{ "info": { "author": "Yanis Guenane", "author_email": "yguenane@redhat.com", "bugtrack_url": null, "classifiers": [ "Environment :: Console", "Intended Audience :: Developers", "Intended Audience :: Information Technology", "License :: OSI Approved :: Apache Software License", "Operating System :: POSIX :: Linux", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5" ], "description": "========================================\nlecm: Let's Encrypt Certificates Manager\n========================================\n\n|buildstatus|_ |release|_ |versions|_\n\n\n`Let's Encrypt`_ Certificates Manager (lecm) is an\nutility that allows one to manage (generate and renew) Let's Encrypt SSL\ncertificates.\n\nGoal\n----\n\nThe goal of ``lecm`` is to be able to generate and renew\n`Let's Encrypt`_ SSL certificates automatically.\n\n``lecm`` is configuration driven. Each certificate that needs to be managed\nis described in the configuration file.\n\nInstallation\n------------\n\nUsing pypi\n^^^^^^^^^^\n\nYou just need to\n\n``$ pip install lecm``\n\nDebian-based distro (Debian, Ubuntu, \u2026)\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\nThere is an `official Debian package for lecm`_\n\n``$ sudo apt-get install lecm``\n\nHow to run it\n-------------\n\n``lecm`` is configuration driven. The configuration file is (by order of\npriority):\n\n1. The one specified on the command line (``lecm --conf /path/to/conf.yml``)\n2. The one specified in the environment variable ``$LECM_CONFIGURATION``\n3. The ``/etc/lecm.conf``\n\n``lecm`` supports various commands:\n\n\n``--generate``\n^^^^^^^^^^^^^^\n\n``lecm --generate`` will generate SSL certificates for items listed in the\nconfiguration file that are not present in the filesystem.\n\n\n``--renew``\n^^^^^^^^^^^\n\n``lecm --renew`` will renew SSL certificates already present on the filesystem\nif its expiry date is lower than the ``remainin_days`` value.\n\n\n``--force``\n^^^^^^^^^^^\n\n``lecm --force`` will force the regeneration or renewal of SSL certificates, even\nif its expiry date is not lower than the ``remainin_days`` value.\n\n\n``--list``\n^^^^^^^^^^\n\n``lecm --list`` will display basic informations about currently configured items.\n\n\n.. code-block::\n\n +--------- +----------------------------------+---------------+------------------------------------------------------------------+-----------------------------------------------------------+------+\n | In Sync | Item | Status | subjectAltName | Location | Days |\n +--------- +----------------------------------+---------------+------------------------------------------------------------------+-----------------------------------------------------------+------+\n | True | lecm-test.distributed-ci.io | Generated | DNS:lecm-test.distributed-ci.io | /etc/letsencrypt/pem/lecm-test.distributed-ci.io.pem | 89 |\n | False | lecm-test-test.distributed-ci.io | Not-Generated | DNS;lecm-test-test.distributed-ci.io,DNS:lecm.distributedi-ci.io | /etc/letsencrypt/pem/lecm-test-test.distributed-ci.io.pem | N/A |\n +----------+----------------------------------+---------------+------------------------------------------------------------------+-----------------------------------------------------------+------+\n\n\n``--list-details``\n^^^^^^^^^^^^^^^^\n\n``lecm --list-details`` will display details informations about currently configured items.\n\n.. code-block::\n\n +--------- +----------------------------------+---------------+------------------------------------------------------------------+---------------------------+--------------+-----------------------------------------------------------+------+------+--------+------+\n | In Sync | Item | Status | subjectAltName | emailAddress | Environment | Location | Type | Size | Digest | Days |\n +--------- +----------------------------------+---------------+------------------------------------------------------------------+---------------------------+--------------+-----------------------------------------------------------+------+------+--------+------+\n | True | lecm-test.distributed-ci.io | Generated | DNS:lecm-test.distributed-ci.io | distributed-ci@redhat.com | production | /etc/letsencrypt/pem/lecm-test.distributed-ci.io.pem | RSA | 4096 | sha256 | 89 |\n | False | lecm-test-test.distributed-ci.io | Not-Generated | DNS;lecm-test-test.distributed-ci.io,DNS:lecm.distributedi-ci.io | distributed-ci@redhat.com | staging | /etc/letsencrypt/pem/lecm-test-test.distributed-ci.io.pem | RSA | 2048 | sha256 | N/A |\n +----------+----------------------------------+---------------+------------------------------------------------------------------+---------------------------+--------------|-----------------------------------------------------------+------+------+--------+------+\n\n\nConfiguration\n-------------\n\nEvery parameters are either applicable globally or within the scope of a certificate. The finest specification wins.\n\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| Parameter | Scope | Default | Description |\n+========================+=====================+===================+===============================================================================+\n| path | global, certificate | None | Folder where will reside all the relevant files |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| type | global, certificate | RSA | Type of the key to generate (Possible: RSA, DSA) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| size | global, certificate | 4096 | Size of the key to generate |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| digest | global, certificate | sha256 | Digest of the key to generate |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| version | global, certificate | 3 | Version of the SSL Certificate to generate |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| subjectAltName | global, certificate | None | subjectAltName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| countryName | global, certificate | None | countryName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| stateOrProvinceName | global, certificate | None | stateOrProvinceName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| localityName | global, certificate | None | localityName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| organizationName | global, certificate | None | organizationName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| organizationalUnitName | global, certificate | None | organizationalUnitName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| commonName | global, certificate | None | commonName value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| emailAddress | global, certificate | None | emailAddress value of the Certificate Signing Request (csr) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| account_key_name | global, certificate | account_$fqdn.key | Name of the account key to generate |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| remaining_days | global, certificate | 10 | Number of days of validity below which the SSL Certificate should be renewed |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| service_name | global, certificate | httpd | Service that needs to be reloaded for the change to be taken in consideration |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| service_provider | global, certificate | systemd | Service management system (Possible: systemd, sysv) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n| environment | global, certificate | production | Let's Encrypt environment to use (Possible: production, staging) |\n+------------------------+---------------------+-------------------+-------------------------------------------------------------------------------+\n\n\nConfiguration file example\n--------------------------\n\n.. code-block::\n\n ---\n path: /etc/letsencrypt\n\n certificates:\n my.example.com:\n app.example.com:\n subjectAltName:\n - app.example.com\n - app1.example.com\n - app2.example.com\n\nMore example can be found in the ``sample/`` directory.\n\nHttpd and Nginx\n---------------\n\n``lecm`` does not configure the webservers, they have to be previously\nconfigured to be able to answer the challenges.\n\nhttpd\n^^^^^\n\n.. code-block::\n\n Alias /.well-known/acme-challenge /etc/letsencrypt/challenges/my.example.com\n \n Require all granted\n \n\n\nnginx\n^^^^^\n\n.. code-block::\n\n location /.well-known/acme-challenge/ {\n alias /etc/letsencrypt/challenges/my.example.com/;\n try_files $uri =404;\n }\n\n\n.. |buildstatus| image:: https://img.shields.io/travis/Spredzy/lecm/master.svg\n.. _buildstatus: https://travis-ci.org/Spredzy/lecm\n\n.. |release| image:: https://img.shields.io/pypi/v/lecm.svg\n.. _release: https://pypi.python.org/pypi/lecm\n\n.. |versions| image:: https://img.shields.io/pypi/pyversions/lecm.svg\n.. _versions: https://pypi.python.org/pypi/lecm\n\n.. _Let's Encrypt: https://letsencrypt.org/\n.. _official Debian package for lecm: https://tracker.debian.org/pkg/lecm", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/Spredzy/lecm", "keywords": "", "license": "Apache v2.0", "maintainer": "", "maintainer_email": "", "name": "lecm", "package_url": "https://pypi.org/project/lecm/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/lecm/", "project_urls": { "Homepage": "https://github.com/Spredzy/lecm" }, "release_url": "https://pypi.org/project/lecm/0.0.7/", "requires_dist": null, "requires_python": "", "summary": "Tool to manage Lets Encrypt certificates from configuration file", "version": "0.0.7" }, "last_serial": 2468302, "releases": { "0.0.1": [], "0.0.2": [ { "comment_text": "", "digests": { "md5": "5ea581b23978ffcbcb8387fc7e5f16eb", "sha256": "608dbb8f5c479b0d39521d8db6291ea517c3038b4338db3c3cd31abd4bb83e3a" }, "downloads": -1, "filename": "lecm-0.0.2.tar.gz", "has_sig": false, "md5_digest": "5ea581b23978ffcbcb8387fc7e5f16eb", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9685, "upload_time": "2016-07-08T10:17:53", "url": "https://files.pythonhosted.org/packages/42/21/6374b5a3201fa058ed5e879a575af4b69d37023ae7f497510c6043727bf0/lecm-0.0.2.tar.gz" } ], "0.0.3": [ { "comment_text": "", "digests": { "md5": "3ef0563ecdc77d440df306d4f637eb1e", "sha256": "147fd2485129e6f5b1bbc34a32f946ca93d56c804b194375622b52aa2a11ec6d" }, "downloads": -1, "filename": "lecm-0.0.3.tar.gz", "has_sig": false, "md5_digest": "3ef0563ecdc77d440df306d4f637eb1e", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9751, "upload_time": "2016-07-23T20:57:12", "url": "https://files.pythonhosted.org/packages/37/4b/ff2325210ce0f5bc4b63cac58ec9414cc014cb735faf00aee0a0103622c7/lecm-0.0.3.tar.gz" } ], "0.0.4": [ { "comment_text": "", "digests": { "md5": "435f200e89c1450f640ecb2e9bf0d5ec", "sha256": "8c34fc4a8b5b1189fb41e16bac61e653fd6426f62795a53d443ec3dfc02807ee" }, "downloads": -1, "filename": "lecm-0.0.4.tar.gz", "has_sig": false, "md5_digest": "435f200e89c1450f640ecb2e9bf0d5ec", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 9889, "upload_time": "2016-08-01T13:04:22", "url": "https://files.pythonhosted.org/packages/1d/de/ad5f3ae906e2b21ae4b7f548d4648ba0d0fbba945e00e9249056e1786d82/lecm-0.0.4.tar.gz" } ], "0.0.5": [ { "comment_text": "", "digests": { "md5": "ec7d2c5f5bbb9e85b6ee51df9b60ba0c", "sha256": "82b49183e3aae67d40808e60ca3074c0f663a5045b9f07cc3bd7d4b3372f404b" }, "downloads": -1, "filename": "lecm-0.0.5.tar.gz", "has_sig": false, "md5_digest": "ec7d2c5f5bbb9e85b6ee51df9b60ba0c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10294, "upload_time": "2016-10-20T21:45:25", "url": "https://files.pythonhosted.org/packages/4d/e4/323ead2c412420a46bbac96c198f2ba06ce5a5ecabf6b251886821308d0d/lecm-0.0.5.tar.gz" } ], "0.0.6": [ { "comment_text": "", "digests": { "md5": "ba9a71906f9552e352838288a3ef11b0", "sha256": "7b6209a9468c4b639fa35e9eec6298b6aad0f02c4449d33caa139b0494bc9fe8" }, "downloads": -1, "filename": "lecm-0.0.6.tar.gz", "has_sig": false, "md5_digest": "ba9a71906f9552e352838288a3ef11b0", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10785, "upload_time": "2016-11-09T11:12:38", "url": "https://files.pythonhosted.org/packages/b2/96/90b8196635d5f5d48a84a82f915f220af010f79caa0a90a300240f38b6b4/lecm-0.0.6.tar.gz" } ], "0.0.7": [ { "comment_text": "", "digests": { "md5": "54b3671bc035c833a943832911f225ea", "sha256": "3fc4a368af952cb7b4d532d3797d21693f4a5a9ecb958aa0fb9abfd421d1afab" }, "downloads": -1, "filename": "lecm-0.0.7.tar.gz", "has_sig": false, "md5_digest": "54b3671bc035c833a943832911f225ea", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12033, "upload_time": "2016-11-18T11:37:52", "url": "https://files.pythonhosted.org/packages/19/e9/13a2f06d9277090d7d462b4680b6d2f89af4b59c085993e5f55cd3dfc77e/lecm-0.0.7.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "54b3671bc035c833a943832911f225ea", "sha256": "3fc4a368af952cb7b4d532d3797d21693f4a5a9ecb958aa0fb9abfd421d1afab" }, "downloads": -1, "filename": "lecm-0.0.7.tar.gz", "has_sig": false, "md5_digest": "54b3671bc035c833a943832911f225ea", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12033, "upload_time": "2016-11-18T11:37:52", "url": "https://files.pythonhosted.org/packages/19/e9/13a2f06d9277090d7d462b4680b6d2f89af4b59c085993e5f55cd3dfc77e/lecm-0.0.7.tar.gz" } ] }