Use simp_le client. Use docker-gen to gather data for simp_le

2015-11-21 00:27:45 -05:00 · 2015-11-21 00:27:45 -05:00 · b89af421f6
commit b89af421f6
parent 752687a6a6
4 changed files with 47 additions and 20 deletions
--- a/11
+++ b/11
@ -11,9 +11,16 @@ RUN apt-get update \
 && rm -r /var/lib/apt/lists/*
 # Get Let's Encrypt client source
-RUN git -C /opt clone https://github.com/letsencrypt/letsencrypt
+#RUN git -C /opt clone https://github.com/letsencrypt/letsencrypt
 # Get Let's Encrypt simp_le client source
 RUN git -C /opt clone https://github.com/kuba/simp_le.git
 # Install letsencrypt
-RUN cd /opt/letsencrypt && ./letsencrypt-auto --help
+#RUN cd /opt/letsencrypt && ./letsencrypt-auto --help
 # Install simp_le
 RUN cd /opt/simp_le && ./bootstrap.sh && ./venv.sh
 #&& \
 #RUN /opt/simp_le/venv.sh
 # . venv/bin/activate
 # Testing directory
 RUN mkdir -p /usr/share/nginx/html/.well-known \
--- a/1
+++ b/1
@ -1,3 +1,4 @@
 nginx: nginx
 dockergen: docker-gen -watch -only-exposed -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf
 letsencrypt_dockergen: docker-gen -watch -only-exposed /app/letsencrypt_service_data.tmpl /app/letsencrypt_service_data
 letsencrypt: /app/letsencrypt_service
--- a/43
+++ b/43
@ -1,31 +1,40 @@
 #!/bin/bash
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 echo 'Waiting'
 sleep 10
 # Wait some amount of time
-seconds_to_wait=100;
+seconds_to_wait=10;
 while true; do
-  # for each configuration file,
+  # Load relevant conatiner settings
-  for f in "/etc/letsencrypt/*.ini"; do 
+  source $DIR/letsencrypt_service_data
-    [[ -f "$f" ]] || continue 
+
-    echo "letsencrypt ${f%.ini}"
+  for lec in "${LETSENCRYPT_CONTAINERS[@]}"; do
-    domain="${f%.ini}"
+    host_varname="LETSENCRYPT_""$lec""_HOST"
    # Array variable indirection hack: http://stackoverflow.com/a/25880676/350221
    hosts_array=$host_varname[@]; echo ${!hosts_array}
    email_varname="LETSENCRYPT_""$lec""_EMAIL"; echo ${!email_varname}
    # Wait until the threshold is reached for renewing certificate
    # cat /etc/nginx/certs/ftl3.local.crt | openssl x509 -noout -dates
    # Or if the certificate doesn't exist
-    /opt/letsencrypt/letsencrypt-auto certonly --authenticator webroot \
+    domain_params=""
-      --webroot-path /usr/share/nginx/html -d $domain
+    for domain in "${!hosts_array}"; do
-  done
+      domain_params+="-d $domain "
  date
  sleep $seconds_to_wait
    done
-# Date difference in days
+    /opt/simp_le/venv/bin/simp_le $domain_params -f fullchain.pem -f key.pem --email ${!email_varname} --default_root /usr/share/nginx/html/
-datediff() {
+
-  d1=$(date -d "$1" +%s)
+    # Copy certificates into /etc/nginx/certs
-  d2=$(date -d "$2" +%s)
+    #cp /etc/letsencrypt/live/
-  echo $(( (d1 - d2) / 86400 ))
+
-}
+    unset $host_varname; unset $email_varname; unset $hosts_array
  done
  unset LETSENCRYPT_CONTAINERS
  date
  echo "Waiting $seconds_to_wait seconds"; sleep $seconds_to_wait
 done
--- a/letsencrypt_service_data.tmpl
+++ b/letsencrypt_service_data.tmpl
@ -0,0 +1,10 @@
 LETSENCRYPT_CONTAINERS=({{ range $host, $containers := groupBy $ "Env.LETSENCRYPT_HOST" }}{{ range $container := $containers }} '{{ $container.ID }}' {{ end }}{{ end }})
 {{ range $hosts, $containers := groupBy $ "Env.LETSENCRYPT_HOST" }}
 {{ range $container := $containers }}
 LETSENCRYPT_{{ $container.ID }}_HOST=( {{ range $host := split $hosts " " }}'{{ $host }}' {{ end }})
 LETSENCRYPT_{{ $container.ID }}_EMAIL="{{ $container.Env.LETSENCRYPT_EMAIL }}"
 {{ end }}
 {{ end }}