Fix certbot
This commit is contained in:
Marco Streich
parent
259398507f
commit
3c61c48993
|
|
@ -14,20 +14,20 @@ domains="-d $DOMAIN_NAME"
|
|||
for san in $ALTERNATIVE_NAMES; do
|
||||
domains="$domains -d $san"
|
||||
done
|
||||
key="$(sed 's/$/\\n/' $LETSENCRYPT_DIR/etc/live/$DOMAIN_NAME/privkey.pem | tr -d '\n')"
|
||||
fullchain="$(sed 's/$/\\n/' $LETSENCRYPT_DIR/etc/live/$DOMAIN_NAME/fullchain.pem | tr -d '\n')"
|
||||
service_ports="$(printf "%s" "$SERVICE_PORTS" | tr ',' ' ' | xargs)"
|
||||
|
||||
case "$args" in
|
||||
"--renew")
|
||||
printf "Running Certbot (for renewal) before deploying certificate..\n\n"
|
||||
#certbot certonly --non-interactive --agree-tos -m webmaster@"$DOMAIN_NAME" --work-dir "$LETSENCRYPT_DIR"/lib --logs-dir "$LETSENCRYPT_DIR"/log --config-dir "$LETSENCRYPT_DIR"/etc --dns-route53 --preferred-challenges dns $domains
|
||||
certbot certonly --non-interactive --agree-tos -m webmaster@"$DOMAIN_NAME" --work-dir "$LETSENCRYPT_DIR"/lib --logs-dir "$LETSENCRYPT_DIR"/log --config-dir "$LETSENCRYPT_DIR"/etc --dns-route53 --preferred-challenges dns $domains
|
||||
;;
|
||||
*)
|
||||
printf "Deploying existing certificate without running Certbot..\n\n"
|
||||
;;
|
||||
esac
|
||||
|
||||
key="$(sed 's/$/\\n/' $LETSENCRYPT_DIR/etc/live/$DOMAIN_NAME/privkey.pem | tr -d '\n')"
|
||||
fullchain="$(sed 's/$/\\n/' $LETSENCRYPT_DIR/etc/live/$DOMAIN_NAME/fullchain.pem | tr -d '\n')"
|
||||
service_ports="$(printf "%s" "$SERVICE_PORTS" | tr ',' ' ' | xargs)"
|
||||
|
||||
lb_id=$($curl -s -H "Authorization: Bearer $API_TOKEN" "https://api.hetzner.cloud/v1/load_balancers?label_selector=service==$SERVICE%2Cenvironment==$ENVIRONMENT" | $jq '.load_balancers[0].id')
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,6 @@
|
|||
SERVICE_PORTS = "443,8443,9443"; # guidelines, kibana, vault
|
||||
};
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = "/opt/certbot.sh";
|
||||
script = "/opt/certbot.sh --renew";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue