Git-Mirrors
/
graphene-os-server-infrastructure
mirror of https://github.com/GrapheneOS/infrastructure.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add certbot commands

This commit is contained in:
Daniel Micay 2023-05-22 18:31:22 -04:00
parent 6f6b8ceb54
commit 593701cd63
10 changed files with 113 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
certbot/0.grapheneos.network Normal file
View File

@ -0,0 +1,27 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name grapheneos.network \
-d grapheneos.network \
-d grapheneos.network \
-d www.grapheneos.network \
-d connectivitycheck.grapheneos.network \
-d mta-sts.grapheneos.network \
-d grapheneos.online \
-d www.grapheneos.online \
-d connectivitycheck.grapheneos.online \
-d mta-sts.grapheneos.online \
-d connectivitycheck.grapheneos.org \
-d time.grapheneos.org \
-d remoteprovisioning.grapheneos.org \
-d broadcom.psds.grapheneos.org \
-d qualcomm.psds.grapheneos.org \
-d supl.grapheneos.org \
-d update.vanadium.app \
-d dl.vanadium.app
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type rsa --rsa-key-size 3072 --reuse-key --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name supl.grapheneos.org \
-d supl.grapheneos.org

35
certbot/0.grapheneos.org Normal file
View File

@ -0,0 +1,35 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name grapheneos.org \
-d grapheneos.org \
-d www.grapheneos.org \
-d mta-sts.grapheneos.org \
-d mta-sts.mail.grapheneos.org \
-d grapheneos.app \
-d mta-sts.grapheneos.app \
-d www.grapheneos.app \
-d grapheneos.ca \
-d mta-sts.grapheneos.ca \
-d www.grapheneos.ca \
-d grapheneos.com \
-d mta-sts.grapheneos.com \
-d www.grapheneos.com \
-d grapheneos.dev \
-d mta-sts.grapheneos.dev \
-d www.grapheneos.dev \
-d grapheneos.info \
-d mta-sts.grapheneos.info \
-d www.grapheneos.info \
-d grapheneos.net \
-d mta-sts.grapheneos.net \
-d www.grapheneos.net \
-d grapheneos.ovh \
-d mta-sts.grapheneos.ovh \
-d www.grapheneos.ovh \
-d grapheneos.page \
-d mta-sts.grapheneos.page \
-d www.grapheneos.page \
-d vanadium.app \
-d mta-sts.vanadium.app \
-d www.vanadium.app

9
certbot/0.releases.grapheneos.org Normal file
View File

@ -0,0 +1,9 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name releases.grapheneos.org \
-d releases.grapheneos.org \
-d apps.grapheneos.org \
-d seamlessupdate.app \
-d mta-sts.seamlessupdate.app \
-d www.seamlessupdate.app

7
certbot/attestation.app Normal file
View File

@ -0,0 +1,7 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name attestation.app \
-d attestation.app \
-d mta-sts.attestation.app \
-d www.attestation.app

6
certbot/discuss.grapheneos.org Normal file
View File

@ -0,0 +1,6 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name discuss.grapheneos.org \
-d discuss.grapheneos.org \
-d mta-sts.discuss.grapheneos.org

7
certbot/grapheneos.social Normal file
View File

@ -0,0 +1,7 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name grapheneos.social \
-d grapheneos.social \
-d mta-sts.grapheneos.social \
-d www.grapheneos.social

5
certbot/mail.grapheneos.org Normal file
View File

@ -0,0 +1,5 @@
certbot certonly --standalone --no-eff-email \
--key-type rsa --rsa-key-size 3072 --reuse-key --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name staging.grapheneos.org \
-d staging.grapheneos.org

7
certbot/matrix.grapheneos.org Normal file
View File

@ -0,0 +1,7 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name matrix.grapheneos.org \
-d matrix.grapheneos.org \
-d mta-sts.matrix.grapheneos.org \
-d element.grapheneos.org

5
certbot/staging.attestation.app Normal file
View File

@ -0,0 +1,5 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name staging.attestation.org \
-d staging.attestation.org

5
certbot/staging.grapheneos.org Normal file
View File

@ -0,0 +1,5 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --must-staple --preferred-chain "ISRG Root X1" \
--deploy-hook "/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache" \
--cert-name staging.grapheneos.org \
-d staging.grapheneos.org