servnest
/
servnest-mkosi
1
1
Fork 0
Code Issues Pull Requests Releases Activity

sudoers: add --config to certbot commands

This commit is contained in:
Miraty 2024-04-10 00:11:13 +02:00
parent 5a3a301451
commit 572816d54e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
mkosi.extra/install/sudoers
View File

@ -1,7 +1,7 @@
servnest ALL=(root) NOPASSWD: /usr/bin/systemctl reload tor
servnest ALL=(root) NOPASSWD: /usr/bin/chgrp ^--no-dereference -- sftpgo /srv/servnest/ht/fs/[0-9a-f]{64}$
servnest ALL=(root) NOPASSWD: /usr/bin/certbot ^certonly --domain ([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}( --test-cert)?$
servnest ALL=(root) NOPASSWD: /usr/bin/certbot ^delete --quiet --cert-name ([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$
servnest ALL=(root) NOPASSWD: /usr/bin/certbot ^--config /etc/letsencrypt/servnest\.ini certonly --domain ([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}( --test-cert)?$
servnest ALL=(root) NOPASSWD: /usr/bin/certbot ^--config /etc/letsencrypt/servnest\.ini delete --quiet --cert-name ([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$
servnest ALL=(tor) NOPASSWD: /usr/bin/cat ^-- /srv/servnest/tor-keys/[0-9a-f]{64}/[a-zA-Z0-9_-]{1,64}/hostname$
servnest ALL=(tor) NOPASSWD: /usr/bin/mkdir ^--mode=0700 -- /srv/servnest/tor-keys/[0-9a-f]{64}$
servnest ALL=(tor) NOPASSWD: /usr/bin/rm ^-r -- /srv/servnest/tor-keys/[0-9a-f]{64}(/[a-zA-Z0-9_-]{1,64})?$