diff options
| author | terminaldweller <thabogre@gmail.com> | 2021-02-19 08:02:22 +0000 |
|---|---|---|
| committer | terminaldweller <thabogre@gmail.com> | 2021-02-19 08:02:22 +0000 |
| commit | 28ed4f737330a1ec42b5493a24faa9fd13eefe91 (patch) | |
| tree | d4b974facc20e84c1f8e06423aed0012b36649e1 /matrix-server/certbot/scripts | |
| parent | matrix server update...almost working...WIP (diff) | |
| download | dockerimages-28ed4f737330a1ec42b5493a24faa9fd13eefe91.tar.gz dockerimages-28ed4f737330a1ec42b5493a24faa9fd13eefe91.zip | |
update, debugging the haproxy config
Diffstat (limited to 'matrix-server/certbot/scripts')
4 files changed, 8 insertions, 17 deletions
diff --git a/matrix-server/certbot/scripts/concatenate-certificates.sh b/matrix-server/certbot/scripts/concatenate-certificates.sh index 242f5e5..29e75ea 100644 --- a/matrix-server/certbot/scripts/concatenate-certificates.sh +++ b/matrix-server/certbot/scripts/concatenate-certificates.sh @@ -2,6 +2,5 @@ echo "running concat certs..." if [ -f /etc/letsencrypt/live/terminaldweller.com/fullchain.pem -a -f /etc/letsencrypt/live/terminaldweller.com/privkey.pem ]; then - echo "when you're out, we're in...''" cat /etc/letsencrypt/live/terminaldweller.com/fullchain.pem /etc/letsencrypt/live/terminaldweller.com/privkey.pem > /etc/certificates/terminaldweller.com.pem fi diff --git a/matrix-server/certbot/scripts/create-certificates.sh b/matrix-server/certbot/scripts/create-certificates.sh index 1bc1094..804e542 100644 --- a/matrix-server/certbot/scripts/create-certificates.sh +++ b/matrix-server/certbot/scripts/create-certificates.sh @@ -2,9 +2,14 @@ echo "running create certs..." # Request certificates certbot certonly --standalone \ - --non-interactive --agree-tos --email thabogre@gmail.com --http-01-port=380 \ + --non-interactive \ + --agree-tos \ + --email thabogre@gmail.com \ + --http-01-port=380 \ --cert-name terminaldweller.com \ - -d terminaldweller.com + -d terminaldweller.com,mail.terminaldweller.com,www.terminaldweller.com,matrix.terminaldweller.com,element.terminaldweller.com,blog.terminaldweller.com \ + --dry-run + # --server https://acme-v02.api.letsencrypt.org/directory \ # Concatenate certificates . /etc/scripts/concatenate-certificates.sh # Update certificates in HAProxy diff --git a/matrix-server/certbot/scripts/renew-certificates.sh b/matrix-server/certbot/scripts/renew-certificates.sh index ff56115..032486a 100644 --- a/matrix-server/certbot/scripts/renew-certificates.sh +++ b/matrix-server/certbot/scripts/renew-certificates.sh @@ -1,19 +1,10 @@ #!/bin/sh echo "running renew certs..." -# Certificates exist if [ -d /etc/letsencrypt/live/terminaldweller.com ]; then - # Check certificates and renew them certbot renew --http-01-port=380 - - # Concatenate certificates . /etc/scripts/concatenate-certificates.sh - - # Update certificates in HAProxy . /etc/scripts/update-haproxy-certificates.sh - -# Certificates don't exist else - # Execute certificate creation script . /etc/scripts/create-certificates.sh fi diff --git a/matrix-server/certbot/scripts/update-haproxy-certificates.sh b/matrix-server/certbot/scripts/update-haproxy-certificates.sh index 9eaae7c..4fad7df 100644 --- a/matrix-server/certbot/scripts/update-haproxy-certificates.sh +++ b/matrix-server/certbot/scripts/update-haproxy-certificates.sh @@ -1,11 +1,7 @@ #!/bin/sh echo "running update certs..." -# Start transaction -echo -e "set ssl cert /etc/letsencrypt/live/terminaldweller.com/fullchain.pem <<\n$(cat /etc/certificates/terminaldweller.com.pem)\n" | socat tcp-connect:haproxy:9999 - -# Commit transaction +echo -e "set ssl cert /etc/letsencrypt/live/terminaldweller.com/fullchain.pem <<\n$(cat /etc/certificates/terminaldweller.com.pem)\n" | socat tcp-connect:haproxy:9999 - echo "commit ssl cert /etc/letsencrypt/live/terminaldweller.com/fullchain.pem" | socat tcp-connect:haproxy:9999 - - -# Show certification info (not essential) echo "show ssl cert /etc/letsencrypt/live/terminaldweller.com/fullchain.pem" | socat tcp-connect:haproxy:9999 - |