fix: remove lock after synchronization
This commit is contained in:
parent
fb40860f31
commit
d39cd11605
1 changed files with 16 additions and 18 deletions
34
certbotd.sh
34
certbotd.sh
|
@ -11,26 +11,24 @@ updated=/tmp/certbot.updated
|
||||||
ensure() {
|
ensure() {
|
||||||
test -n "$1" && echo "ok - $1 received, exiting gracefully..." >&2
|
test -n "$1" && echo "ok - $1 received, exiting gracefully..." >&2
|
||||||
|
|
||||||
|
if test -f "${updated}" ; then
|
||||||
|
rm -f "${updated}"
|
||||||
|
|
||||||
|
# Fix permissions, users in group ssl have read access
|
||||||
|
find /etc/letsencrypt -type d | xargs -r chmod 2750
|
||||||
|
find /etc/letsencrypt -type f | xargs -r chmod 640
|
||||||
|
chgrp -R ssl /etc/letsencrypt
|
||||||
|
|
||||||
|
if ! ${SINGLE_NODE:-false}; then
|
||||||
|
for NODE in ${NODES}; do
|
||||||
|
rsync -avHAXL --delete-after /etc/letsencrypt/live/ ${NODE}/ || continue
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Remove the lock after synchronization
|
||||||
rm -f "${lock}"
|
rm -f "${lock}"
|
||||||
|
|
||||||
test -f "${updated}" || exit 0
|
|
||||||
|
|
||||||
rm -f "${updated}"
|
|
||||||
|
|
||||||
# Fix permissions, users in group ssl have read access
|
|
||||||
find /etc/letsencrypt -type d | xargs -r chmod 2750
|
|
||||||
find /etc/letsencrypt -type f | xargs -r chmod 640
|
|
||||||
chgrp -R ssl /etc/letsencrypt
|
|
||||||
|
|
||||||
${SINGLE_NODE:-false} && exit 0
|
|
||||||
|
|
||||||
# Push certificates to nodes, we use SSH as a secure transport
|
|
||||||
# but this means we're synchronizing from container to host which is
|
|
||||||
# awkward. A restricted rsync treats / as the remote location for the
|
|
||||||
# certificates.
|
|
||||||
for NODE in ${NODES}; do
|
|
||||||
rsync -avHAXL --delete-after /etc/letsencrypt/live/ ${NODE}/ || continue
|
|
||||||
done
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for SIG in TERM QUIT INT HUP; do
|
for SIG in TERM QUIT INT HUP; do
|
||||||
|
|
Loading…
Reference in a new issue