|
|
|
|
@ -7,7 +7,7 @@ cd "$DIRNAME"
|
|
|
|
|
source ../env.production
|
|
|
|
|
source ./env.production
|
|
|
|
|
|
|
|
|
|
domain_args="-d $DOMAIN_NAME,$KEYCLOAK_HOSTNAME,$HEDGEDOC_HOSTNAME,$MASTODON_HOSTNAME,$NEXTCLOUD_HOSTNAME,$MATRIX_HOSTNAME,$GITEA_HOSTNAME,$MOBILIZON_HOSTNAME,$LIBIB_HOSTNAME,$BOOKSTACK_HOSTNAME"
|
|
|
|
|
domain_args="-d $DOMAIN_NAME,$KEYCLOAK_HOSTNAME,$HEDGEDOC_HOSTNAME,$MASTODON_HOSTNAME,$NEXTCLOUD_HOSTNAME,$MATRIX_HOSTNAME,$GITEA_HOSTNAME,$MOBILIZON_HOSTNAME,$BOOKSTACK_HOSTNAME"
|
|
|
|
|
rsa_key_size=2048
|
|
|
|
|
|
|
|
|
|
set -x
|
|
|
|
|
@ -19,6 +19,10 @@ if [ ! -d "../data/certbot/conf/accounts" ]; then
|
|
|
|
|
rm -rf ../data/certbot/conf/live
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# try to work around https://git.woodbine.nyc/cel/hackerspace-zone-mirror/issues/12
|
|
|
|
|
mkdir -p ../data/certbot/conf/archive/old
|
|
|
|
|
mv ../data/certbot/conf/archive/* old
|
|
|
|
|
|
|
|
|
|
docker-compose run --rm certbot \
|
|
|
|
|
certonly \
|
|
|
|
|
--webroot \
|
|
|
|
|
@ -31,4 +35,10 @@ docker-compose run --rm certbot \
|
|
|
|
|
$domain_args \
|
|
|
|
|
|| die "unable to renew!"
|
|
|
|
|
|
|
|
|
|
latest_folder=$(ls -t ../data/certbot/conf/archive/ | head -n1)
|
|
|
|
|
creds=../data/certbot/conf/archive/${latest_folder}
|
|
|
|
|
live=../data/certbot/conf/live/woodbine.nyc
|
|
|
|
|
ln -frs ${creds}/fullchain1.pem ${live}/fullchain.pem
|
|
|
|
|
ln -frs ${creds}/privkey1.pem ${live}/privkey.pem
|
|
|
|
|
|
|
|
|
|
docker-compose exec nginx nginx -s reload
|
|
|
|
|
|
micro
2 years ago