Add cron for renewal of letsencrypt certs

This commit is contained in:
Shuai Lin 2016-11-16 15:41:08 +08:00
parent ec8d6e638d
commit acad1bd947
3 changed files with 31 additions and 5 deletions

View file

@ -13,6 +13,7 @@ from os.path import abspath, basename, exists, dirname, join, isdir
import shutil
import sys
import uuid
import time
from utils import call, get_conf, get_install_dir, get_script, render_template, get_seafile_version
@ -44,7 +45,21 @@ def init_letsencrypt():
'https': True,
'domain': domain,
}
render_template('/templates/seafile.nginx.conf.template', join(generated_dir, 'seafile.nginx.conf'), context)
render_template(
'/templates/seafile.nginx.conf.template',
join(generated_dir, 'seafile.nginx.conf'),
context
)
context = {
'ssl_dir': ssl_dir,
'domain': domain,
}
render_template(
'/templates/letsencrypt.cron.template',
join(generated_dir, 'letsencrypt.cron'),
context
)
def is_https():
return get_conf('server.https', '').lower() == 'true'
@ -89,6 +104,13 @@ def main():
if is_https():
init_letsencrypt()
init_seafile_server()
def init_seafile_server():
if exists(join(shared_seafiledir, 'seafile-data')):
print 'Skipping running setup-seafile-mysql.py because there is existing seafile-data folder.'
return
env = {
'SERVER_NAME': 'seafile',
'SERVER_IP': get_conf('server.hostname'),

View file

@ -6,13 +6,14 @@ ADD scripts /scripts
ADD bootstrap /bootstrap
# This can be removed for seafile server 6.0.6 and later
{%- if seafile_version <= '6.0.6' %}
ADD scripts/tmp/check_init_admin.py /opt/seafile/seafile-server-{{ seafile_version }}/check_init_admin.py
{%- endif %}
ADD bootstrap/generated/seafile.nginx.conf /etc/nginx/sites-enabled/seafile.nginx.conf
{% if https -%}
# TODO: add a cron job to renew letsencrypt
{% endif -%}
{%- if https %}
ADD bootstrap/generated/letsencrypt.cron /etc/cron.d/letsencrypt.cron
{%- endif %}
CMD ["/sbin/my_init", "--", "/scripts/start.py"]

View file

@ -0,0 +1,3 @@
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
# m h dom mon dow command
0 0 1 * * root /scripts/ssl.sh {{ ssl_dir }} {{ domain }}