bfren
diff --git a/‎Dockerfile
Lines changed: 1 addition & 3 deletions b/‎Dockerfile
Lines changed: 1 addition & 3 deletions
diff --git a/‎Dockerfile-automated
Lines changed: 0 additions & 2 deletions b/‎Dockerfile-automated
Lines changed: 0 additions & 2 deletions
diff --git a/‎VERSION
Lines changed: 1 addition & 1 deletion b/‎VERSION
Lines changed: 1 addition & 1 deletion
diff --git a/‎overlay/etc/cont-init.d/20-paths
Lines changed: 1 addition & 1 deletion b/‎overlay/etc/cont-init.d/20-paths
Lines changed: 1 addition & 1 deletion
diff --git a/‎overlay/etc/cont-init.d/21-ssl
Lines changed: 5 additions & 5 deletions b/‎overlay/etc/cont-init.d/21-ssl
Lines changed: 5 additions & 5 deletions
diff --git a/‎overlay/etc/ssl/getssl
Lines changed: 7 additions & 40 deletions b/‎overlay/etc/ssl/getssl
Lines changed: 7 additions & 40 deletions
diff --git a/‎overlay/etc/ssl/inc/check.sh
Lines changed: 3 additions & 3 deletions b/‎overlay/etc/ssl/inc/check.sh
Lines changed: 3 additions & 3 deletions
diff --git a/‎overlay/etc/ssl/inc/setup-global.sh
Lines changed: 4 additions & 5 deletions b/‎overlay/etc/ssl/inc/setup-global.sh
Lines changed: 4 additions & 5 deletions
diff --git a/‎overlay/etc/ssl/inc/setup-nginx.sh
Lines changed: 7 additions & 8 deletions b/‎overlay/etc/ssl/inc/setup-nginx.sh
Lines changed: 7 additions & 8 deletions
diff --git a/‎overlay/etc/ssl/inc/setup-ssl.sh
Lines changed: 2 additions & 2 deletions b/‎overlay/etc/ssl/inc/setup-ssl.sh
Lines changed: 2 additions & 2 deletions
@@ -1,4 +1,4 @@
-FROM bcgdesign/nginx:alpine-3.13-1.3.2
+FROM bcgdesign/nginx:alpine-3.13-1.4.1
 
 LABEL maintainer="Ben Green <[email protected]>" \
     org.label-schema.name="Nginx Proxy" \
@@ -27,12 +27,10 @@ ENV \
     # set to true to skip local HTTP token check
     GETSSL_SKIP_HTTP_TOKEN_CHECK="false"
 
-ARG GOMPLATE_VERSION=3.8.0-r0
 RUN apk -U upgrade \
     && apk add \
         bash \
         curl \
-        gomplate=${GOMPLATE_VERSION} \
         openssl \
     && rm -rf /var/cache/apk/* /etc/nginx/sites /tmp/*
 
 
@@ -27,12 +27,10 @@ ENV \
     # set to true to skip local HTTP token check
     GETSSL_SKIP_HTTP_TOKEN_CHECK="false"
 
-ARG GOMPLATE_VERSION=3.8.0-r0
 RUN apk -U upgrade \
     && apk add \
         bash \
         curl \
-        gomplate=${GOMPLATE_VERSION} \
         openssl \
     && rm -rf /var/cache/apk/* /etc/nginx/sites /tmp/*
 
 
@@ -1 +1 @@
-1.3.1
+1.4.0
@@ -7,7 +7,7 @@ set -euo pipefail
 # Add environment variable to S6 environment directory
 #======================================================================================================================
 
-add_env () { _echo "${1}=${2}" && printf "%s" $2 > /var/run/s6/container_environment/$1; }
+add_env () { bcg-echo "${1}=${2}" && printf "%s" $2 > /var/run/s6/container_environment/$1; }
 
 
 #======================================================================================================================
 
@@ -9,11 +9,11 @@ set -euo pipefail
 
 if [ "${CLEAN_INSTALL}" = "1" ] ; then
 
-    _echo "Clean install detected..."
-    _rmrf "${SSL_GLOBAL_CFG}"
-    _rmrf "${SSL_CERTS}/*"
-    _rmrf "${SITES}/*"
-    _done
+    bcg-echo "Clean install detected..."
+    bcg-rmrf "${SSL_GLOBAL_CFG}"
+    bcg-rmrf "${SSL_CERTS}/*"
+    bcg-rmrf "${SITES}/*"
+    bcg-done
 
 fi
 
 
@@ -248,13 +248,8 @@
 # 2020-12-22 Fixes to get_auth_dns
 # 2020-12-22 Check that dig doesn't return an error (#611)(2.32)
 # 2020-12-29 Fix dig SOA lookup (#617)(2.33)
-# 2021-01-05 Show error if running in POSIX mode (#611)
 # ----------------------------------------------------------------------------------------
 
-case :$SHELLOPTS: in
-  *:posix:*)   echo -e "${0##*/}: Running with POSIX mode enabled is not supported" >&2; exit 1;;
-esac
-
 PROGNAME=${0##*/}
 PROGDIR="$(cd "$(dirname "$0")" || exit; pwd -P;)"
 VERSION="2.33"
@@ -274,7 +269,6 @@ DEACTIVATE_AUTH="false"
 DEFAULT_REVOKE_CA="https://acme-v02.api.letsencrypt.org"
 DOMAIN_KEY_LENGTH=4096
 DUAL_RSA_ECDSA="false"
-FTP_OPTIONS=""
 GETSSL_IGNORE_CP_PRESERVE="false"
 HTTP_TOKEN_CHECK_WAIT=0
 IGNORE_DIRECTORY_DOMAIN="false"
@@ -773,9 +767,7 @@ check_getssl_upgrade() { # check if a more recent version of code is available a
           getssl_versions=("${getssl_versions[@]:1}")
         done
       fi
-      if ! eval "$ORIGCMD"; then
-        error_exit "Running upgraded getssl failed"
-      fi
+      eval "$ORIGCMD"
       graceful_exit
     else
       info ""
@@ -843,9 +835,6 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       if [[ "$cert" != "challenge token" ]] ; then
         error_exit "ftp is not a secure method for copying certificates or keys"
       fi
-      if [[ -z "$FTP_COMMAND" ]]; then
-        error_exit "No ftp command found"
-      fi
       debug "using ftp to copy the file from $from"
       ftpuser=$(echo "$to"| awk -F: '{print $2}')
       ftppass=$(echo "$to"| awk -F: '{print $3}')
@@ -857,15 +846,9 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       fromfile=$(basename "$from")
       debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost dir=$ftpdirn file=$ftpfile"
       debug "from dir=$fromdir  file=$fromfile"
-      if [ -n "$FTP_OPTIONS" ]; then
-        # Use eval to expand any variables in FTP_OPTIONS
-        FTP_OPTIONS=$(eval echo "$FTP_OPTIONS")
-        debug "FTP_OPTIONS=$FTP_OPTIONS"
-      fi
-      $FTP_COMMAND <<- _EOF
+      ftp -n <<- _EOF
 			open $ftphost
-      user $ftpuser $ftppass
-      $FTP_OPTIONS
+			user $ftpuser $ftppass
 			cd $ftpdirn
 			lcd $fromdir
 			put ./$fromfile
@@ -896,13 +879,12 @@ copy_file_to_location() { # copies a file, using scp, sftp or ftp if required.
       davsport=$(echo "$to"| awk -F: '{print $5}')
       davslocn=$(echo "$to"| awk -F: '{print $6}')
       davsdirn=$(dirname "$davslocn")
-      davsdirn=$(echo "${davsdirn}/" | sed 's,//,/,g')
       davsfile=$(basename "$davslocn")
       fromdir=$(dirname "$from")
       fromfile=$(basename "$from")
       debug "davs user=$davsuser - pass=$davspass - host=$davshost port=$davsport dir=$davsdirn file=$davsfile"
       debug "from dir=$fromdir  file=$fromfile"
-      curl -u "${davsuser}:${davspass}" -T "${fromdir}/${fromfile}" "https://${davshost}:${davsport}${davsdirn}${davsfile}"
+      curl -u "${davsuser}:${davspass}" -T "${fromdir}/${fromfile}" "https://${davshost}:${davsport}${davsdirn}/${davsfile}"
     else
       if ! mkdir -p "$(dirname "$to")" ; then
         error_exit "cannot create ACL directory $(basename "$to")"
@@ -1129,18 +1111,6 @@ find_dns_utils() {
     fi
 }
 
-find_ftp_command() {
-  FTP_COMMAND=""
-  if [[ -n "$(command -v ftp 2>/dev/null)" ]]; then
-    debug "Has ftp"
-    FTP_COMMAND="ftp -n"
-  elif [[ -n "$(command -v lftp 2>/dev/null)" ]]; then
-    debug "Has lftp"
-    FTP_COMMAND="lftp"
-  fi
-}
-
-
 fulfill_challenges() {
 dn=0
 for d in "${alldomains[@]}"; do
@@ -1290,8 +1260,8 @@ for d in "${alldomains[@]}"; do
           ftppass=$(echo "${t_loc}"| awk -F: '{print $3}')
           ftphost=$(echo "${t_loc}"| awk -F: '{print $4}')
           ftplocn=$(echo "${t_loc}"| awk -F: '{print $5}')
-          debug "$FTP_COMMAND user=$ftpuser - pass=$ftppass - host=$ftphost location=$ftplocn"
-          $FTP_COMMAND <<- EOF
+          debug "ftp user=$ftpuser - pass=$ftppass - host=$ftphost location=$ftplocn"
+          ftp -n <<- EOF
 					open $ftphost
 					user $ftpuser $ftppass
 					cd $ftplocn
@@ -2676,9 +2646,6 @@ set_server_type
 # check what dns utils are installed
 find_dns_utils
 
-# Find what ftp client is installed
-find_ftp_command
-
 # auto upgrade clients to v2
 auto_upgrade_v2
 
@@ -3032,4 +2999,4 @@ fi
 echo "certificate obtained for ${DOMAIN}"
 
 # gracefully exit ( tidying up temporary files etc).
-graceful_exit
+graceful_exit
@@ -5,7 +5,7 @@
 #======================================================================================================================
 
 if [ -z "${LETS_ENCRYPT_EMAIL}" ] ; then
-    _error "LETS_ENCRYPT_EMAIL must be set before requesting SSL certificates."
+    bcg-error "LETS_ENCRYPT_EMAIL must be set before requesting SSL certificates."
     exit 1
 fi
 
@@ -16,7 +16,7 @@ fi
 
 SSL_CONF=${SSL}/conf.sh
 if [ ! -f ${SSL_CONF} ] ; then
-    _error "You must create ${SSL_CONF} - see ssl-conf-sample.sh."
+    bcg-error "You must create ${SSL_CONF} - see ssl-conf-sample.sh."
     exit 1
 fi
 
@@ -32,7 +32,7 @@ source ${SSL_CONF}
 #======================================================================================================================
 
 if [ "${#DOMAINS[@]}" = "0" ] ; then
-    _error "No domains have been registered for SSL."
+    bcg-error "No domains have been registered for SSL."
     exit 1
 fi
 
 
@@ -7,14 +7,13 @@
 setup_global () {
 
     if [ ! -f ${SSL_GLOBAL_CFG} ] ; then
-        _echo " .. creating global configuration file..."
-        gomplate \
-            -o ${SSL_GLOBAL_CFG} \
-            -f ${TEMPLATES}/getssl-global.conf.tmpl
+        bcg-echo " .. creating global configuration file..."
+        esh -o ${SSL_GLOBAL_CFG} \
+            ${TEMPLATES}/getssl-global.conf.esh
     fi
 
     if [ ! -f ${SSL_DHPARAM} ] ; then
-        _echo " .. generating dhparam..."
+        bcg-echo " .. generating dhparam..."
         openssl dhparam -out ${SSL_DHPARAM} ${SSL_DHPARAM_BITS}
     fi
 
 
@@ -14,7 +14,7 @@ setup_nginx () {
     export IS_DEFAULT=${1}
     export DOMAIN_NAME=${2}
     export UPSTREAM=${3}
-    local -n DOMAIN_ALIASES=${4}
+    local DOMAIN_ALIASES=${4}
     export DOMAIN_NGXCONF=${5}
 
     # paths to site configuration and custom config directory
@@ -30,25 +30,24 @@ setup_nginx () {
 
         # if empty, remove config so it can be regenerated
         if [ -z "${DOMAIN_NGXCONF}" ] ; then
-            _echo "    removing and regnerating Nginx configuration"
+            bcg-echo "    removing and regnerating Nginx configuration"
             rm ${CONF}
 
         # otherwise, leave file (allows custom config)
         else
-            _echo "    keeping existing configuration."
+            bcg-echo "    keeping existing configuration."
             return 0
         fi
 
     else
 
         # no need to do anything, be a good log citizen
-        _echo "    generating default Nginx configuration"
+        bcg-echo "    generating default Nginx configuration"
 
     fi
 
     # build domain list and remove trailing / multiple spaces between domains
-    TMP="${DOMAIN_NAME}$(printf " %s" ${DOMAIN_ALIASES[@]})"
-    export SERVER_NAMES=$(echo "${TMP}" | xargs)
+    export SERVER_NAMES=$(echo "${DOMAIN_NAME} ${DOMAIN_ALIASES}" | xargs)
 
     # generate site configuration
     if [ "${IS_DEFAULT}" = "1" ] ; then
@@ -57,8 +56,8 @@ setup_nginx () {
         NGINX_CONF="site"
     fi
 
-    gomplate \
+    esh -s /bin/bash \
         -o ${CONF} \
-        -f ${TEMPLATES}/nginx-${NGINX_CONF}.conf.tmpl
+        ${TEMPLATES}/nginx-${NGINX_CONF}.conf.esh
 
 }
@@ -29,11 +29,11 @@ generate_temp_cert () {
 setup_ssl () {
 
     local DOMAIN_NAME=${1}
-    local -n DOMAIN_ALIASES=${2}
+    local DOMAIN_ALIASES=(${2})
     local FILE=${SSL_CERTS}/${DOMAIN_NAME}/${GETSSL_CFG}
 
     # check for existing configuration
-    [[ -f ${FILE} ]] && _echo "    already set up." && return 0
+    [[ -f ${FILE} ]] && bcg-echo "    already set up." && return 0
 
     # -U stop upgrade checks
     # -w set working directory