Changeset 32422 for main/trunk
- Timestamp:
- 2018-09-03T17:26:39+12:00 (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/build.xml
r32421 r32422 1658 1658 ==staging or ==test-cert flag, that flag must be passed to the revoke subcommand." 1659 1659 --> 1660 <target name="remove-https-cert" >1660 <target name="remove-https-cert" depends="check-os-for-https-cert-support"> 1661 1661 <echo> 1662 1662 NOTE: You need to have sudo permissions to execute this target. … … 1664 1664 </echo> 1665 1665 <!-- 1666 On linux, we use certbot-auto. 1666 1667 It says at https://github.com/certbot/certbot/issues/1741 1667 1668 "you shouldn't run letsencrypt-auto [now called certbot-auto] as superuser, 1668 1669 because the program will invoke sudo when it needs to automatically." 1669 1670 We need to send Y(es) as inputstring to confirm that the 1670 /etc/letsencrypt/live/${tomcat.server} folder can be deleted 1671 /etc/letsencrypt/live/${tomcat.server} folder can be deleted. 1672 Note osfamily="unix" is separate from osfamily="mac", which comes out handy here as we haven't set up certbot-auto for mac (yet). 1671 1673 --> 1672 <exec executable="./certbot-auto" dir="${basedir}/bin/${os.bin.dir}" failonerror="true" inputstring="Y">1674 <exec executable="./certbot-auto" osfamily="unix" dir="${basedir}/bin/${os.bin.dir}" failonerror="true" inputstring="Y"> 1673 1675 <arg value="revoke"/> 1674 1676 <arg line="${https.testing}"/> … … 1681 1683 </exec> 1682 1684 --> 1685 1686 <!-- On Windows, we use zeroSSl. For the revoke command, see https://zerossl.com/usage.html#Certificate_revocation --> 1687 <exec executable="cmd" osfamily="windows" dir="${basedir}/bin/${os.bin.dir}" spawn="false"> 1688 <arg value="/c" /> 1689 <arg value="le${os.bitness}" /> 1690 <arg value="--key" /><arg value="${packages.home}\tomcat\conf\https_cert\privkey.key" /> 1691 <arg value="--crt" /><arg value="${packages.home}\tomcat\conf\https_cert\fullchain_and_prvtkey.crt"/> 1692 <arg value="--revoke"/> 1693 <arg line="${https.testing}"/> 1694 </exec> 1695 1683 1696 <!-- And remove the https_cert folder --> 1684 1697 <delete dir="${packages.home}/tomcat/conf/https_cert"/> 1685 1698 </target> 1686 1699 1700 <target name="check-os-for-https-cert-support"> 1701 <if><bool><isset property="current.os.ismac"/></bool> 1702 <fail> 1703 Features that automate generating, removing and renewing HTTPS certificates 1704 are currently not supported on Macs, only on other Unix systems and on Windows. 1705 </fail> 1706 </if> 1707 </target> 1708 1687 1709 <target name="setup-https-cert-info"> 1688 1710 <echo> … … 1703 1725 <input addproperty="https.conditions.ok" validargs="y,n"> 1704 1726 To run this target, ensure you have: 1705 * On Linux: sudo permissions1706 * On Windows: sufficient privileges to run the included tomcat on port 801727 * (if on unix) sudo permissions. Enter the sudo password if prompted. 1728 * (if on windows) sufficient privileges to run the included tomcat on port 80. 1707 1729 * nothing running on port 80 when you run this target 1708 1730 * edited the build.properties file with … … 1722 1744 </target> 1723 1745 1724 <target name="setup-https-cert" depends=" setup-https-cert-info,https-conditions-set">1746 <target name="setup-https-cert" depends="check-os-for-https-cert-support,setup-https-cert-info,https-conditions-set"> 1725 1747 <input addproperty="https.cert.email">Enter an email that Let's Encrypt, the certification authority, can send any important notifications to</input> 1726 1748 <input addproperty="https.other.domains">Besides tomcat.server=${tomcat.server}, you may enter a comma separated list of additional domains to support if any</input> … … 1747 1769 <echo>Not proceeding with https certification for the Greenstone 3 web server</echo> 1748 1770 <else> 1749 <echo>Proceeding...</echo> 1771 <echo>Proceeding...</echo> 1772 <if><bool><istrue value="${current.os.iswindows}"/></bool> 1773 <antcall target="setup-https-cert-windows"/> 1774 </if> 1775 <if><bool><istrue value="${current.os.isunixnotmac}"/></bool> 1776 <antcall target="setup-https-cert-linux"/> 1777 </if> 1750 1778 </else> 1751 1779 </if> 1752 1780 1753 <if><bool><istrue value="${current.os.iswindows}"/></bool>1754 <antcall target="setup-https-cert-windows"/>1755 </if>1756 <if><bool><istrue value="${current.os.isunixnotmac}"/></bool>1757 <antcall target="setup-https-cert-linux"/>1758 </if>1759 1781 </target> 1760 1782 … … 1806 1828 <arg line="${https.testing}" /><!-- minus-minus-live if not testing, empty if testing. https://stackoverflow.com/questions/11840284/pass-arguments-to-apache-ant-exec-task-based-on-the-variables-value --> 1807 1829 <arg value="--export-pfx" /><arg value="${keystore.pass}" /> 1808 </exec> 1809 1810 <echo>KEYSTORE FILE: ${keystore.file}</echo> 1830 </exec> 1811 1831 1812 1832 <!-- stop the tomcat running on port 80 -->
Note:
See TracChangeset
for help on using the changeset viewer.