diff options
| author | Dmitry Ilvokhin <d@ilvokhin.com> | 2024-04-14 19:27:14 +0100 |
|---|---|---|
| committer | Dmitry Ilvokhin <d@ilvokhin.com> | 2024-04-14 19:27:14 +0100 |
| commit | 899eca5f024f22b67aa032dd82aa4393b60b85e4 (patch) | |
| tree | 1ace23e49568fee263fb65edbba83a31f3c2024f /roles/nginx/files | |
| parent | f2dc007f38c53ce583fb7510ce5f073ed1fcc320 (diff) | |
| download | infra-899eca5f024f22b67aa032dd82aa4393b60b85e4.tar.gz infra-899eca5f024f22b67aa032dd82aa4393b60b85e4.tar.bz2 infra-899eca5f024f22b67aa032dd82aa4393b60b85e4.zip | |
Make certificate updates work for nginx
Currently, we obtain certificates from Let's Encrypt with standalone
mode, so when we do renew, certbot tries to run it is own webserver on
port 80, but this port is already in use by nginx.
Stop nginx, before renewal. This is quite hacky, but should work. Proper
solution is to split certificate role by standalone and non-standalone
versions.
Diffstat (limited to 'roles/nginx/files')
| -rw-r--r-- | roles/nginx/files/hooks/deploy/nginx.sh (renamed from roles/nginx/files/nginx.sh) | 0 | ||||
| -rw-r--r-- | roles/nginx/files/hooks/post/nginx.sh | 3 | ||||
| -rw-r--r-- | roles/nginx/files/hooks/pre/nginx.sh | 3 |
3 files changed, 6 insertions, 0 deletions
diff --git a/roles/nginx/files/nginx.sh b/roles/nginx/files/hooks/deploy/nginx.sh index ca022f8..ca022f8 100644 --- a/roles/nginx/files/nginx.sh +++ b/roles/nginx/files/hooks/deploy/nginx.sh diff --git a/roles/nginx/files/hooks/post/nginx.sh b/roles/nginx/files/hooks/post/nginx.sh new file mode 100644 index 0000000..84e871d --- /dev/null +++ b/roles/nginx/files/hooks/post/nginx.sh @@ -0,0 +1,3 @@ +#! /bin/sh + +systemctl start nginx diff --git a/roles/nginx/files/hooks/pre/nginx.sh b/roles/nginx/files/hooks/pre/nginx.sh new file mode 100644 index 0000000..91b7633 --- /dev/null +++ b/roles/nginx/files/hooks/pre/nginx.sh @@ -0,0 +1,3 @@ +#! /bin/sh + +systemctl stop nginx |