Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2025-08-19 03:27:51 -04:00
Code Issues Projects Releases Packages Wiki Activity

use more complete rsync command for dnsdist certificates

Browse source
This commit is contained in:
Daniel Micay 2025-07-22 14:30:41 -04:00
parent 6b42334598
commit 86e765944f
3 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
certbot/0.ns1.grapheneos.org
View file

@ -1,6 +1,6 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --required-profile tlsserver \ --key-type ecdsa --reuse-key --required-profile tlsserver \
--deploy-hook "nginx -s reload; rsync -rpLvc --delete --chmod=D750,F640 --chown root:dnsdist /etc/letsencrypt/live/ /etc/letsencrypt/dnsdist/; dnsdist -c -e 'reloadAllCertificates()'" \ --deploy-hook "nginx -s reload; rsync -acv --delete --chmod=D750,F640 --chown root:dnsdist /etc/letsencrypt/live/ /etc/letsencrypt/dnsdist/; dnsdist -c -e 'reloadAllCertificates()'" \
--cert-name ns1.grapheneos.org \ --cert-name ns1.grapheneos.org \
-d ns1.grapheneos.org \ -d ns1.grapheneos.org \
-d ns1.attestation.app \ -d ns1.attestation.app \

2
certbot/0.ns2.grapheneos.org
View file

@ -1,6 +1,6 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --required-profile tlsserver \ --key-type ecdsa --reuse-key --required-profile tlsserver \
--deploy-hook "nginx -s reload; rsync -rpLvc --delete --chmod=D750,F640 --chown root:dnsdist /etc/letsencrypt/live/ /etc/letsencrypt/dnsdist/; dnsdist -c -e 'reloadAllCertificates()'" \ --deploy-hook "nginx -s reload; rsync -acv --delete --chmod=D750,F640 --chown root:dnsdist /etc/letsencrypt/live/ /etc/letsencrypt/dnsdist/; dnsdist -c -e 'reloadAllCertificates()'" \
--cert-name ns2.grapheneos.org \ --cert-name ns2.grapheneos.org \
-d ns2.grapheneos.org \ -d ns2.grapheneos.org \
-d ns2.attestation.app \ -d ns2.attestation.app \

2
certbot/ns1.staging.grapheneos.org
View file

@ -1,6 +1,6 @@
certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \ certbot certonly --webroot --webroot-path /srv/certbot --no-eff-email \
--key-type ecdsa --reuse-key --required-profile tlsserver \ --key-type ecdsa --reuse-key --required-profile tlsserver \
--deploy-hook "nginx -s reload; rsync -rLvc --delete --chmod=D750,F640 --chown root:dnsdist /etc/letsencrypt/live/ /etc/letsencrypt/dnsdist/; dnsdist -c -e 'reloadAllCertificates()'" \ --deploy-hook "nginx -s reload; rsync -acv --delete --chmod=D750,F640 --chown root:dnsdist /etc/letsencrypt/live/ /etc/letsencrypt/dnsdist/; dnsdist -c -e 'reloadAllCertificates()'" \
--cert-name ns1.staging.grapheneos.org \ --cert-name ns1.staging.grapheneos.org \
-d ns1.staging.grapheneos.org \ -d ns1.staging.grapheneos.org \
-d ns2.staging.grapheneos.org \ -d ns2.staging.grapheneos.org \