renames

README.md

@@ -191,7 +191,7 @@ Lot of self-hosting related fixes.
 
 Generating the domain inside the style TileJSON files dynamically (using nginx sub_filter).
 
-Added SKIP_LETSENCRYPT variable for cases when the certificates are self-managed or self-signed is OK.
+Added SELF_SIGNED_CERTS variable for cases when the certificates are self-managed or self-signed is OK.
 
 **v0.7**
 

config/.env.sample

@@ -1,11 +1,11 @@
 # Leave this empty if you use SSH keys
 SSH_PASSWD=
 
-# Domain, using Let's Encrypt certificates
+# domain, set this up using an A record in your domain registrar's control panel
 DOMAIN_DIRECT=
 
 # Let's Encrypt account email
-LE_EMAIL=
+LETSENCRYPT_EMAIL=
 
 # Skip the full planet download, useful for testing (true/false)
 SKIP_PLANET=false
@@ -14,7 +14,7 @@ SKIP_PLANET=false
 # If you are using a custom solution like VPN, Traefik,
 # or Cloudflare managed certificates, set this to true.
 # In this case, you'll have self-signed certificates after the script completes.
-SKIP_LETSENCRYPT=false
+SELF_SIGNED_CERTS=false
 
 
 

docs/self_hosting.md

@@ -50,7 +50,7 @@ git clone https://github.com/hyperknot/openfreemap
 In the config folder, copy `.env.sample` to `.env` and set the values.
 
 `DOMAIN_DIRECT` - Your subdomain \
-`LE_EMAIL` - Your email for Let's Encrypt
+`LETSENCRYPT_EMAIL` - Your email for Let's Encrypt
 
 Set `SKIP_PLANET=true` first.
 

modules/http_host/http_host_lib/nginx.py

@@ -17,7 +17,7 @@ def write_nginx_config():
 
     domain_direct = config.ofm_config['domain_direct']
     domain_roundrobin = config.ofm_config['domain_roundrobin']
-    skip_letsencrypt = config.ofm_config['skip_letsencrypt']
+    self_signed_certs = config.ofm_config['self_signed_certs']
 
     # remove old configs and certs
     for file in Path('/data/nginx/sites').glob('ofm_*.conf'):
@@ -43,8 +43,8 @@ def write_nginx_config():
 
     # processing Let's Encrypt config
     if domain_direct:
-        le_cert = config.certs_dir / 'ofm_le.cert'
+        le_cert = config.certs_dir / 'ofm_direct.cert'
-        le_key = config.certs_dir / 'ofm_le.key'
+        le_key = config.certs_dir / 'ofm_direct.key'
 
         if not le_cert.is_file() or not le_key.is_file():
             shutil.copyfile(Path('/etc/nginx/ssl/dummy.crt'), le_cert)
@@ -52,14 +52,14 @@ def write_nginx_config():
 
         curl_text_mix += create_nginx_conf(
             template_path=config.nginx_confs / 'le.conf',
-            local='ofm_le',
+            local='ofm_direct',
             domain=domain_direct,
         )
 
         subprocess.run(['nginx', '-t'], check=True)
         subprocess.run(['systemctl', 'reload', 'nginx'], check=True)
 
-        if not skip_letsencrypt:
+        if not self_signed_certs:
             subprocess.run(
                 [
                     'certbot',
@@ -68,9 +68,9 @@ def write_nginx_config():
                     '--webroot-path=/data/nginx/acme-challenges',
                     '--noninteractive',
                     '-m',
-                    config.ofm_config['le_email'],
+                    config.ofm_config['letsencrypt_email'],
                     '--agree-tos',
-                    '--cert-name=ofm_le',
+                    '--cert-name=ofm_direct',
                     # '--staging',
                     '--deploy-hook',
                     'nginx -t && service nginx reload',
@@ -84,8 +84,8 @@ def write_nginx_config():
             le_cert.unlink()
             le_key.unlink()
 
-            etc_cert = Path('/etc/letsencrypt/live/ofm_le/fullchain.pem')
+            etc_cert = Path('/etc/letsencrypt/live/ofm_direct/fullchain.pem')
-            etc_key = Path('/etc/letsencrypt/live/ofm_le/privkey.pem')
+            etc_key = Path('/etc/letsencrypt/live/ofm_direct/privkey.pem')
             assert etc_cert.is_file()
             assert etc_key.is_file()
             le_cert.symlink_to(etc_cert)

modules/http_host/http_host_lib/nginx_confs/le.conf

@@ -8,8 +8,8 @@ server {
     listen [::]:443 ssl;
     http2 on;
 
-    ssl_certificate /data/nginx/certs/ofm_le.cert;
+    ssl_certificate /data/nginx/certs/ofm_direct.cert;
-    ssl_certificate_key /data/nginx/certs/ofm_le.key;
+    ssl_certificate_key /data/nginx/certs/ofm_direct.key;
 
     ssl_session_timeout 1d;
     ssl_session_cache shared:MozSSL:10m; # about 40000 sessions

ssh_lib/tasks.py

@@ -143,9 +143,9 @@ def install_benchmark(c):
 
 
 def setup_roundrobin_writer(c):
-    le_email = dotenv_val('LE_EMAIL').lower()
+    letsencrypt_email = dotenv_val('LETSENCRYPT_EMAIL').lower()
     domain_roundrobin = dotenv_val('DOMAIN_ROUNDROBIN').lower()
-    assert le_email
+    assert letsencrypt_email
     assert domain_roundrobin
     assert (CONFIG_DIR / 'rclone.conf').exists()
     assert (CONFIG_DIR / 'cloudflare.ini').exists()
@@ -189,7 +189,7 @@ def setup_roundrobin_writer(c):
         f'--dns-cloudflare-credentials {REMOTE_CONFIG}/cloudflare.ini '
         '--dns-cloudflare-propagation-seconds 20 '
         f'--noninteractive '
-        f'-m {le_email} '
+        f'-m {letsencrypt_email} '
         f'--agree-tos '
         f'--cert-name=ofm_roundrobin '
         f'--deploy-hook /data/ofm/roundrobin/rclone_write.sh '
@@ -203,23 +203,23 @@ def upload_config_json(c):
     domain_direct = dotenv_val('DOMAIN_DIRECT').lower()
     domain_roundrobin = dotenv_val('DOMAIN_ROUNDROBIN').lower()
     skip_planet = dotenv_val('SKIP_PLANET').lower() == 'true'
-    skip_letsencrypt = dotenv_val('SKIP_LETSENCRYPT').lower() == 'true'
+    self_signed_certs = dotenv_val('SELF_SIGNED_CERTS').lower() == 'true'
-    le_email = dotenv_val('LE_EMAIL').lower()
+    letsencrypt_email = dotenv_val('LETSENCRYPT_EMAIL').lower()
 
     if not (domain_direct or domain_roundrobin):
         sys.exit('Please specify DOMAIN_DIRECT or DOMAIN_ROUNDROBIN in config/.env')
 
-    if domain_direct and not le_email and not skip_letsencrypt:
+    if domain_direct and not letsencrypt_email and not self_signed_certs:
-        sys.exit('Please add your email to LE_EMAIL when using DOMAIN_DIRECT')
+        sys.exit('Please add your email to LETSENCRYPT_EMAIL when using DOMAIN_DIRECT')
 
     http_host_list = [h.strip() for h in dotenv_val('HTTP_HOST_LIST').split(',') if h.strip()]
 
     config = {
         'domain_direct': domain_direct,
         'domain_roundrobin': domain_roundrobin,
-        'le_email': le_email,
+        'letsencrypt_email': letsencrypt_email,
         'skip_planet': skip_planet,
-        'skip_letsencrypt': skip_letsencrypt,
+        'self_signed_certs': self_signed_certs,
         'http_host_list': http_host_list,
         'telegram_token': dotenv_val('TELEGRAM_TOKEN'),
         'telegram_chat_id': dotenv_val('TELEGRAM_CHAT_ID'),