5 years ago · 4ce39c0f3f
--- a/data/Dockerfiles/acme/functions.sh
+++ b/data/Dockerfiles/acme/functions.sh
@@ -9,9 +9,9 @@ log_f() {
 
															     echo "$(date) - ${1}"
														
 
															   fi
														
 
															   if [[ ${3} == "b64" ]]; then
														
 
															-    ${REDIS_CMDLINE} LPUSH ACME_LOG "{\"time\":\"$(date +%s)\",\"message\":\"base64,$(printf '%s' "${1}")\"}" > /dev/null
														
 
															+    ${REDIS_CMDLINE} LPUSH ACME_LOG "{\"time\":\"$(date +%s)\",\"message\":\"base64,$(printf '%s' "${MAILCOW_HOSTNAME} - ${1}")\"}" > /dev/null
														
 
															   else
														
 
															-    ${REDIS_CMDLINE} LPUSH ACME_LOG "{\"time\":\"$(date +%s)\",\"message\":\"$(printf '%s' "${1}" | \
														
 
															+    ${REDIS_CMDLINE} LPUSH ACME_LOG "{\"time\":\"$(date +%s)\",\"message\":\"$(printf '%s' "${MAILCOW_HOSTNAME} - ${1}" | \
														
 
															       tr '%&;$"[]{}-\r\n' ' ')\"}" > /dev/null
														
 
															   fi
														
 
															 }
														
--- a/data/Dockerfiles/acme/obtain-certificate.sh
+++ b/data/Dockerfiles/acme/obtain-certificate.sh
@@ -32,10 +32,13 @@ if [[ -z ${CERT_DOMAINS[*]} ]]; then
 
															 fi
														
 
															 if [[ "${LE_STAGING}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
														
 
															+  if [[ ! -z "${DIRECTORY_URL}" ]]; then
														
 
															+    log_f "Cannot use DIRECTORY_URL with LE_STAGING=y - ignoring DIRECTORY_URL"
														
 
															+  fi
														
 
															   log_f "Using Let's Encrypt staging servers"
														
 
															-  STAGING_PARAMETER='--directory-url https://acme-staging-v02.api.letsencrypt.org/directory'
														
 
															-else
														
 
															-  STAGING_PARAMETER=
														
 
															+  DIRECTORY_URL='--directory-url https://acme-staging-v02.api.letsencrypt.org/directory'
														
 
															+elif [[ ! -z "${DIRECTORY_URL}" ]]; then
														
 
															+  log_f "Using custom directory URL ${DIRECTORY_URL}"
														
 
															 fi
														
 
															 if [[ -f ${DOMAINS_FILE} && "$(cat ${DOMAINS_FILE})" ==  "${CERT_DOMAINS[*]}" ]]; then
														
@@ -84,7 +87,7 @@ openssl req -new -sha256 -key ${KEY} -subj "/" -reqexts SAN -config <(cat /etc/s
 
															 # - redirect acme-tiny stderr to stdout (logs to variable ACME_RESPONSE)
														
 
															 # - tee stderr to get live output and log to dockerd
														
 
															-ACME_RESPONSE=$(acme-tiny ${STAGING_PARAMETER} \
														
 
															+ACME_RESPONSE=$(acme-tiny ${DIRECTORY_URL} \
														
 
															   --account-key ${ACME_BASE}/acme/account.pem \
														
 
															   --disable-check \
														
 
															   --csr ${CSR} \
														
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -342,7 +342,7 @@ services:
 
															     acme-mailcow:
														
 
															       depends_on:
														
 
															         - nginx-mailcow
														
 
															-      image: mailcow/acme:1.70
														
 
															+      image: mailcow/acme:1.71
														
 
															       dns:
														
 
															         - ${IPV4_NETWORK:-172.22.1}.254
														
 
															       environment:
														
@@ -353,6 +353,7 @@ services:
 
															         - DBUSER=${DBUSER}
														
 
															         - DBPASS=${DBPASS}
														
 
															         - SKIP_LETS_ENCRYPT=${SKIP_LETS_ENCRYPT:-n}
														
 
															+        - DIRECTORY_URL=${DIRECTORY_URL:-}
														
 
															         - ENABLE_SSL_SNI=${ENABLE_SSL_SNI:-n}
														
 
															         - SKIP_IP_CHECK=${SKIP_IP_CHECK:-n}
														
 
															         - SKIP_HTTP_VERIFICATION=${SKIP_HTTP_VERIFICATION:-n}