diff options
| author | Jesse Luehrs <doy@tozt.net> | 2018-11-13 00:19:06 -0500 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2018-11-13 00:19:06 -0500 |
| commit | bf33ac997636c4b6c199cfff1e171ffaff437c91 (patch) | |
| tree | 2f3d94f0ad3fddde69fec83c4d65356d60dea479 /modules/certbot/files | |
| parent | b5fe67cdda8f05ffe814a923b1a69f7169b9db5c (diff) | |
| download | puppet-tozt-bf33ac997636c4b6c199cfff1e171ffaff437c91.tar.gz puppet-tozt-bf33ac997636c4b6c199cfff1e171ffaff437c91.zip | |
actually, let's make this shared again
Diffstat (limited to 'modules/certbot/files')
| -rwxr-xr-x | modules/certbot/files/bootstrap-certbot | 76 | ||||
| -rw-r--r-- | modules/certbot/files/reload-cert | 5 |
2 files changed, 81 insertions, 0 deletions
diff --git a/modules/certbot/files/bootstrap-certbot b/modules/certbot/files/bootstrap-certbot new file mode 100755 index 0000000..5a563b2 --- /dev/null +++ b/modules/certbot/files/bootstrap-certbot @@ -0,0 +1,76 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +config_dir="$1" +if systemctl is-active -q nginx; then + is_running=1 +else + is_running= +fi + +cleanup() { + if [ -z "$is_running" ]; then + systemctl stop nginx + fi + + if [ -e /etc/nginx/nginx.conf.backup ]; then + mv /etc/nginx/nginx.conf.backup /etc/nginx.conf + fi +} +trap cleanup EXIT + +mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup +cat > /etc/nginx/nginx.conf <<EOF +worker_processes 1; +events { + worker_connections 1024; +} +http { + server { + listen 80 default; + server_name tozt.net; + location / { + root /tmp; + } + } + server { + listen 80; + server_name blog.tozt.net; + location / { + root /tmp; + } + } + server { + listen 80; + server_name paste.tozt.net; + location / { + root /tmp; + } + } + server { + listen 80; + server_name git.tozt.net; + location / { + root /tmp; + } + } + server { + listen 80; + server_name rss.tozt.net; + location / { + root /tmp; + } + } +} +EOF + +if [ -z "$is_running" ]; then + systemctl start nginx +fi + +if [ -z "$config_dir" ]; then + /usr/bin/certbot -n --agree-tos -m doy@tozt.net --nginx -d tozt.net -d blog.tozt.net -d paste.tozt.net -d git.tozt.net -d rss.tozt.net +else + /usr/bin/certbot -n --agree-tos -m doy@tozt.net --nginx -d tozt.net -d blog.tozt.net -d paste.tozt.net -d git.tozt.net -d rss.tozt.net --config-dir "$config_dir" +fi diff --git a/modules/certbot/files/reload-cert b/modules/certbot/files/reload-cert new file mode 100644 index 0000000..9ca23e5 --- /dev/null +++ b/modules/certbot/files/reload-cert @@ -0,0 +1,5 @@ +#!/usr/bin/env bash +set -eu +set -o pipefail + +systemctl restart nginx |