#------------------------------------------------------------------------------ # /etc/check.d/certs_dehydrated.exp - configuration for certs_dehydrated # # Copyright (c) 2016-2025 The Eisfair Team, team(at)eisfair(dot)org # # Creation: 2016-09-02 jed # Last Update: $Id$ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. #------------------------------------------------------------------------------ DEHYDRATED_API = '()|auto|1|2' : 'invalid api version, should be "auto", "1" or "2".' DEHYDRATED_CHALLENGE = '()|dns-01|http-01|tls-alpn-01' : 'invalid challenge type, should be "dns-01", "http-01" or "tls-alpn-01".' DEHYDRATED_ABS_PATH = '/(([[:alnum:]]|[-_. ])+)(/([[:alnum:]]|[-_. ])+)*/?' : 'no valid absolute path (must start with a slash and only numbers, letters, "-", "_" and " " divided by "/" are allowed)' DEHYDRATED_WC_DOMAIN = '\*\.(RE:DOMAIN)' : 'wrong wildcard domain name, should consist of a wildcard (*) and a domain name diveded by a dot; only letters, numbers and minus sign are allowed, no leading or trailing minus sign' DEHYDRATED_DOMAIN = '((RE:DEHYDRATED_WC_DOMAIN)|(RE:FQDN)|(RE:HOSTNAME))((:((RE:DEHYDRATED_WC_DOMAIN)|(RE:FQDN)|(RE:HOSTNAME)))+)?' : 'no valid domain specification, should contain one or more fully qualified domain or host names which are separated by a colon. IP addresses are not supported!' DEHYDRATED_HOOK_TYPE = 'clean_challenge|deploy_cert|deploy_challenge|deploy_ocsp|exit_hook|generate_csr|invalid_challenge|request_failure|startup_hook|sync_cert|unchanged_cert' : 'no valid type selected, should be "clean_challenge", "deploy_cert", "deploy_challenge", "deploy_ocsp", "exit_hook", "generate_csr", "invalid_challenge", "request_failure", "startup_hook", "sync_cert" or "unchanged_cert".' DEHYDRATED_IP_VERSION = '4|6' : 'invalid IP version chosen, should be "4" or "6".' DEHYDRATED_MODE = 'live|test' : 'no valid mode chosen, should be "live" or "test".' DEHYDRATED_CA = 'letsencrypt|letsencrypt-test|buypass|buypass-test|google|google-test|zerossl' : 'no valid mode chosen, should be "letsencrypt", "letsencrypt-test", "buypass", "buypass-test", "google", "google-test" or "zerossl".' DEHYDRATED_EPREFIX = '()|(([[:alnum:]]|[-_.])+)' : 'not a valid prefix, should be empty or a string which contains one or more of the following characters: "a-z", "0-9", "-", "_", ".".' DEHYDRATED_PROGRAMS = 'apache2|ldapserver|mail|mini_httpd|partimg|proftpd|pure-ftpd|ssmtp' : 'no valid program name selected, should be "apache2", "ldapserver", "mail", "mini_httpd", "partimg", "proftpd", "pure-ftpd" or "ssmtp".' DEHYDRATED_EUSAGE = '()|all|(RE:DEHYDRATED_PROGRAMS)(:(RE:DEHYDRATED_PROGRAMS))*' : 'invalid list of program, should be an empty string, "all" or a colon separated list of the following programs: "apache2", "ldapserver", "mail", "mini_httpd", "partimg", "proftpd", "pure-ftpd" or "ssmtp".' DEHYDRATED_RSA_KEYBITS = '1024|2048|4096|8192' : 'invalid value selected, should be "1024", "2048", "4096" or "8192".' DEHYDRATED_AGREEMENT = 'no|I ACCEPT THE AGREEMENT' : 'invalid value set, should be "no" or "I accept the agreement" all in uppercase letters.' DEHYDRATED_KEY_ALGO = 'rsa|prime256v1|secp384r1' : 'invalid key algorithm set, should be "secp384r1", "prime256v1" or "rsa".' DEHYDRATED_CHAINS = '()|default|dst-root-ca-x3|isrg-root-x1' : 'invalid chain selected, should be "default", "dst-root-ca-x3" or "isrg-root-x1".'