mirror of
https://codeberg.org/fediverse/fediparty.git
synced 2024-11-29 03:31:27 +00:00
Fix automatic cert generator
This commit is contained in:
parent
5e5f45d951
commit
5708c1dbf9
|
@ -9,12 +9,12 @@ git commit -m "GitLab runner - Added certbot challenge file for certificate rene
|
|||
git push https://$GITLAB_USER_LOGIN:$CERTBOT_RENEWAL_GIT_TOKEN@gitlab.com/fediverse/fediverse.gitlab.io.git HEAD:master
|
||||
|
||||
interval_sec=15
|
||||
max_tries=10 # ~3 minutes
|
||||
max_tries=80 # ~20 minutes
|
||||
n_tries=0
|
||||
while [ $n_tries -le $max_tries ]
|
||||
do
|
||||
status_code=$(curl -L --write-out "%{http_code}\n" --silent --output /dev/null https://fediverse.party/.well-known/acme-challenge/$CERTBOT_TOKEN)
|
||||
if [[ $status_code -eq 200 ]]; then
|
||||
if [ $status_code -eq 200 ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
|
|
@ -10,10 +10,9 @@ days_diff=$((($end_epoch - $current_epoch) / 60 / 60 / 24))
|
|||
if [ $days_diff -lt $renew_days_threshold ]; then
|
||||
ls
|
||||
echo "Certificate is $days_diff days old, renewing now."
|
||||
certbot certonly --manual --debug --preferred-challenges=http -m $GITLAB_USER_EMAIL --agree-tos --manual-auth-hook letsencrypt_authenticator.sh --manual-cleanup-hook letsencrypt_cleanup.sh --manual-public-ip-logging-ok -d fediverse.party -d www.fediverse.party
|
||||
certbot certonly --manual --debug --preferred-challenges=http -m $GITLAB_USER_EMAIL --agree-tos --manual-auth-hook letsencrypt_authenticator.sh --manual-cleanup-hook letsencrypt_cleanup.sh --manual-public-ip-logging-ok -d fediverse.party
|
||||
echo "Certbot finished. Updating GitLab Pages domains."
|
||||
curl --request PUT --header "PRIVATE-TOKEN: $CERTBOT_RENEWAL_GIT_TOKEN" --form "certificate=@/etc/letsencrypt/live/fediverse.party/fullchain.pem" --form "key=@/etc/letsencrypt/live/fediverse.party/privkey.pem" https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pages/domains/fediverse.party
|
||||
curl --request PUT --header "PRIVATE-TOKEN: $CERTBOT_RENEWAL_GIT_TOKEN" --form "certificate=@/etc/letsencrypt/live/fediverse.party/fullchain.pem" --form "key=@/etc/letsencrypt/live/fediverse.party/privkey.pem" https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pages/domains/www.fediverse.party
|
||||
else
|
||||
echo "Certificate still valid for $days_diff days, no renewal required."
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue