[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Resolution|--- |FIXED Status|Pushed to Master|CLOSED -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|Pushed for QA |Pushed to Master -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|In Discussion |Pushed for QA --- Comment #62 from Mirko Tietgen --- sorry, changed by accident. can somebody set it back to pushed to master? i'm not allowed to -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|Pushed to Master|In Discussion -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Karl Holten changed: What|Removed |Added CC||khol...@switchinc.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Karl Holten changed: What|Removed |Added CC||khol...@switchinc.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #61 from David Cook --- Woo! Hurray Mirko! -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Kyle M Hall changed: What|Removed |Added CC||k...@bywatersolutions.com Status|Passed QA |Pushed to Master --- Comment #60 from Kyle M Hall --- Pushed to master for the May 2016 release. Gracias Mirko! -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #50313|0 |1 is obsolete|| --- Comment #59 from Mirko Tietgen --- Created attachment 50324 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50324&action=edit Bug 15303 Followup: If install LE dependencies from backports on Jessie On Debian Jessie, apt needs to be told it should get the dependencies for the LE package from backports, or it will error. We check if we are on Jessie and do that automatically so users don't need to set priorities manually in apt. Changed to lsb_release -c -s. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #58 from Mirko Tietgen --- Oh, great catch! :D I blindly copied it from something I wrote a while ago. I will make a change. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #57 from Jonathan Druart --- Comment on attachment 50313 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50313 Bug 15303 Followup: If install LE dependencies from backports on Jessie Review of attachment 50313: --> (https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=15303&attachment=50313) - ::: debian/scripts/koha-create @@ +338,4 @@ > if [ $aptcacheshow -eq 0 ]; then > read -r -p "The letsencrypt package is not installed. Do it > now? [y/N] " response > if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then > +local debrelease="$(lsb_release -c | sed > 's|.*\W\(.*\)|\1|')" lsb-release -c -s seems to be the way to do :) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #56 from Mirko Tietgen --- Created attachment 50313 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50313&action=edit Bug 15303 Followup: If install LE dependencies from backports on Jessie On Debian Jessie, apt needs to be told it should get the dependencies for the LE package from backports, or it will error. We check if we are on Jessie and do that automatically so users don't need to set priorities manually in apt. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #55 from Jonathan Druart --- (In reply to Mirko Tietgen from comment #48) > > If you are a liar and the symlink does not exist, you get a weird error from > > adduser (adduser: Please enter a username matching the regular expression > > configured) > > That was actually due to a too short instance name. You get the same if you > do it without --letsencrypt. No, it's because I used uppercase characters. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #54 from Jonathan Druart --- Created attachment 50312 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50312&action=edit Bug 15303: Test if the symlink to letsencrypt-auto exists Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #53 from Jonathan Druart --- Created attachment 50311 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50311&action=edit Bug 15303 QA-Followup: check_letsencrypt only if --letsencrypt is used Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #51 from Jonathan Druart --- Created attachment 50309 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50309&action=edit Bug 15303 Followup for koha-remove This patch makes koha-remove take care of /etc/letsencrypt/renewal/$opacdomain.conf /var/lib/koha/$site/letsencrypt.enabled It also adds a few helper functions. To test - create a koha instance with LE - observe you got both files mentioned above - remove that instance - verify the files are gone Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #52 from Jonathan Druart --- Created attachment 50310 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50310&action=edit Bug 15303 Followup: Fix apt-cache show breaking koha-create Temporarely set +e so the test for the LE package does not break koha-create Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #50 from Jonathan Druart --- Created attachment 50308 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50308&action=edit Bug 15303 LE production server Deletes the --staging option of the letsencrypt command to get real certificates. Rate limits apply. Signed-off-by: Chris Cormack Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added Status|Failed QA |Passed QA -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added Attachment #50215|0 |1 is obsolete|| Attachment #50216|0 |1 is obsolete|| Attachment #50271|0 |1 is obsolete|| Attachment #50283|0 |1 is obsolete|| Attachment #50287|0 |1 is obsolete|| --- Comment #49 from Jonathan Druart --- Created attachment 50307 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50307&action=edit Bug 15303 Letsencrypt option for Debian package installations New option koha-create --letsencrypt - installs the letsencrypt package if needed - creates - generates letsencrypt certificates for - sets up a https-only website for - redirects http to https for ! you need to enable jessie backports to install letsencrypt: add deb http://http.debian.net/debian jessie-backports main contrib non-free to your /etc/apt/sources.list ! this patch uses the letsencrypt staging server to create real certificates, apply thy "LE production server" patch Test plan: - build a debian package with patch applied - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --letsencrypt - if you do not have the letsencrypt package installed, you will be prompted to do that [ if there is no package available, a symlink to the git checkout will work: on your test server, get letsencrypt via git git clone https://github.com/letsencrypt/letsencrypt create a symlink from /usr/bin/letsencrypt to letsencrypt-auto sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt ] - wait until setup is finished, check that you got a working OPAC and staff client with certificates - check that http redirects to https Signed-off-by: Chris Cormack Signed-off-by: Jonathan Druart -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #46 from Jonathan Druart --- After discussion with Mirko, we have found some others issues with the --letsencrypt param: check_letsencrypt should not be called unless the param is passed If you are a liar and the symlink does not exist, you get a weird error from adduser (adduser: Please enter a username matching the regular expression configured) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #47 from Mirko Tietgen --- Created attachment 50287 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50287&action=edit Bug 15303 QA-Followup: check_letsencrypt only if --letsencrypt is used -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #48 from Mirko Tietgen --- (In reply to Jonathan Druart from comment #46) > After discussion with Mirko, we have found some others issues with the > --letsencrypt param: > > check_letsencrypt should not be called unless the param is passed Patch added. > If you are a liar and the symlink does not exist, you get a weird error from > adduser (adduser: Please enter a username matching the regular expression > configured) That was actually due to a too short instance name. You get the same if you do it without --letsencrypt. > sudo koha-create --create-db LE > adduser: Bitte geben Sie einen Benutzernamen ein, der die Kriterien des > regulären Ausdrucks erfüllt, welcher in der Konfigurationsvariablen > NAME_REGEX > festgelegt ist. Verwenden Sie die Option »--force-badname«, um > die Überprüfung weniger strikt durchzuführen, oder ändern Sie NAME_REGEX. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added Status|Signed Off |Failed QA -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|Failed QA |Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #45 from Mirko Tietgen --- Created attachment 50283 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50283&action=edit Bug 15303 Followup: Fix apt-cache show breaking koha-create Temporarely set +e so the test for the LE package does not break koha-create -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added Status|Signed Off |Failed QA --- Comment #44 from Jonathan Druart --- Using Jessie without backport enabled: sudo koha-create --create-db --letsencrypt LE Does not return anything but errno 100 Because % apt-cache show letsencrypt N: Unable to locate package letsencrypt E: No packages found % echo $? 100 The line +apt-cache show letsencrypt &>/dev/null is wrong -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added QA Contact|jonathan.dru...@bugs.koha-c |testo...@bugs.koha-communit |ommunity.org|y.org --- Comment #43 from Jonathan Druart --- I am getting crazy with my setup, I have not managed to test this patch entirely to pass QA on it: cannot package it, cannot install the .deb Mirko gave me (kohadevbox:ansible raises lot of updatedatabase warnings, on a lxc koha-common stuck on random step (configure apache-mpm-itk or cron or at, etc.) Reading the code, everything looks good. Hope to see someone QA it before the feature freeze. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #42 from Mirko Tietgen --- Created attachment 50271 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50271&action=edit Bug 15303 Followup for koha-remove This patch makes koha-remove take care of /etc/letsencrypt/renewal/$opacdomain.conf /var/lib/koha/$site/letsencrypt.enabled It also adds a few helper functions. To test - create a koha instance with LE - observe you got both files mentioned above - remove that instance - verify the files are gone -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #41 from Mirko Tietgen --- It's actually letsencrypt renew --dry-run -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #40 from Mirko Tietgen --- About renewal, the Debian LE package can do that automatically now. letsencrypt --renew renews all certs that are valid for < 30 days I think. You can test that with > letsencrypt --renew --dry-run LE puts the conf files in /etc/letsencrypt/renewal/$opacdomain.conf I will provide a followup to remove that with koha-remove to avoid problems. I will also remove $instance/letsencrypt.enabled to prevent errors. The folder is not deleted automatically by koha-remove. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added QA Contact|testo...@bugs.koha-communit |jonathan.dru...@bugs.koha-c |y.org |ommunity.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Chris Cormack changed: What|Removed |Added Status|Needs Signoff |Signed Off -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Chris Cormack changed: What|Removed |Added Attachment #49471|0 |1 is obsolete|| --- Comment #39 from Chris Cormack --- Created attachment 50216 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50216&action=edit Bug 15303 LE production server Deletes the --staging option of the letsencrypt command to get real certificates. Rate limits apply. Signed-off-by: Chris Cormack -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Chris Cormack changed: What|Removed |Added Attachment #49470|0 |1 is obsolete|| --- Comment #38 from Chris Cormack --- Created attachment 50215 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=50215&action=edit Bug 15303 Letsencrypt option for Debian package installations New option koha-create --letsencrypt - installs the letsencrypt package if needed - creates - generates letsencrypt certificates for - sets up a https-only website for - redirects http to https for ! you need to enable jessie backports to install letsencrypt: add deb http://http.debian.net/debian jessie-backports main contrib non-free to your /etc/apt/sources.list ! this patch uses the letsencrypt staging server to create real certificates, apply thy "LE production server" patch Test plan: - build a debian package with patch applied - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --letsencrypt - if you do not have the letsencrypt package installed, you will be prompted to do that [ if there is no package available, a symlink to the git checkout will work: on your test server, get letsencrypt via git git clone https://github.com/letsencrypt/letsencrypt create a symlink from /usr/bin/letsencrypt to letsencrypt-auto sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt ] - wait until setup is finished, check that you got a working OPAC and staff client with certificates - check that http redirects to https Signed-off-by: Chris Cormack -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Arslan Farooq changed: What|Removed |Added CC||arslan...@gmail.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46751|0 |1 is obsolete|| --- Comment #37 from Mirko Tietgen --- Created attachment 49471 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=49471&action=edit Bug 15303 LE production server Deletes the --staging option of the letsencrypt command to get real certificates. Rate limits apply. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46749|0 |1 is obsolete|| Attachment #46750|0 |1 is obsolete|| Attachment #46752|0 |1 is obsolete|| --- Comment #36 from Mirko Tietgen --- Created attachment 49470 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=49470&action=edit Bug 15303 Letsencrypt option for Debian package installations New option koha-create --letsencrypt - installs the letsencrypt package if needed - creates - generates letsencrypt certificates for - sets up a https-only website for - redirects http to https for ! you need to enable jessie backports to install letsencrypt: add deb http://http.debian.net/debian jessie-backports main contrib non-free to your /etc/apt/sources.list ! this patch uses the letsencrypt staging server to create real certificates, apply thy "LE production server" patch Test plan: - build a debian package with patch applied - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --letsencrypt - if you do not have the letsencrypt package installed, you will be prompted to do that [ if there is no package available, a symlink to the git checkout will work: on your test server, get letsencrypt via git git clone https://github.com/letsencrypt/letsencrypt create a symlink from /usr/bin/letsencrypt to letsencrypt-auto sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt ] - wait until setup is finished, check that you got a working OPAC and staff client with certificates - check that http redirects to https -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #35 from Mirko Tietgen --- letsencrypt is in jessie-backports now https://packages.debian.org/jessie-backports/letsencrypt -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mike changed: What|Removed |Added CC||blac...@gmail.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Josef Moravec changed: What|Removed |Added CC||josef.mora...@gmail.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #34 from Mirko Tietgen --- Created attachment 46752 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46752&action=edit Bug 15303 Followup: apache port 80 servername/alias and typo -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46747|0 |1 is obsolete|| --- Comment #32 from Mirko Tietgen --- Created attachment 46750 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46750&action=edit Bug 15303 Workaround to use git ckeckout The Debian package letsencrypt is only available in unstable at the moment. To test without letsencrypt package: - apply this patch before you build the package - on the test vm/server: -- get letsencrypt via git git clone https://github.com/letsencrypt/letsencrypt -- create a symlink from /usr/bin/letsencrypt to letsencrypt-auto sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46746|0 |1 is obsolete|| --- Comment #31 from Mirko Tietgen --- Created attachment 46749 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46749&action=edit Bug 15303 Letsencrypt option for Debian package installations New option koha-create --letsencrypt - installs the letsencrypt package if needed - creates - generates letsencrypt certificates for - sets up a https-only website for - redirects http to https for ! letsencrypt and dependencies are only available in debian unstable right now ! but koha-common does not work in debian unstable, so you cannot test there ! apply the "Workaround" patch to test without letsencrypt package ! this patch uses the letsencrypt staging server ! to create real certificates, apply thy "LE production server" patch Test plan: - build a debian package with patch applied - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --letsencrypt - if you do not have the letsencrypt package installed, you will be prompted to do that [ as long as there is no package available, a symlink to the git checkout will work ] - wait until setup is finished, check that you got a working OPAC and staff client with certificates - check that http redirects to https Bug 15303 Recreate accidentally deleted C4/Auth_cas_servers.yaml.orig -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46748|0 |1 is obsolete|| --- Comment #33 from Mirko Tietgen --- Created attachment 46751 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46751&action=edit Bug 15303 LE production server Deletes the --staging option of the letsencrypt command to get real certificates. Rate limits apply. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46745|0 |1 is obsolete|| --- Comment #30 from Mirko Tietgen --- Created attachment 46748 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46748&action=edit Bug 15303 LE production server Deletes the --staging option of the letsencrypt command to get real certificates. Rate limits apply. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46617|0 |1 is obsolete|| --- Comment #28 from Mirko Tietgen --- Created attachment 46746 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46746&action=edit Bug 15303 Letsencrypt option for Debian package installations New option koha-create --letsencrypt - installs the letsencrypt package if needed - creates - generates letsencrypt certificates for - sets up a https-only website for - redirects http to https for ! letsencrypt and dependencies are only available in debian unstable right now ! but koha-common does not work in debian unstable, so you cannot test there ! apply the "Workaround" patch to test without letsencrypt package ! this patch uses the letsencrypt staging server ! to create real certificates, apply thy "LE production server" patch Test plan: - build a debian package with patch applied - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --letsencrypt - if you do not have the letsencrypt package installed, you will be prompted to do that [ as long as there is no package available, a symlink to the git checkout will work ] - wait until setup is finished, check that you got a working OPAC and staff client with certificates - check that http redirects to https -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46742|0 |1 is obsolete|| --- Comment #29 from Mirko Tietgen --- Created attachment 46747 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46747&action=edit Bug 15303 Workaround to use git ckeckout The Debian package letsencrypt is only available in unstable at the moment. To test without letsencrypt package: - apply this patch before you build the package - on the test vm/server: -- get letsencrypt via git git clone https://github.com/letsencrypt/letsencrypt -- create a symlink from /usr/bin/letsencrypt to letsencrypt-auto sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #27 from Mirko Tietgen --- Created attachment 46745 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46745&action=edit Bug 15303 LE production server Deletes the --staging option of the letsencrypt command to get real certificates. Rate limits apply. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #26 from Mirko Tietgen --- Bug 15587 changes the commandline parameter. I will merge both bugs together, otherwise it's confusing. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #25 from Mirko Tietgen --- Created attachment 46742 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46742&action=edit Bug 15303 Use --staging during development to circumvent limits The --staging parameter uses the LE test server. This is only for testing, not supposed to go into master, no signoff needed. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Blocks||15587 Referenced Bugs: http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15587 [Bug 15587] Unstable letsencrypt_x.x.x-x_all.deb testing -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added See Also||http://bugs.koha-community. ||org/bugzilla3/show_bug.cgi? ||id=15540 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added See Also||http://bugs.koha-community. ||org/bugzilla3/show_bug.cgi? ||id=8897 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #46116|0 |1 is obsolete|| Attachment #46117|0 |1 is obsolete|| Attachment #46118|0 |1 is obsolete|| --- Comment #24 from Mirko Tietgen --- Created attachment 46617 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46617&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects http to https New option --letsencrypt - sets the path where letsencrypt-auto lives - default value /usr/bin, but there is no Debian package yet Test plan: - build a debian package with patch applied - checkout letsencrypt on the machine where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates make sure to use https:// to open both sites - check that http redirects to https -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|In Discussion |Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #23 from Mirko Tietgen --- I put some information for testers in the wiki at http://wiki.koha-community.org/wiki/LetsEncrypt I want to roll a package and test this again after the last changes before I set it back to needs signoff. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #22 from Mirko Tietgen --- Doing a cronjob for this until automatic renewal is in letsencrypt itself only makes sense if this is going to be pushed to stable releases soon. It will very likely work automatically by the time 3.24 is released. So I'd like to hear from package maintainers if they would like to push this, before I work on it. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #21 from Mirko Tietgen --- Created attachment 46118 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46118&action=edit Bug 15303 Go back to old version of Apache template This version of the Apache template is less sophisticated, but should work with Apache 2.2 and 2.4. SSL options are commented out (#) in the beginning, ports are set to 80. When the certificated are available, ports are changed to 443, all # are removed for SSL options and HTTP redirect. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #20 from Mirko Tietgen --- Created attachment 46117 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46117&action=edit Bug 15303 Add --letsencrypt to koha-list Integrate --letsencrypt into koha-list, needed to have letsencrypt-only cronjobs. Add _is_letsencrypt_enabled -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45415|0 |1 is obsolete|| --- Comment #19 from Mirko Tietgen --- Created attachment 46116 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=46116&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects http to https New option --letsencrypt - sets the path where letsencrypt-auto lives - default value /usr/bin, but there is no Debian package yet Test plan: - build a debian package with patch applied - checkout letsencrypt on the machine where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates make sure to use https:// to open both sites - check that http redirects to https -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Jonathan Druart changed: What|Removed |Added CC||jonathan.dru...@bugs.koha-c ||ommunity.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|Needs Signoff |In Discussion --- Comment #18 from Mirko Tietgen --- Setting to in disussion for now, patch does not work atm. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #17 from Mirko Tietgen --- The "real" IfDefine version (not on bz) does not work with apache 2.2, this one (using IfDefine as a way to comment out parts of the conf file) does not work for me on 2.4. I will go back to the uglier first version with a lot of # comments in the file that get removed after certs are created. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #16 from Mirko Tietgen --- It would probably be better to have a single option for koha-create. Just --letsencrypt , and if path is not given, use default /usr/bin. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #15 from Mirko Tietgen --- It is supposed to be automated in itself.[1] The experimental Debian package[2] has a letsencrypt and a letencrypt-renew binary.[3] For now using a copy of the line used to generate the first certificate in a monthly cronjob should work. Or maybe a koha-list --letsencrypt flag that lists all instances created that way and a cronjob that uses this. I will add something as seperate patch so it can be ommited when its not needed anymore at push time. [1] https://letsencrypt.readthedocs.org/en/latest/using.html#renewal [2] https://packages.debian.org/experimental/letsencrypt [3] https://github.com/letsencrypt/letsencrypt/issues/257 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Galen Charlton changed: What|Removed |Added CC||gmcha...@gmail.com --- Comment #14 from Galen Charlton --- Very promising start. Since the Let's Encrypt certificates are short-lived (90 days, IIRC), there will also need to be a mechanism in place to automatically renew them. An /etc/cron.monthly/koha-common might do for now (although I'm kinda hoping that the Debian Let's Encrypt packagers come up with a way to centralize management of the periodic cert renewals/replacmenets). -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #13 from Mirko Tietgen --- Looks like i broke it with the last update. Fix coming soon. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45414|0 |1 is obsolete|| --- Comment #12 from Mirko Tietgen --- Created attachment 45415 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45415&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects http to https New option --letsencrypt - sets the path where letsencrypt-auto lives - default value /usr/bin, but there is no Debian package yet Test plan: - build a debian package with patch applied - checkout letsencrypt on the machine where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates make sure to use https:// to open both sites - check that http redirects to https -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45409|0 |1 is obsolete|| --- Comment #11 from Mirko Tietgen --- Created attachment 45414 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45414&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) New option --letsencrypt - sets the path where letsencrypt-auto lives - default value /usr/bin, but there is noch Debian package yet Test plan: - build a debian package with patch applied - checkout letsencrypt on the machine where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates make sure to use https:// to open both sites - check that http redirects to https -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #10 from Mirko Tietgen --- I have a much cleaner Apache config using Define. But then it would not work with Apache 2.2 :/ -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Magnus Enger changed: What|Removed |Added CC||mag...@libriotech.no -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #9 from Mirko Tietgen --- > --letsencrypt /home/mirko/letsencrypt Use your own /path/to/letsencryptfolder instead ;) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Status|NEW |Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45408|0 |1 is obsolete|| --- Comment #8 from Mirko Tietgen --- Created attachment 45409 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45409&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) Test plan: - build a debian package with patch applied - checkout letsencrypt on the machine where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates make sure to use https:// to open both sites Todo - use letsencrypt default path in debian when we know where that is - enable redirect from port 80 to https in apache config -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45404|0 |1 is obsolete|| --- Comment #7 from Mirko Tietgen --- Created attachment 45408 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45408&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) Test plan: - build a debian package with all patches for bug 15303 applied - checkout letsencrypt on the vm where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - install koha with your new package - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates Todo - use letsencrypt default path in debian when we know where that is - enable redirect from port 80 to https in apache config -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #6 from Mirko Tietgen --- The server this is tested on has to be accessible on port 80 from the outside world. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45402|0 |1 is obsolete|| --- Comment #5 from Mirko Tietgen --- Created attachment 45404 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45404&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) Test plan: - build a debian package with all patches for bug 15303 applied - checkout letsencrypt on the vm where you are testing the package git clone https://github.com/letsencrypt/letsencrypt - install koha with your new package - use koha-create with the new options: sudo koha-create --create-db --force-https --letsencrypt /home/mirko/letsencrypt - wait until setup is finished, check that you got a working OPAC and staff client with certificates Todo - use letsencrypt default path in debian when we know where that is - enable redirect from port 80 to https in apache config -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45400|0 |1 is obsolete|| --- Comment #4 from Mirko Tietgen --- Created attachment 45402 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45402&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 David Cook changed: What|Removed |Added CC||dc...@prosentient.com.au -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Attachment #45397|0 |1 is obsolete|| Attachment #45399|0 |1 is obsolete|| --- Comment #3 from Mirko Tietgen --- Created attachment 45400 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45400&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. New option koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #2 from Mirko Tietgen --- Created attachment 45399 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45399&action=edit Bug 15303 --force-https option for koha-create koha-create --force-https - generates letsencrypt certificates - sets up a https-only website - redirects 80 to https (not yet) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 --- Comment #1 from Mirko Tietgen --- Created attachment 45397 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=45397&action=edit Bug 15303 Letsencrypt option for Debian package installations Apache file for https only setups with automatic certificate generation via letsencrypt. We need a workiung web server for the letsencrypt magic, but we can't start on 443 without certs. So we start on 80, get the certs, switch to 443 and restart apache. 80 gets forwarded to https. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 15303] Letsencrypt option for Debian package installations
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15303 Mirko Tietgen changed: What|Removed |Added Assignee|koha-b...@lists.koha-commun |mi...@abunchofthings.net |ity.org | -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/