Name Mode Size
.gitignore 100644 0 kb
COPYING 100644 0 kb
Makefile 100644 0 kb
README.md 100644 2 kb
combinedfs.py 100755 13 kb
configuration.reference.yaml 100644 4 kb
readdir.c 100644 1 kb
requirements.txt 100644 0 kb
README.md
# CombinedFS CombinedFS stands for Completely Over-engineered, Melted Brain-Induced, Not Even Decent Fucking Solution. Well, no, it doesn't, but I like far-fetched acronyms. CombinedFS is a FUSE FileSystem that exposes a transformed, straightforward, read-only version of Let's Encrypt / Certbot's "live" directory for better integration with software that requires "combined" PEM files. ## Features - Dynamically concatenate and expose adequate PEM files; - include PEM files from outside the Certbot directory, e.g. Diffie-Hellman parameters; - hide symlinks, resulting in a single directory to expose to your TLS frontend; - filter exposed certificates (whitelist / blacklist) using a regular expression; - expose either a Certbot-like tree (e.g. my.domain.tld/combined.pem), suitable for those who just need filtering or concatenation... - or a flattened directory (e.g. my.domain.tld_cert.pem), suitable for software that loads all PEM files in a given directory; - specify Unix permissions: uid, gid, mode, either globally or on a per-file basis (not a per-cert basis though). ## Implementation - Python with [fusepy](https://github.com/fusepy/fusepy) - YAML/JSON configuration file ## How to use it ``` combinedfs.py [--foreground] /path/to/configuration.yaml /mount/point ``` fstab syntax: ``` /path/to/configuration.yaml /mount/point fuse.combinedfs defaults 0 0 ``` Refer to `configuration.reference.yaml` to write your own configuration file. It is possible to reload the configuration file without remounting the filesystem. ``` cat /mount/point/reload ``` This will output either "reload ok" or "reload fail". ## Why? Certbot already offers hooks to handle pretty much everything, from mere concatenations to complex deployments to various kinds of clusters. So why write a Fuse FileSystem to cover only a small part of this scope? Well, duh. Because it's fun, here's why.