Project description

certbot-bigip-plugin

Requirements

see certbot rquirements: https://certbot.eff.org/docs/install.html#system-requirements

F5
- LE Chain needs to be at /Common/chain_Letsencrypt and in every other folder that uses this plugin. ( f.e.: /Internal/chain_Letsencrypt) At the moment, the plugin checks if a corresponding certificate/chain is located in the same partition/folder as the profile that uses it This is eligible to change in future versions
- clientssl profile needs to be attached to the virtual server (DOMAIN_clientssl) At the moment, the plugin only updates the client profile but does not attach it to the virtual server

Install

Usage

  Parameters:
    --certbot-bigip:bigip-username            Username for F5 Connection
    --certbot-bigip:bigip-password            Password for F5 Connection
    --certbot-bigip:bigip-partition           Partition the Virtual Server is configured on
    --certbot-bigip:bigip-clientssl-parent    Parent Profile for new client SSL profile
    --certbot-bigip:bigip-vs-list             List of virtual servers, the certificate shoudl be used for
    --certbot-bigip:bigip-device-group        Big IP device group for synchronization
    --certbot-bigip:bigip-iapp                IApp, if any, the virtual server is part of

Example:

  certbot --non-interactive --expand --email 'admin@example.com' --agree-tos \
        -a certbot-bigip:bigip -i certbot-bigip:bigip \
        -d 'example.com' \
        --certbot-bigip:bigip-list 'example-f5.local,example-f5-ha.local' \
        --certbot-bigip:bigip-username 'user' \
        --certbot-bigip:bigip-password 'secret' \
        --certbot-bigip:bigip-partition 'internal' \
        --certbot-bigip:bigip-clientssl-parent '/Common/parent_clientssl' \
        --certbot-bigip:bigip-vs-list '/internal/example.com.app/example.com_vs' \
        --certbot-bigip:bigip-device-group 'fail-sync' \
        --certbot-bigip:bigip-iapp '/internal/example.com.app/example.com_vs'

Issues

If you find errors please add a ticket If you fix errors please create a new branch and then a merge request

to the master branch if it is a bugfix
to the development branch if it is a feature

Develop

docker run --volume $PWD:/src -it registry.ong.at:5555/infra/certbot-plugins/environments/certbot_docker_image:master sh

#in container:
/src/python setup.py develop

use the docker image for local development

test

docker run --volume $PWD:/src -it registry.ong.at:5555/infra/certbot-plugins/environments/certbot_docker_image:master sh

# in container run
export BIGIP_USERNAME=myusername
export BIGIP_PASSWORD=myPassword
pytest

release

to release a version on pypi tag a commit on the master branch like this "v1.0.3"

Project details

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

1.2.1

May 22, 2023

1.2.0

Jan 26, 2023

1.1.2

Nov 2, 2021

1.1.1

Jun 25, 2021

1.1.0

May 17, 2021

This version

1.0.4

Feb 18, 2021

1.0.3

Feb 18, 2021

1.0.2

Feb 10, 2020

1.0.1

Feb 10, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

certbot-bigip-1.0.4.tar.gz (14.4 kB view hashes)

Uploaded Feb 18, 2021 Source

Hashes for certbot-bigip-1.0.4.tar.gz

Hashes for certbot-bigip-1.0.4.tar.gz
Algorithm	Hash digest
SHA256	`5be7ae6c8ec40e1997516f4a4fc3d53d798aa575851fe9f33d6d129586318a6a`
MD5	`13cc67f54908259e28dd2693539052e9`
BLAKE2b-256	`403b8701dfc19d0330e1e4642b7feb8eaab6ad89631a9ceb972c0c70a645b18c`