status404
a283109207
All checks were successful
Build docker image and push to registry.bitdeals.org / main-build-job (push) Successful in 2m20s
43 lines
1012 B
Bash
43 lines
1012 B
Bash
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
# Wait for haproxy container
|
|
while ! nc -z haproxy 9999 2>/dev/null; do
|
|
echo "Waiting for haproxy:9999..."
|
|
sleep 7
|
|
done
|
|
|
|
if [ ! -f /etc/certificates/site.pem ]; then
|
|
# Generate self-signed certificate
|
|
openssl genrsa -out site.key 2048
|
|
openssl req -new -key site.key -out site.csr -batch
|
|
openssl x509 -req -days 365 -in site.csr -signkey site.key -out site.crt
|
|
cat site.key site.crt >> /etc/certificates/site.pem
|
|
fi
|
|
|
|
# check e-mail for letsencrypt notifications
|
|
if [ -n "$CERTBOT_EMAIL" ]; then
|
|
CERTBOT_OPTS="--email $CERTBOT_EMAIL"
|
|
else
|
|
CERTBOT_OPTS="--register-unsafely-without-email"
|
|
fi
|
|
|
|
if [ -n "$CERTBOT_DOMAIN" ]; then
|
|
|
|
# Request certificate
|
|
certbot certonly --standalone \
|
|
--non-interactive --agree-tos --http-01-port=380 \
|
|
"$CERTBOT_OPTS" \
|
|
--cert-name "$CERTBOT_DOMAIN" \
|
|
-d "$CERTBOT_DOMAIN"
|
|
|
|
# Concatenate certificates
|
|
. $(dirname $0)/2-concatenate-cert.sh
|
|
|
|
fi
|
|
|
|
# Update certificates in HAProxy
|
|
. $(dirname $0)/3-update-haproxy-cert.sh
|
|
|