Compare commits

...

4 commits

Author SHA1 Message Date
f
e3bd62e6bd
fix: exit with the error code
All checks were successful
ci/woodpecker/push/woodpecker/1 Pipeline was successful
ci/woodpecker/push/woodpecker/2 Pipeline was successful
2024-06-14 18:00:13 -03:00
f
d39cd11605
fix: remove lock after synchronization 2024-06-14 18:00:00 -03:00
f
fb40860f31
fix: check for file 2024-06-14 17:18:43 -03:00
f
e428837559
fix: syntax error 2024-06-14 17:18:34 -03:00

View file

@ -11,29 +11,29 @@ updated=/tmp/certbot.updated
ensure() { ensure() {
test -n "$1" && echo "ok - $1 received, exiting gracefully..." >&2 test -n "$1" && echo "ok - $1 received, exiting gracefully..." >&2
if test -f "${updated}" ; then
rm -f "${updated}"
# Fix permissions, users in group ssl have read access
find /etc/letsencrypt -type d | xargs -r chmod 2750
find /etc/letsencrypt -type f | xargs -r chmod 640
chgrp -R ssl /etc/letsencrypt
if ! ${SINGLE_NODE:-false}; then
for NODE in ${NODES}; do
rsync -avHAXL --delete-after /etc/letsencrypt/live/ ${NODE}/ || continue
done
fi
fi
# Remove the lock after synchronization
rm -f "${lock}" rm -f "${lock}"
test -f "${updated}" || exit 0 # Exit with the error code
exit $1
rm -f "${updated}"
# Fix permissions, users in group ssl have read access
find /etc/letsencrypt -type d | xargs -r chmod 2750
find /etc/letsencrypt -type f | xargs -r chmod 640
chgrp -R ssl /etc/letsencrypt
${SINGLE_NODE:-false} && exit 0
# Push certificates to nodes, we use SSH as a secure transport
# but this means we're synchronizing from container to host which is
# awkward. A restricted rsync treats / as the remote location for the
# certificates.
for NODE in ${NODES}; do
rsync -avHAXL --delete-after /etc/letsencrypt/live/ ${NODE}/ || continue
done
} }
for SIG in TERM QUIT INT HUP; do for SIG in 1 2 3 6 9 14 15; do
trap "ensure ${SIG}" ${SIG} trap "ensure ${SIG}" ${SIG}
done done
@ -92,7 +92,7 @@ case $1 in
| jq --raw-output .[] \ | jq --raw-output .[] \
| while read domain; do | while read domain; do
# Skip already existing domains # Skip already existing domains
if test -d "/etc/letsencrypt/renewal/${domain}.conf" if test -f "/etc/letsencrypt/renewal/${domain}.conf"; then
echo "ok - ${domain} already issued" >&2 echo "ok - ${domain} already issued" >&2
continue continue
fi fi
@ -115,4 +115,4 @@ case $1 in
done done
esac esac
ensure ensure 0