Comments (3)
Yes, that's my understanding... "latest" tag is checked on every run and pulled when updated by the maintainer (Neil Pang).
from ubios-cert.
Hi @OverengineeredNetwork,
you cannot find the acme.sh
command on UDM Pro as it is transient (for lack of a better word for that) with the podman container.
Each time the script uses the acme.sh
command, it will start the podman container and in this container, the acme.sh
command exists.
The standard run common is:
podman run --env-file=/mnt/data/ubios-cert/ubios-cert.env -it --net=host --rm -v /mnt/data/ubios-cert/acme.sh:/acme.sh neilpang/acme.sh
When done, the container will be deleted again (parameter --rm
), but the image will remain.
One can start a shell in the container by adding the sh
command to the podman run
command and then check what's in the container and run the acme.sh
command directly without starting / stopping the container.
podman run --env-file=/mnt/data/ubios-cert/ubios-cert.env -it --net=host --rm -v /mnt/data/ubios-cert/acme.sh:/acme.sh neilpang/acme.sh sh
Once in the shell, one can check the version of acme.sh:
[UDM] root@udm-pro:/mnt/data/ubios-cert/acme.sh# podman run --env-file=/mnt/data/ubios-cert/ubios-cert.env -it --net=host --rm -v /mnt/data/ubios-cert/acme.sh:/acme.sh neilpang/acme.sh sh
/ # ls
acme.sh bin dev entry.sh etc home lib media mnt opt proc root run sbin srv sys tmp usr var
/ # acme.sh --version
https://github.com/acmesh-official/acme.sh
v3.0.2
/ #
On the topic of updates you're right, the very first call of podman
will pull the most recent docker image from the repository - with "most recent" meaning "current at this point in time". podman pull neilpang/acme.sh:latest
would ensure manually you have the latest container on your UDM Pro.
podman
man page states If an image tag is not specified, podman pull defaults to the image with the latest tag (if it exists) and pulls it.
So whenever Neil decides to put the latest tag on a release, podman
will fetch it, when run by the script - no need to manually make sure it is pulled.
This is seen when intentionally pulling an old version (like 3.0.0) and then calling the script. It will first pull the "latest" tagged version and then run.
[UDM] root@udm-pro:/mnt/data/ubios-cert/acme.sh# docker pull neilpang/acme.sh:3.0.0
Trying to pull docker.io/neilpang/acme.sh:3.0.0...
Getting image source signatures
Copying blob d2f70382dc9a done
Copying blob c7bc18c2edb0 done
Copying blob c94e29794c12 done
Copying blob 63c046bf2486 done
Copying blob 93fb9f1f1079 done
Copying blob 03d9b9d729ef done
Copying blob e749c1bf7815 done
Copying config f07cc2e500 done
Writing manifest to image destination
Storing signatures
f07cc2e500fa88382dfdcf4edb28ebdf503730757c235e34246f7f1ce60335ae
[UDM] root@udm-pro:/mnt/data/ubios-cert/acme.sh# ../ubios-cert.sh renew
Attempting certificate renewal
Removed old logfile
Trying to pull docker.io/neilpang/acme.sh...
Getting image source signatures
Copying blob 250732641fb2 done
Copying blob 9b3977197b4f done
Copying blob 386752482d90 done
Copying blob e490edf96252 done
Copying blob 826cda1d18f1 done
Copying blob 55d683a9fbdc done
Copying blob 043930617f8a done
Copying config a01b581157 done
Writing manifest to image destination
Storing signatures
[Sat Jan 15 20:42:42 UTC 2022] Renew: 'mydomain.tld'
[Sat Jan 15 20:42:42 UTC 2022] Skip, Next renewal time is: Thu Mar 1 14:09:49 UTC 2022
[Sat Jan 15 20:42:42 UTC 2022] Add '--force' to force to renew.
[UDM] root@udm-pro:/mnt/data/ubios-cert/acme.sh#
Regards Alex
from ubios-cert.
Thanks for the explanation!
I was wondering if that was the case.
So, if I'm following--every time your script runs, it calls acme.sh via a container which already pulls the latest version of acme.sh?
from ubios-cert.
Related Issues (20)
- Cron job now requires the user to be specified HOT 3
- UDM pro upgraded to 2.x uses /data not /mnt/data HOT 3
- /mnt/data still hardcoded in ubios-cert.sh and 99-ubios-cert.sh HOT 2
- Script issues - support for UDMPro v2.4.23 HOT 2
- Issue with wildcard domains HOT 1
- Intermediate Chain Certificate for Guest Portal HOT 12
- Cloudflare not registrering - api not applied correctly HOT 1
- Add OVH as a DNS provider HOT 2
- No such file or directory when running cd ${DATA_DIR}/ubios-cert HOT 7
- Captive Portal HOT 3
- Can't open /data/unifi-core/config/unifi-core.crt for reading, No such file or directory HOT 2
- Curl Error HOT 2
- Email Notification HOT 2
- UNVR Support HOT 6
- Copying `unifi-core-direct.crt` and `unifi-core-direct.key` is causing DNS for my domain to resolve to UDM console login HOT 7
- Guest portal cert doesn't seem to be updating. HOT 3
- missing keytool? HOT 2
- Minor error in README.MD? HOT 3
- FW 3.2.7 breaks RADIUS certificates HOT 25
- FW 3.2.7 breaks custom web certificates HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ubios-cert.