local oldest requirements * Import sys * Update account_test.py * Update os.py * Update os.py * Update local oldest requirements * Implement the new linter_plugin * Fix local oldest for nginx * Remove check coding style * Update linter_plugin.py * Add several comments * Update the setup.py * Add documentation * Update acme dependencies * Update certbot/compat/os.py * Update docs/contributing.rst * Update linter_plugin.py * Handle os.path. Simplify checker. * Add a comment to a reference implementation * Update changelog * Fix module registering * Update docs/contributing.rst * Update config and changelog		2019-04-12 13:32:51 -07:00
..
certbot_dns_route53	[Windows] Security model for files permissions - STEP 2 (#6895 )	2019-04-12 13:32:51 -07:00
docs	Put API link at the bottom of DNS plugin docs (#5699 )	2018-03-12 17:10:23 -07:00
examples	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
tools	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
.gitignore	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
Dockerfile	Generate constraints file to pin deps in Docker images	2019-02-20 16:59:55 +02:00
LICENSE	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
local-oldest-requirements.txt	[Windows] Security model for files permissions - STEP 2 (#6895 )	2019-04-12 13:32:51 -07:00
MANIFEST.in	route53: autogenerate documentation (#4816 )	2017-06-09 16:01:59 -07:00
README.md	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
readthedocs.org.requirements.txt	Add readthedocs requirements files (#5696 )	2018-03-08 17:24:30 -08:00
setup.cfg	route53: rename to match other DNS plugins (#4747 )	2017-06-06 15:41:04 -07:00
setup.py	[Windows] Security model for files permissions - STEP 2 (#6895 )	2019-04-12 13:32:51 -07:00

README.md

Route53 plugin for Let's Encrypt client

Before you start

It's expected that the root hosted zone for the domain in question already exists in your account.

Setup

Create a virtual environment
Update its pip and setuptools (VENV/bin/pip install -U setuptools pip) to avoid problems with cryptography's dependency on setuptools>=11.3.
Make sure you have libssl-dev and libffi (or your regional equivalents) installed. You might have to set compiler flags to pick things up (I have to use CPPFLAGS=-I/usr/local/opt/openssl/include LDFLAGS=-L/usr/local/opt/openssl/lib on my macOS to pick up brew's openssl, for example).
Install this package.

How to use it

Make sure you have access to AWS's Route53 service, either through IAM roles or via .aws/credentials. Check out sample-aws-policy.json for the necessary permissions.

To generate a certificate:

certbot certonly \
  -n --agree-tos --email DEVOPS@COMPANY.COM \
  --dns-route53 \
  -d MY.DOMAIN.NAME