From face6968532ed1bf407046c65138fb6b14c39a4c Mon Sep 17 00:00:00 2001 From: "nicolas.dorier" Date: Fri, 18 Oct 2019 16:12:21 +0900 Subject: [PATCH] bump let's encrypt to migrate endpoint --- Production/README.md | 6 +++--- Production/docker-compose.btc-ltc-clightning.yml | 2 +- Production/docker-compose.btc-ltc.yml | 2 +- Production/docker-compose.btc.yml | 2 +- README.md | 6 +++--- btcpay-setup.sh | 4 ++-- changedomain.sh | 2 +- contrib/build-all-images.sh | 12 ++++++------ .../docker-fragments/nginx-https.yml | 4 ++-- 9 files changed, 20 insertions(+), 20 deletions(-) diff --git a/Production/README.md b/Production/README.md index 0fcad0a..4b5ac40 100644 --- a/Production/README.md +++ b/Production/README.md @@ -20,7 +20,7 @@ The relevant environment variables are: * `BTCPAY_HOST`: The external url used to access the NGINX server from internet. This domain name must point to this machine for Let's Encrypt to create your certificate. (typically with a CNAME or A record) * `BTCPAY_ROOTPATH`: The root path directory where BTCPay is accessed, more information below. (default: /) * `LETSENCRYPT_EMAIL`: The email Let's Encrypt will use to notify you about certificate expiration. -* `ACME_CA_URI`: Let's encrypt API endpoint (`https://acme-staging-v02.api.letsencrypt.org/directory` for a staging certificate, `https://acme-v02.api.letsencrypt.org/directory` for a production one) +* `ACME_CA_URI`: Let's encrypt API endpoint (`staging` for a staging certificate, `production` for a production one) * `LIGHTNING_ALIAS`: Optional, if using the integrated lightning feature, customize the alias of your nodes * `BTCPAY_SSHKEYFILE`: Optional, SSH private key that BTCPay can use to connect to this VM's SSH server (You need to copy the key file on BTCPay's datadir volume) * `BTCPAY_SSHTRUSTEDFINGERPRINTS`: Optional, BTCPay will ensure that it is connecting to the expected SSH server by checking the host public's key against those fingerprints @@ -45,7 +45,7 @@ docker-compose up \ -e "NBITCOIN_NETWORK=mainnet" \ -e "BTCPAY_HOST=btcpay.example.com" \ -e "LETSENCRYPT_EMAIL=me@example.com" \ - -e "ACME_CA_URI=https://acme-v02.api.letsencrypt.org/directory" + -e "ACME_CA_URI=production" ``` For powershell: @@ -55,7 +55,7 @@ docker-compose up ` -e "NBITCOIN_NETWORK=mainnet" ` -e "BTCPAY_HOST=btcpay.example.com" ` -e "LETSENCRYPT_EMAIL=me@example.com" ` - -e "ACME_CA_URI=https://acme-v02.api.letsencrypt.org/directory" + -e "ACME_CA_URI=production" ``` See also [The guide for docker noobs](../README.md#fornoobs). diff --git a/Production/docker-compose.btc-ltc-clightning.yml b/Production/docker-compose.btc-ltc-clightning.yml index 6d7e478..747e627 100644 --- a/Production/docker-compose.btc-ltc-clightning.yml +++ b/Production/docker-compose.btc-ltc-clightning.yml @@ -42,7 +42,7 @@ services: environment: NGINX_DOCKER_GEN_CONTAINER: "nginx-gen" NGINX_PROXY_CONTAINER: "nginx" - ACME_CA_URI: ${ACME_CA_URI:-https://acme-staging-v02.api.letsencrypt.org/directory} + ACME_CA_URI: ${ACME_CA_URI:-staging} links: - nginx-gen btcpayserver: diff --git a/Production/docker-compose.btc-ltc.yml b/Production/docker-compose.btc-ltc.yml index 327ff12..b68e314 100644 --- a/Production/docker-compose.btc-ltc.yml +++ b/Production/docker-compose.btc-ltc.yml @@ -42,7 +42,7 @@ services: environment: NGINX_DOCKER_GEN_CONTAINER: "nginx-gen" NGINX_PROXY_CONTAINER: "nginx" - ACME_CA_URI: ${ACME_CA_URI:-https://acme-staging-v02.api.letsencrypt.org/directory} + ACME_CA_URI: ${ACME_CA_URI:-staging} links: - nginx-gen btcpayserver: diff --git a/Production/docker-compose.btc.yml b/Production/docker-compose.btc.yml index d514bc7..e3b9653 100644 --- a/Production/docker-compose.btc.yml +++ b/Production/docker-compose.btc.yml @@ -41,7 +41,7 @@ services: environment: NGINX_DOCKER_GEN_CONTAINER: "nginx-gen" NGINX_PROXY_CONTAINER: "nginx" - ACME_CA_URI: ${ACME_CA_URI:-https://acme-staging-v02.api.letsencrypt.org/directory} + ACME_CA_URI: ${ACME_CA_URI:-staging} links: - nginx-gen btcpayserver: diff --git a/README.md b/README.md index 0636931..42601fe 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,7 @@ You can read [the article](https://medium.com/@BtcpayServer/hosting-btcpay-serve * `BTCPAYGEN_SUBNAME`: The subname of the generated docker-compose file, where the full name is `Generated/docker-compose.SUBNAME.yml` (Default: `generated`) * `BTCPAYGEN_ADDITIONAL_FRAGMENTS`: Semicolon-separated list of additional fragments you want to use (eg. `opt-save-storage`) * `LETSENCRYPT_EMAIL`: An email will be sent to this address if certificate expires and fails to renew automatically (eg. `me@example.com`) -* `ACME_CA_URI`: The API endpoint to ask for HTTPS certificate (Default: `https://acme-v02.api.letsencrypt.org/directory`) +* `ACME_CA_URI`: The API endpoint to ask for HTTPS certificate (Default: `production`) * `BTCPAY_ENABLE_SSH`: Optional, gives BTCPay Server SSH access to the host by allowing it to edit authorized_keys of the host, it can be used for managing the authorized_keys or updating BTCPay Server directly through the website. (Default: false) * `BTCPAYGEN_DOCKER_IMAGE`: Optional, Specify which generator image to use if you have customized the C# generator. Set to `btcpayserver/docker-compose-generator:local` to build the generator locally at runtime. * `BTCPAY_IMAGE`: Optional, Specify which btcpayserver image to use if you have a customized btcpayserver. @@ -262,7 +262,7 @@ WantedBy=multi-user.target ```ini BTCPAY_HOST=btcpay.EXAMPLE.com -ACME_CA_URI=https://acme-v02.api.letsencrypt.org/directory +ACME_CA_URI=production NBITCOIN_NETWORK=mainnet LETSENCRYPT_EMAIL=me@EXAMPLE.com BTCPAY_SSHTRUSTEDFINGERPRINTS=SHA256:eSCD7NtQ/Q6IBl2iRB9caAQ3lDZd8s8iUL6SdeNnhpA @@ -326,7 +326,7 @@ We are trying to update our dependencies to run on `arm32v7` and `x64` boards. H | nbxplorer.yml | nicolasdorier/nbxplorer | 2.0.0.57 | [✔️](https://raw.githubusercontent.com/dgarage/nbxplorer/v2.0.0.57/Dockerfile.linuxamd64) | [✔️](https://raw.githubusercontent.com/dgarage/nbxplorer/v2.0.0.57/Dockerfile.linuxarm32v7) | [✔️](https://raw.githubusercontent.com/dgarage/nbxplorer/v2.0.0.57/Dockerfile.linuxarm64v8) | [Github](https://github.com/dgarage/nbxplorer) - [DockerHub](https://hub.docker.com/r/nicolasdorier/nbxplorer) | | nginx.yml | nginx | 1.16.0 | [✔️](https://raw.githubusercontent.com/nginxinc/docker-nginx/1.16.0/stable/stretch/Dockerfile) | [✔️](https://raw.githubusercontent.com/nginxinc/docker-nginx/1.16.0/stable/stretch/Dockerfile) | [✔️](https://raw.githubusercontent.com/nginxinc/docker-nginx/1.16.0/stable/stretch/Dockerfile) | [Github](https://github.com/nginxinc/docker-nginx) - [DockerHub](https://hub.docker.com/_/nginx) | | nginx.yml | btcpayserver/docker-gen | 0.7.6 | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-gen/v0.7.6/linuxamd64.Dockerfile) | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-gen/v0.7.6/linuxarm32v7.Dockerfile) | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-gen/v0.7.6/linuxarm64v8.Dockerfile) | [Github](https://github.com/btcpayserver/docker-gen) - [DockerHub](https://hub.docker.com/r/btcpayserver/docker-gen) | -| nginx-https.yml | btcpayserver/letsencrypt-nginx-proxy-companion | 1.12.1 | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.1/linuxamd64.Dockerfile) | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.1/linuxarm32v7.Dockerfile) | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.1/linuxarm64v8.Dockerfile) | [Github](https://github.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion) - [DockerHub](https://hub.docker.com/r/btcpayserver/letsencrypt-nginx-proxy-companion) | +| nginx-https.yml | btcpayserver/letsencrypt-nginx-proxy-companion | 1.12.2 | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.2/linuxamd64.Dockerfile) | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.2/linuxarm32v7.Dockerfile) | [✔️](https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.2/linuxarm64v8.Dockerfile) | [Github](https://github.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion) - [DockerHub](https://hub.docker.com/r/btcpayserver/letsencrypt-nginx-proxy-companion) | | opt-add-btcqbo.yml | jvandrew/btcqbo | 0.3.36 | [✔️](https://raw.githubusercontent.com/JeffVandrewJr/btcqbo/v0.3.36/Dockerfile) | ️❌ | ️❌ | [Github](https://github.com/JeffVandrewJr/btcqbo) - [DockerHub](https://hub.docker.com/r/jvandrew/btcqbo) | | opt-add-btcqbo.yml | redis | 5.0.2-alpine | [✔️](https://raw.githubusercontent.com/docker-library/redis/f1a8498333ae3ab340b5b39fbac1d7e1dc0d628c/5.0/Dockerfile) | ️❌ | ️❌ | [Github](https://github.com/docker-library/redis) - [DockerHub](https://hub.docker.com/_/redis) | | opt-add-btctransmuter.yml | btcpayserver/btctransmuter | 0.0.37 | [✔️](https://raw.githubusercontent.com/btcpayserver/btctransmuter/v0.0.37/BtcTransmuter/Dockerfile.linuxamd64) | [✔️](https://raw.githubusercontent.com/btcpayserver/btctransmuter/v0.0.37/BtcTransmuter/Dockerfile.linuxarm32v7) | ️❌ | [Github](https://github.com/btcpayserver/btctransmuter) - [DockerHub](https://hub.docker.com/r/btcpayserver/btctransmuter) | diff --git a/btcpay-setup.sh b/btcpay-setup.sh index 4e5e68d..8d14a06 100755 --- a/btcpay-setup.sh +++ b/btcpay-setup.sh @@ -93,7 +93,7 @@ Environment variables: BTCPAYGEN_REVERSEPROXY: Whether to use or not a reverse proxy. NGinx setup HTTPS for you. (eg. nginx, traefik, none. Default: nginx) BTCPAYGEN_LIGHTNING: Lightning network implementation to use (eg. clightning, lnd, none) BTCPAYGEN_ADDITIONAL_FRAGMENTS: Semi colon separated list of additional fragments you want to use (eg. opt-save-storage) - ACME_CA_URI: The API endpoint to ask for HTTPS certificate (default: https://acme-v02.api.letsencrypt.org/directory) + ACME_CA_URI: The API endpoint to ask for HTTPS certificate (default: production) BTCPAY_ENABLE_SSH: Optional, gives BTCPay Server SSH access to the host by allowing it to edit authorized_keys of the host, it can be used for managing the authorized_keys or updating BTCPay Server directly through the website. (Default: false) BTCPAYGEN_DOCKER_IMAGE: Allows you to specify a custom docker image for the generator (Default: btcpayserver/docker-compose-generator) BTCPAY_IMAGE: Allows you to specify the btcpayserver docker image to use over the default version. (Default: current stable version of btcpayserver) @@ -194,7 +194,7 @@ fi : "${BTCPAYGEN_REVERSEPROXY:=nginx}" : "${BTCPAYGEN_LIGHTNING:=none}" : "${REVERSEPROXY_DEFAULT_HOST:=none}" -: "${ACME_CA_URI:=https://acme-v02.api.letsencrypt.org/directory}" +: "${ACME_CA_URI:=production}" : "${BTCPAY_PROTOCOL:=https}" : "${BTCPAY_ADDITIONAL_HOSTS:=}" : "${REVERSEPROXY_HTTP_PORT:=80}" diff --git a/changedomain.sh b/changedomain.sh index 45361cd..4b180ac 100755 --- a/changedomain.sh +++ b/changedomain.sh @@ -11,7 +11,7 @@ export OLD_HOST=`cat $BTCPAY_ENV_FILE | sed -n 's/^BTCPAY_HOST=\(.*\)$/\1/p'` echo "Changing domain from \"$OLD_HOST\" to \"$NEW_HOST\"" export BTCPAY_HOST="$NEW_HOST" -export ACME_CA_URI="https://acme-v02.api.letsencrypt.org/directory" +export ACME_CA_URI="production" [[ "$OLD_HOST" == "$REVERSEPROXY_DEFAULT_HOST" ]] && export REVERSEPROXY_DEFAULT_HOST="$NEW_HOST" pushd . > /dev/null # Modify environment file diff --git a/contrib/build-all-images.sh b/contrib/build-all-images.sh index 7939dec..19329b4 100755 --- a/contrib/build-all-images.sh +++ b/contrib/build-all-images.sh @@ -374,18 +374,18 @@ cd - && cd .. # Build letsencrypt-nginx-proxy-companion -# https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.1/linuxamd64.Dockerfile +# https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.2/linuxamd64.Dockerfile DOCKERFILE="linuxamd64.Dockerfile" -# https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.1/linuxarm32v7.Dockerfile +# https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.2/linuxarm32v7.Dockerfile [[ "$(uname -m)" == "armv7l" ]] && DOCKERFILE="linuxarm32v7.Dockerfile" -# https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.1/linuxarm64v8.Dockerfile +# https://raw.githubusercontent.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion/v1.12.2/linuxarm64v8.Dockerfile [[ "$(uname -m)" == "aarch64" ]] && DOCKERFILE="linuxarm64v8.Dockerfile" -echo "Building btcpayserver/letsencrypt-nginx-proxy-companion:1.12.1" +echo "Building btcpayserver/letsencrypt-nginx-proxy-companion:1.12.2" git clone https://github.com/btcpayserver/docker-letsencrypt-nginx-proxy-companion letsencrypt-nginx-proxy-companion cd letsencrypt-nginx-proxy-companion -git checkout v1.12.1 +git checkout v1.12.2 cd "$(dirname $DOCKERFILE)" -docker build -f "$DOCKERFILE" -t "btcpayserver/letsencrypt-nginx-proxy-companion:1.12.1" . +docker build -f "$DOCKERFILE" -t "btcpayserver/letsencrypt-nginx-proxy-companion:1.12.2" . cd - && cd .. diff --git a/docker-compose-generator/docker-fragments/nginx-https.yml b/docker-compose-generator/docker-fragments/nginx-https.yml index ed45dbc..742f8ee 100644 --- a/docker-compose-generator/docker-fragments/nginx-https.yml +++ b/docker-compose-generator/docker-fragments/nginx-https.yml @@ -3,7 +3,7 @@ version: "3" services: letsencrypt-nginx-proxy-companion: restart: unless-stopped - image: btcpayserver/letsencrypt-nginx-proxy-companion:1.12.1 + image: btcpayserver/letsencrypt-nginx-proxy-companion:1.12.2 container_name: letsencrypt-nginx-proxy-companion volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" @@ -14,6 +14,6 @@ services: environment: NGINX_DOCKER_GEN_CONTAINER: "nginx-gen" NGINX_PROXY_CONTAINER: "nginx" - ACME_CA_URI: ${ACME_CA_URI:-https://acme-staging-v02.api.letsencrypt.org/directory} + ACME_CA_URI: ${ACME_CA_URI:-staging} links: - nginx-gen