xai-corp.net/provisioning
1
0
Fork 0
Code Issues 9 Releases Activity
Files
b4f90e080fb5642c67391f09d12cd3a1e4c1221e
provisioning/dockerfiles/services/sslproxy/cli/certbot/renew

110 lines
2.0 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
set -e
LETSENCRYPT_IMAGE=dkregistry.xai-corp.net:5000/xaicorp/acme-certbot
LETSENCRYPT_MOUNT=/opt/shared/letsencrypt-2-staging
CERT_NAME=xai-corp.net
LOG=$(mktemp)
###
run() {
if [ "$ENVIRONMENT" == 'prod' ]; then
LETSENCRYPT_MOUNT=/opt/shared/letsencrypt-2
fi
update
}
update() {
export DOCKER_HOST=${DOCKER_HOST:-'dkhost:2376'}
export LETSENCRYPT_MOUNT
export LETSENCRYPT_IMAGE
export CERT_NAME
# shellcheck disable=SC2086
docker-compose \
-f docker-compose.tools.yml \
run --rm --name sslproxy_renew \
renew ${OPTIONS}
}
test_new_certs() {
echo | openssl s_client -showcerts -servername gnupg.org -connect git.xai-corp.net:443 2>/dev/null \
| openssl x509 -inform pem -noout -text \
| grep 'Timestamp :'
}
restart_nginx() {
export DOCKER_HOST=${DOCKER_HOST:-'dkhost:2376'}
echo restarting nginx
containers=$(docker ps -q --filter "status=running" --filter "name=sslproxy_app")
for c in $containers; do
docker exec -it $c nginx -s reload
done
}
function trap_exit() {
code=$?
if [ $code -gt 0 ]; then
echo
rm "$LOG"
echo -e "\033[31mFailed updating production certs \033[39m"
exit $code
fi
rm "$LOG"
echo -e "\033[32mSuccess:\033[39m ssl certs have been updated"
}
trap trap_exit EXIT
print_usage() {
printf "Usage: %s: [-b] [-t] [-s] \n" "$0"
echo -r rollback
echo -t smoke tests
echo -s tag as latest
echo -h help
exit 0
}
######
ENVIRONMENT=dev
OPTIONS="--cert-name ${CERT_NAME}"
TEST_CERT=true
while getopts tnpde: name
do
case $name in
d)
OPTIONS="$OPTIONS --dry-run"
;;
p)
TEST_CERT=false
ENVIRONMENT=prod
;;
t)
test_new_certs
exit 0
;;
n)
restart_nginx
exit 0
;;
:)
echo "Invalid option: $OPTARG requires an argument" 1>&2
;;
*) print_usage;;
esac
done
if [ "$TEST_CERT" == "true" ]; then
OPTIONS="$OPTIONS --test-cert"
fi
# shellcheck disable=SC2068
run $@
restart_nginx
test_new_certs
Reference in New Issue View Git Blame Copy Permalink