Compare commits
No commits in common. "ea05dd03e98968f043786857c6e746203be66257" and "5fbfb3907598e0ce9fe7351e3868e289397aa0d4" have entirely different histories.
ea05dd03e9
...
5fbfb39075
3 changed files with 22 additions and 18 deletions
|
|
@ -1,21 +1,21 @@
|
|||
pipeline:
|
||||
publish:
|
||||
image: "docker.io/woodpeckerci/plugin-docker-buildx"
|
||||
image: "plugins/docker"
|
||||
settings:
|
||||
registry: "https://gitea.nulo.in"
|
||||
registry: "registry.nulo.in"
|
||||
username: "sutty"
|
||||
repo: "gitea.nulo.in/sutty/certbot"
|
||||
repo: "registry.nulo.in/sutty/certbot"
|
||||
tags:
|
||||
- "${ALPINE_VERSION}"
|
||||
- "latest"
|
||||
build_args:
|
||||
- "ALPINE_VERSION=${ALPINE_VERSION}"
|
||||
- "BASE_IMAGE=gitea.nulo.in/sutty/monit"
|
||||
- "BASE_IMAGE=registry.nulo.in/sutty/monit"
|
||||
secrets:
|
||||
- "DOCKER_PASSWORD"
|
||||
- "docker_password"
|
||||
when:
|
||||
branch: "antifascista"
|
||||
event: "push"
|
||||
matrix:
|
||||
ALPINE_VERSION:
|
||||
- "3.17.3"
|
||||
- "3.17.1"
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ MAINTAINER "f <f@sutty.nl>"
|
|||
|
||||
RUN addgroup -S -g 777 ssl
|
||||
RUN install -dm 2700 -o root -g root /root/.ssh
|
||||
RUN apk add --no-cache certbot jq wget openssh-client rsync certbot-dns-njalla
|
||||
RUN apk add --no-cache certbot jq wget openssh-client rsync
|
||||
|
||||
COPY ./monit.conf /etc/monit.d/certbot.conf
|
||||
COPY ./certbotd.sh /usr/local/bin/certbotd
|
||||
|
|
|
|||
26
certbotd.sh
26
certbotd.sh
|
|
@ -42,22 +42,26 @@ set -e
|
|||
case $1 in
|
||||
# Renew certificates, trust in certbot's algorithms
|
||||
renew)
|
||||
/usr/bin/certbot renew --quiet --agree-tos || true
|
||||
/usr/bin/certbot renew --quiet --agree-tos
|
||||
touch "${updated}"
|
||||
;;
|
||||
bootstrap)
|
||||
test -d "/etc/letsencrypt/live/${SUTTY}" && exit 0
|
||||
for site in ${SUTTY} api.${SUTTY}; do
|
||||
test -d "/etc/letsencrypt/live/${site}" && exit 0
|
||||
|
||||
# Get a single certificate for the whole domain
|
||||
/usr/bin/certbot \
|
||||
-a dns-njalla \
|
||||
--dns-njalla-credentials /etc/letsencrypt/njalla.ini \
|
||||
--email "certbot@${SUTTY}" \
|
||||
--agree-tos \
|
||||
-d "${SUTTY}" \
|
||||
-d "*.${SUTTY}"
|
||||
# Get the certificate for the domain, the webserver will need
|
||||
# access to this directory
|
||||
/usr/bin/certbot certonly --email "certbot@${SUTTY}" \
|
||||
--webroot \
|
||||
--agree-tos \
|
||||
--webroot-path /var/lib/letsencrypt \
|
||||
-d "${site}"
|
||||
|
||||
touch "${updated}"
|
||||
cd /etc/letsencrypt/live
|
||||
ln -s ${SUTTY} default
|
||||
|
||||
touch "${updated}"
|
||||
done
|
||||
|
||||
;;
|
||||
prune)
|
||||
|
|
|
|||
Loading…
Reference in a new issue