Metadata-Version: 2.4
Name: certbot_oci_certs
Version: 0.2.0
Summary: OCI Certs Management Service plugin for Certbot
Home-page: https://github.com/therealcmj/certbot-oci-certs
Author: Chris Johnson
Author-email: christopher.johnson@oracle.com
License: Apache License 2.0
Classifier: Development Status :: 3 - Alpha
Classifier: Environment :: Plugins
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Security
Classifier: Topic :: System :: Installation/Setup
Classifier: Topic :: System :: Networking
Classifier: Topic :: System :: Systems Administration
Classifier: Topic :: Utilities
Requires-Python: >=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*
Description-Content-Type: text/x-rst
License-File: LICENSE.txt
Requires-Dist: acme>=1.7.0
Requires-Dist: certbot>=1.7.0
Requires-Dist: setuptools
Requires-Dist: mock
Requires-Dist: oci
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: license
Dynamic: license-file
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

certbot-oci-certs
=================

Oracle Cloud Infrastructure (OCI) Installer plugin for Certbot.

This plugin automates the process of installing a certificate acquired by certbot
into OCI Certificates Management Service.

For more information on the OCI Certificates service please see the official documentation at
https://docs.oracle.com/en-us/iaas/Content/certificates/home.htm

Configuration:
--------------

Install and configure the OCI CLI. See https://docs.cloud.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm
for details.

To use this installer you will need:

* an OCI account with adequate permission to Create / Update / Delete certificates stored in the Certificates Management Service

Installation
------------

This package is now published `on PyPi`_, which makes installation super easy. From your command line:

.. _on PyPi: https://pypi.org/project/certbot-oci-certs/



::

    pip install certbot-oci-certs



Development
-----------

If you want to work on the code you should create a virtual environment and install it there:

::

    git clone git@github.com:therealcmj/certbot-oci-certs.git
    cd certbot-oci-certs
    virtualenv dev
    . ./dev/bin/activate
    pip install -e .

You can then use your IDE as normal on the live code.

To use the debugger be sure to choose the correct virtual environment. For PyCharm go to Debug, Edit Configurations
and then update the Interpreter to point to the newly created Virtual Environment.

Arguments
---------

As of this writing this plug-in supports the following arguments on certbot's command line:

::

  --oci-certificate-id OCI_CERTIFICATE_ID
                        Certificate OCID (default: None)
  --oci-certificate-name OCI_CERTIFICATE_NAME
                        Certificate Name (default: None)
  --oci-compartment-id OCI_COMPARTMENT_ID
                        Compartment OCID (default: None)
  --oci-auth-mode {configfile,instance,cloudshell}
                        Authentication mode - one of "configfile", "instance", "cloudshell" (default: configfile)
  --oci-configfile OCI_CONFIGFILE
                        OCI CLI Configuration file (for authmode=configfile). (default: None)
  --oci-profile OCI_PROFILE
                        OCI configuration profile (in OCI configuration file) (default: DEFAULT)


You can always get a list of the available arguments by running

::

  certbot installer -h oci

Examples
--------

Assuming you have previously acquired a certificate for demosite.ociateam.com
(perhaps using the certbot-dns-oci plug-in)
you can install it via:


::

    certbot install \
     --logs-dir logs --work-dir work --config-dir config \
     --installer oci \
     --oci-compartment $MYOCICOMPARTMENT \
     --cert-path demosite.ociateam.com/cert.pem \
     --key-path demosite.ociateam.com/privkey.pem \
     --chain-path demosite.ociateam.com/chain.pem \
     -d demosite.ociateam.com



If you want to acquire a certificate AND install it in one go using both of my plug-ins you can do that too...

::

    CERTNAME=demo$$.ociateam.com ; \
    certbot run \
     --test-cert \
     --logs-dir logs --work-dir work --config-dir config \
     --authenticator dns-oci \
     --installer oci \
     --oci-compartment $MYOCICOMPARTMENT \
     --oci-certificate-name $CERTNAME \
     --debug \
     -d $CERTNAME


And to renew (just that one certificate) later it's just:

::

    CERTNAME=demo$$.ociateam.com ; \
    certbot renew \
     --test-cert \
     --logs-dir logs --work-dir work --config-dir config \
     --debug \
     --cert-name $CERTNAME


CAUTION:
--------

Please do remember tat "certbot renew" tries to renew all certs nearing expiration. If you use the
--oci-certificate-name command line argument when running "certbot renew" you're going to make a mess of things.
So be cautious and renew certs one by one OR remember to leave that command line argument off!

YOU HAVE BEEN WARNED.

