forked from evolix/ansible-roles
certbot: auto-detect HAPEE version in renewal hook
This commit is contained in:
parent
6cc3e03864
commit
22f30b59f2
|
@ -24,6 +24,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
|
* certbot: auto-detect HAPEE version in renewal hook
|
||||||
* evocheck: install script according to Debian version
|
* evocheck: install script according to Debian version
|
||||||
* evolinux-base: utils.yml can be excluded
|
* evolinux-base: utils.yml can be excluded
|
||||||
* evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)
|
* evolinux-todo: execute tasks only for Debian distribution (because this task is a dependency for others roles used on different distributions)
|
||||||
|
|
|
@ -10,7 +10,17 @@ debug() {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
daemon_found_and_running() {
|
daemon_found_and_running() {
|
||||||
test -n "$(pidof hapee-lb)" && test -n "${hapee_bin}"
|
readonly hapee_main_pid=$(ps -u root u | grep hapee-lb | grep -v grep | awk '{print $2}')
|
||||||
|
if [ -n "${hapee_main_pid}" ] && [ -d "/proc/${hapee_main_pid}" ] ; then
|
||||||
|
readonly hapee_bin=$(readlink "/proc/${hapee_main_pid}/exe")
|
||||||
|
readonly hapee_config_file=$(cat "/proc/${hapee_main_pid}/cmdline" | tr "\0" " " | grep --only-matching --extended-regexp -- "-f \S+" | awk '{print $2}')
|
||||||
|
readonly hapee_pid_file=$(cat "/proc/${hapee_main_pid}/cmdline" | tr "\0" " " | grep --only-matching --extended-regexp -- "-p \S+" | awk '{print $2}')
|
||||||
|
readonly hapee_service_name="$(basename -s .pid "${hapee_pid_file}").service"
|
||||||
|
|
||||||
|
kill -0 "${hapee_main_pid}" && test -n "${hapee_bin}" && test -f "${hapee_config_file}" && systemctl -q is-active "${hapee_service_name}"
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
found_renewed_lineage() {
|
found_renewed_lineage() {
|
||||||
test -f "${RENEWED_LINEAGE}/fullchain.pem" && test -f "${RENEWED_LINEAGE}/privkey.pem"
|
test -f "${RENEWED_LINEAGE}/fullchain.pem" && test -f "${RENEWED_LINEAGE}/privkey.pem"
|
||||||
|
@ -40,12 +50,6 @@ detect_hapee_cert_dir() {
|
||||||
if [ -n "${config_cert_dir}" ]; then
|
if [ -n "${config_cert_dir}" ]; then
|
||||||
debug "Cert directory is configured with ${config_cert_dir}"
|
debug "Cert directory is configured with ${config_cert_dir}"
|
||||||
echo "${config_cert_dir}"
|
echo "${config_cert_dir}"
|
||||||
elif [ -d "/etc/haproxy/ssl" ]; then
|
|
||||||
debug "No configured cert directory found, but /etc/haproxy/ssl exists"
|
|
||||||
echo "/etc/haproxy/ssl"
|
|
||||||
elif [ -d "/etc/ssl/haproxy" ]; then
|
|
||||||
debug "No configured cert directory found, but /etc/ssl/haproxy exists"
|
|
||||||
echo "/etc/ssl/haproxy"
|
|
||||||
else
|
else
|
||||||
error "Cert directory not found."
|
error "Cert directory not found."
|
||||||
fi
|
fi
|
||||||
|
@ -56,7 +60,6 @@ main() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if daemon_found_and_running; then
|
if daemon_found_and_running; then
|
||||||
readonly hapee_config_file="/etc/hapee-2.4/hapee-lb.cfg"
|
|
||||||
readonly hapee_cert_dir=$(detect_hapee_cert_dir)
|
readonly hapee_cert_dir=$(detect_hapee_cert_dir)
|
||||||
|
|
||||||
if found_renewed_lineage; then
|
if found_renewed_lineage; then
|
||||||
|
@ -72,7 +75,7 @@ main() {
|
||||||
|
|
||||||
if config_check; then
|
if config_check; then
|
||||||
debug "HAPEE detected... reloading"
|
debug "HAPEE detected... reloading"
|
||||||
systemctl reload hapee-2.4-lb.service
|
systemctl reload "${hapee_service_name}"
|
||||||
else
|
else
|
||||||
error "HAPEE config is broken, you must fix it !"
|
error "HAPEE config is broken, you must fix it !"
|
||||||
fi
|
fi
|
||||||
|
@ -88,6 +91,4 @@ readonly PROGNAME=$(basename "$0")
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
readonly QUIET=${QUIET:-"0"}
|
readonly QUIET=${QUIET:-"0"}
|
||||||
|
|
||||||
readonly hapee_bin="/opt/hapee-2.4/sbin/hapee-lb"
|
|
||||||
|
|
||||||
main
|
main
|
||||||
|
|
Loading…
Reference in a new issue