From 067b42213faac5f5ae26e67d36d2fd45b7c1a378 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Mon, 21 Aug 2023 03:20:50 -0400 Subject: [PATCH] update ocsp cache path for certbot deploy hook --- certbot/0.grapheneos.network | 4 ++-- certbot/0.grapheneos.org | 2 +- certbot/0.releases.grapheneos.org | 2 +- certbot/attestation.app | 2 +- certbot/discuss.grapheneos.org | 2 +- certbot/grapheneos.social | 2 +- certbot/matrix.grapheneos.org | 2 +- certbot/mta-sts.mail.grapheneos.org | 2 +- certbot/staging.attestation.app | 2 +- certbot/staging.grapheneos.org | 2 +- 10 files changed, 11 insertions(+), 11 deletions(-) diff --git a/certbot/0.grapheneos.network b/certbot/0.grapheneos.network index eec7562..b0c5f74 100644 --- a/certbot/0.grapheneos.network +++ b/certbot/0.grapheneos.network @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name grapheneos.network \ -d grapheneos.network \ -d grapheneos.network \ @@ -19,6 +19,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type rsa --rsa-key-size 3072 --reuse-key --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name supl.grapheneos.org \ -d supl.grapheneos.org diff --git a/certbot/0.grapheneos.org b/certbot/0.grapheneos.org index 8b9dfa5..bc7f2ac 100644 --- a/certbot/0.grapheneos.org +++ b/certbot/0.grapheneos.org @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name grapheneos.org \ -d grapheneos.org \ -d www.grapheneos.org \ diff --git a/certbot/0.releases.grapheneos.org b/certbot/0.releases.grapheneos.org index fbd36e4..a524c35 100644 --- a/certbot/0.releases.grapheneos.org +++ b/certbot/0.releases.grapheneos.org @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name releases.grapheneos.org \ -d releases.grapheneos.org \ -d apps.grapheneos.org \ diff --git a/certbot/attestation.app b/certbot/attestation.app index 0917d9e..b8ea12c 100644 --- a/certbot/attestation.app +++ b/certbot/attestation.app @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name attestation.app \ -d attestation.app \ -d www.attestation.app diff --git a/certbot/discuss.grapheneos.org b/certbot/discuss.grapheneos.org index 4f95b89..e4b5c08 100644 --- a/certbot/discuss.grapheneos.org +++ b/certbot/discuss.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name discuss.grapheneos.org \ -d discuss.grapheneos.org diff --git a/certbot/grapheneos.social b/certbot/grapheneos.social index 29f81ab..91aa415 100644 --- a/certbot/grapheneos.social +++ b/certbot/grapheneos.social @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name grapheneos.social \ -d grapheneos.social \ -d www.grapheneos.social diff --git a/certbot/matrix.grapheneos.org b/certbot/matrix.grapheneos.org index a3dc69b..c3b73a5 100644 --- a/certbot/matrix.grapheneos.org +++ b/certbot/matrix.grapheneos.org @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name matrix.grapheneos.org \ -d matrix.grapheneos.org \ -d element.grapheneos.org diff --git a/certbot/mta-sts.mail.grapheneos.org b/certbot/mta-sts.mail.grapheneos.org index 2e9a24a..2c7ed94 100644 --- a/certbot/mta-sts.mail.grapheneos.org +++ b/certbot/mta-sts.mail.grapheneos.org @@ -1,6 +1,6 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name mta-sts.mail.grapheneos.org \ -d mta-sts.mail.grapheneos.org \ -d mail.grapheneos.org \ diff --git a/certbot/staging.attestation.app b/certbot/staging.attestation.app index 0f9229c..9163d91 100644 --- a/certbot/staging.attestation.app +++ b/certbot/staging.attestation.app @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name staging.attestation.app \ -d staging.attestation.app diff --git a/certbot/staging.grapheneos.org b/certbot/staging.grapheneos.org index 01ed74b..dbd6bd2 100644 --- a/certbot/staging.grapheneos.org +++ b/certbot/staging.grapheneos.org @@ -1,5 +1,5 @@ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ --key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \ - --deploy-hook "certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \ + --deploy-hook "certbot-ocsp-fetcher -o /var/cache/certbot-ocsp-fetcher" \ --cert-name staging.grapheneos.org \ -d staging.grapheneos.org