Infra-Mirrors/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2025-02-18 13:24:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

overwrite renewal hook, add notice about it, increase verbosity

Browse Source
This commit is contained in:
aptalca 2024-09-10 12:25:06 -04:00
parent ed0c949267
commit 0c3bc63349
No known key found for this signature in database
GPG Key ID: BE36CFFB9FD85548
5 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
root/app/le-renew.sh Normal file → Executable file
View File

2
root/defaults/etc/letsencrypt/renewal-hooks/deploy/10-default Normal file → Executable file
View File

@ -1,7 +1,9 @@
#!/usr/bin/with-contenv bash
# shellcheck shell=bash
# Notice: This file will be overwritten when updated by lsio. Add your custom scripts into a new file in this folder.
cd /config/keys/letsencrypt || exit 1
echo "**** Generating pfx and fullchain bundle certs ****"
openssl pkcs12 -export -out privkey.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -passout pass:
sleep 1
cat {privkey,fullchain}.pem >priv-fullchain-bundle.pem

3
root/defaults/etc/letsencrypt/renewal-hooks/post/10-nginx Normal file → Executable file
View File

@ -1,15 +1,18 @@
#!/usr/bin/with-contenv bash
# shellcheck shell=bash
# Notice: This file will be overwritten when updated by lsio. Add your custom scripts into a new file in this folder.
# shellcheck source=/dev/null
. /config/.donoteditthisfile.conf
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
if pgrep -f "s6-supervise svc-nginx" >/dev/null; then
echo "**** Starting Nginx ****"
s6-svc -u /run/service/svc-nginx
fi
else
if pgrep -f "nginx:" >/dev/null; then
echo "**** Reloading Nginx to load the new cert ****"
s6-svc -h /run/service/svc-nginx
fi
fi

2
root/defaults/etc/letsencrypt/renewal-hooks/pre/10-nginx Normal file → Executable file
View File

@ -1,11 +1,13 @@
#!/usr/bin/with-contenv bash
# shellcheck shell=bash
# Notice: This file will be overwritten when updated by lsio. Add your custom scripts into a new file in this folder.
# shellcheck source=/dev/null
. /config/.donoteditthisfile.conf
if [[ ! "${ORIGVALIDATION}" = "dns" ]] && [[ ! "${ORIGVALIDATION}" = "duckdns" ]]; then
if pgrep -f "nginx:" >/dev/null; then
echo "**** Stopping Nginx in preparation of cert generation/renewal ****"
s6-svc -d /run/service/svc-nginx
fi
fi

7
root/etc/s6-overlay/s6-rc.d/init-certbot-config/run
View File

@ -68,14 +68,9 @@ lsiown -R abc:abc /config/dns-conf
# copy default renewal hooks
chmod -R +x /defaults/etc/letsencrypt/renewal-hooks
cp -nR /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/ 2> >(grep -v 'cp: not replacing')
cp -Rf /defaults/etc/letsencrypt/renewal-hooks/* /config/etc/letsencrypt/renewal-hooks/ 2> >(grep -v 'cp: not replacing')
lsiown -R abc:abc /config/etc/letsencrypt/renewal-hooks
# replace nginx service location in renewal hooks
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/run/service/nginx|/run/service/svc-nginx|g' {} \;
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|/var/run/s6/services/nginx|/run/service/svc-nginx|g' {} \;
find /config/etc/letsencrypt/renewal-hooks/ -type f -exec sed -i 's|s6-supervise nginx|s6-supervise svc-nginx|g' {} \;
# create original config file if it doesn't exist, move non-hidden legacy file to hidden
if [[ -f "/config/donoteditthisfile.conf" ]]; then
mv /config/donoteditthisfile.conf /config/.donoteditthisfile.conf