Merge pull request #2129 from solliancenet/certbot-updates

Update Certbot to use Ubuntu 22.04 and use RSA when calling Certbot
solliancenet · Jan 16, 2025 · 70a337a · 70a337a
2 parents 64aacd2 + 9501194
commit 70a337a
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 11 deletions.
diff --git a/.gitignore b/.gitignore
@@ -400,4 +400,5 @@ deploy/quick-start/tools
 *.lutconfig
 dist
 **/foundationallm-certificates.SecretProviderClass.json
-**/foundationallm_external_modules**
+**/foundationallm_external_modules**
+certs.zip
diff --git a/deploy/common/docker/certbot-app/Dockerfile b/deploy/common/docker/certbot-app/Dockerfile
@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/vscode/devcontainers/base:0-bullseye
+FROM ubuntu:22.04
 
 ARG INSTALL_ZSH="true"
 ARG UPGRADE_PACKAGES="true"
@@ -13,7 +13,7 @@ RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
     && apt-get clean -y && rm -rf /var/lib/apt/lists/*
 
 RUN bash /tmp/library-scripts/azcli-debian.sh
-RUN bash /tmp/library-scripts/install-certbot.sh
+RUN export DEBIAN_FRONTEND=noninteractive && bash /tmp/library-scripts/install-certbot.sh
 RUN bash /tmp/library-scripts/pwsh-debian.sh
 
 RUN rm -rf /tmp/library-scripts

diff --git a/deploy/common/docker/certbot-app/Makefile b/deploy/common/docker/certbot-app/Makefile
@@ -8,4 +8,4 @@ prepare:
 	cp -v ../../scripts/Function-Library.ps1 .
 
 pull:
-	docker pull mcr.microsoft.com/vscode/devcontainers/base:0-bullseye
+	docker pull ubuntu:22.04
diff --git a/deploy/common/docker/certbot-app/New-LetsEncryptCertificates.ps1 b/deploy/common/docker/certbot-app/New-LetsEncryptCertificates.ps1
@@ -98,6 +98,8 @@ foreach ($basename in $basenames.GetEnumerator()) {
             --email $email `
             --authenticator dns-azure `
             --config-dir $directories["config"] `
+            --key-type rsa `
+            --cert-name $fqdn `
             --dns-azure-config /app/config/certbot.ini `
             --domain $fqdn `
             --keep-until-expiring `

diff --git a/deploy/common/docker/certbot-app/library-scripts/pwsh-debian.sh b/deploy/common/docker/certbot-app/library-scripts/pwsh-debian.sh
@@ -2,26 +2,25 @@
 set -euo pipefail
 
 # https://learn.microsoft.com/en-us/powershell/scripting/install/install-debian?view=powershell-7.4
-
 ###################################
 # Prerequisites
 
 # Update the list of packages
 sudo apt-get update
 
 # Install pre-requisite packages.
-sudo apt-get install -y wget
+sudo apt-get install -y wget apt-transport-https software-properties-common
 
-# Get the version of Debian
+# Get the version of Ubuntu
 source /etc/os-release
 
-# Download the Microsoft repository GPG keys
-wget -q https://packages.microsoft.com/config/debian/$VERSION_ID/packages-microsoft-prod.deb
+# Download the Microsoft repository keys
+wget -q https://packages.microsoft.com/config/ubuntu/$VERSION_ID/packages-microsoft-prod.deb
 
-# Register the Microsoft repository GPG keys
+# Register the Microsoft repository keys
 sudo dpkg -i packages-microsoft-prod.deb
 
-# Delete the Microsoft repository GPG keys file
+# Delete the Microsoft repository keys file
 rm packages-microsoft-prod.deb
 
 # Update the list of packages after we added packages.microsoft.com