kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

The renew hook now needs to be an executable in the path

Browse Source 
An absolute path doesn't work anymore.

Also send an email containing STDERR when the renewal command fails
This commit is contained in:
Greg Karékinian 2017-09-22 11:53:01 +02:00
parent 0a3763fe5d
commit 49664dbc8d
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
site-cookbooks/kosmos-base/recipes/letsencrypt.rb
View File

@ -10,7 +10,7 @@
git "/usr/local/certbot" do git "/usr/local/certbot" do
repository "https://github.com/certbot/certbot" repository "https://github.com/certbot/certbot"
action :sync action :sync
revision "v0.13.0" revision "v0.18.2"
user "root" user "root"
group "root" group "root"
end end
@ -36,7 +36,7 @@ EOF
file "/usr/local/bin/letsencrypt_renew_hook" do file "/usr/local/bin/letsencrypt_renew_hook" do
content letsencrypt_renew_hook content letsencrypt_renew_hook
mode 0700 mode 0755
owner "root" owner "root"
group "root" group "root"
end end
@ -44,6 +44,7 @@ end
cron "renew Let's Encrypt certificates" do cron "renew Let's Encrypt certificates" do
minute "0" minute "0"
hour "4" hour "4"
mailto "logs@5apps.com"
# The post hook is only executed if a cert has been renewed # The post hook is only executed if a cert has been renewed
command "/usr/local/certbot/certbot-auto renew --renew-hook \"/usr/local/bin/letsencrypt_renew_hook\" -n" command "/usr/local/certbot/certbot-auto renew --renew-hook letsencrypt_renew_hook -n 1> /dev/null"
end end