Use simp_le client. Use docker-gen to gather data for simp_le

2015-11-21 00:27:45 -05:00 · 2015-11-21 00:27:45 -05:00 · b89af421f6
commit b89af421f6
parent 752687a6a6
4 changed files with 47 additions and 20 deletions
--- a/11
+++ b/11
@ -11,9 +11,16 @@ RUN apt-get update \
 && rm -r /var/lib/apt/lists/*

 # Get Let's Encrypt client source
-RUN git -C /opt clone https://github.com/letsencrypt/letsencrypt
+#RUN git -C /opt clone https://github.com/letsencrypt/letsencrypt
+# Get Let's Encrypt simp_le client source
+RUN git -C /opt clone https://github.com/kuba/simp_le.git
 # Install letsencrypt
-RUN cd /opt/letsencrypt && ./letsencrypt-auto --help
+#RUN cd /opt/letsencrypt && ./letsencrypt-auto --help
+# Install simp_le
+RUN cd /opt/simp_le && ./bootstrap.sh && ./venv.sh
+#&& \
+#RUN /opt/simp_le/venv.sh
+# . venv/bin/activate

 # Testing directory
 RUN mkdir -p /usr/share/nginx/html/.well-known \
--- a/1
+++ b/1
@ -1,3 +1,4 @@
 nginx: nginx
 dockergen: docker-gen -watch -only-exposed -notify "nginx -s reload" /app/nginx.tmpl /etc/nginx/conf.d/default.conf
+letsencrypt_dockergen: docker-gen -watch -only-exposed /app/letsencrypt_service_data.tmpl /app/letsencrypt_service_data
 letsencrypt: /app/letsencrypt_service
--- a/43
+++ b/43
@ -1,31 +1,40 @@
 #!/bin/bash
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 echo 'Waiting'
 sleep 10

 # Wait some amount of time
-seconds_to_wait=100;
+seconds_to_wait=10;
 while true; do
-  # for each configuration file,
-  for f in "/etc/letsencrypt/*.ini"; do 
-    [[ -f "$f" ]] || continue 
-    echo "letsencrypt ${f%.ini}"
-    domain="${f%.ini}"
+  # Load relevant conatiner settings
+  source $DIR/letsencrypt_service_data
+
+  for lec in "${LETSENCRYPT_CONTAINERS[@]}"; do
+    host_varname="LETSENCRYPT_""$lec""_HOST"
+    # Array variable indirection hack: http://stackoverflow.com/a/25880676/350221
+    hosts_array=$host_varname[@]; echo ${!hosts_array}
+
+    email_varname="LETSENCRYPT_""$lec""_EMAIL"; echo ${!email_varname}
    # Wait until the threshold is reached for renewing certificate
    # cat /etc/nginx/certs/ftl3.local.crt | openssl x509 -noout -dates

    # Or if the certificate doesn't exist

-    /opt/letsencrypt/letsencrypt-auto certonly --authenticator webroot \
-      --webroot-path /usr/share/nginx/html -d $domain
-  done
-  date
-  sleep $seconds_to_wait
+    domain_params=""
+    for domain in "${!hosts_array}"; do
+      domain_params+="-d $domain "
    done

-# Date difference in days
-datediff() {
-  d1=$(date -d "$1" +%s)
-  d2=$(date -d "$2" +%s)
-  echo $(( (d1 - d2) / 86400 ))
-}
+    /opt/simp_le/venv/bin/simp_le $domain_params -f fullchain.pem -f key.pem --email ${!email_varname} --default_root /usr/share/nginx/html/
+
+    # Copy certificates into /etc/nginx/certs
+    #cp /etc/letsencrypt/live/
+
+    unset $host_varname; unset $email_varname; unset $hosts_array
+  done
+  unset LETSENCRYPT_CONTAINERS
+
+  date
+  echo "Waiting $seconds_to_wait seconds"; sleep $seconds_to_wait
+done
--- a/letsencrypt_service_data.tmpl
+++ b/letsencrypt_service_data.tmpl
@ -0,0 +1,10 @@
+LETSENCRYPT_CONTAINERS=({{ range $host, $containers := groupBy $ "Env.LETSENCRYPT_HOST" }}{{ range $container := $containers }} '{{ $container.ID }}' {{ end }}{{ end }})
+
+{{ range $hosts, $containers := groupBy $ "Env.LETSENCRYPT_HOST" }}
+
+{{ range $container := $containers }}
+LETSENCRYPT_{{ $container.ID }}_HOST=( {{ range $host := split $hosts " " }}'{{ $host }}' {{ end }})
+LETSENCRYPT_{{ $container.ID }}_EMAIL="{{ $container.Env.LETSENCRYPT_EMAIL }}"
+{{ end }}
+
+{{ end }}