remove TLS-SMI (#229)

* remove TLS-SMI * Update config.json * Create CHANGELOG.md * Update config.json * Update config.json
2026-01-31 18:55:32 +01:00 · 2018-01-16 15:18:59 +01:00
parent fbc7e63420
commit d4945f9677
3 changed files with 9 additions and 15 deletions
--- a/letsencrypt/CHANGELOG.md
+++ b/letsencrypt/CHANGELOG.md
@@ -0,0 +1,5 @@
+# Changelog
+
+## 2.0
+- Update base image
+- Remove support for TLS-SNI
--- a/letsencrypt/config.json
+++ b/letsencrypt/config.json
@@ -1,25 +1,22 @@
 {
  "name": "Let's Encrypt",
-  "version": "1.2",
+  "version": "2.0",
  "slug": "letsencrypt",
  "description": "Manage certificate from Let's Encrypt",
  "url": "https://home-assistant.io/addons/lets_encrypt/",
  "startup": "once",
  "boot": "manual",
  "ports": {
-    "80/tcp": 80,
-    "443/tcp": 443
+    "80/tcp": 80
   },
  "map": ["ssl:rw"],
  "options": {
-    "challenge": "https",
    "email": null,
    "domains": [null],
    "certfile": "fullchain.pem",
    "keyfile": "privkey.pem"
  },
  "schema": {
-    "challenge": "str",
    "email": "email",
    "domains": ["str"],
    "certfile": "str",
--- a/letsencrypt/run.sh
+++ b/letsencrypt/run.sh
@@ -5,7 +5,6 @@ CERT_DIR=/data/letsencrypt
 WORK_DIR=/data/workdir
 CONFIG_PATH=/data/options.json

-CHALLENGE=$(jq --raw-output ".challenge" $CONFIG_PATH)
 EMAIL=$(jq --raw-output ".email" $CONFIG_PATH)
 DOMAINS=$(jq --raw-output ".domains[]" $CONFIG_PATH)
 KEYFILE=$(jq --raw-output ".keyfile" $CONFIG_PATH)
@@ -13,13 +12,6 @@ CERTFILE=$(jq --raw-output ".certfile" $CONFIG_PATH)

 mkdir -p "$CERT_DIR"

-# Select challenge
-if [ "$CHALLENGE" == "http" ]; then
-    CERTBOT_CHALLENGE="http"
-else
-    CERTBOT_CHALLENGE="tls-sni"
-fi
-
 # Generate new certs
 if [ ! -d "$CERT_DIR/live" ]; then
    DOMAIN_ARR=()
@@ -28,11 +20,11 @@ if [ ! -d "$CERT_DIR/live" ]; then
    done

    echo "$DOMAINS" > /data/domains.gen
-    certbot certonly --non-interactive --standalone --email "$EMAIL" --agree-tos --config-dir "$CERT_DIR" --work-dir "$WORK_DIR" --preferred-challenges "$CERTBOT_CHALLENGE" "${DOMAIN_ARR[@]}"
+    certbot certonly --non-interactive --standalone --email "$EMAIL" --agree-tos --config-dir "$CERT_DIR" --work-dir "$WORK_DIR" --preferred-challenges "http" "${DOMAIN_ARR[@]}"

 # Renew certs
 else
-    certbot renew --non-interactive --config-dir "$CERT_DIR" --work-dir "$WORK_DIR" --preferred-challenges "$CERTBOT_CHALLENGE"
+    certbot renew --non-interactive --config-dir "$CERT_DIR" --work-dir "$WORK_DIR" --preferred-challenges "http"
 fi

 # copy certs to store