Switch Certbot to snap package on Ubuntu 20.04+

Needs only minor changes. Tested and running on wiki.kosmos.org already.
2020-09-06 13:46:06 +02:00
parent ded21fb009
commit a1a0d7e4c1
3 changed files with 36 additions and 23 deletions
--- a/site-cookbooks/kosmos-nginx/resources/nginx_certbot_site.rb
+++ b/site-cookbooks/kosmos-nginx/resources/nginx_certbot_site.rb
@@ -39,10 +39,12 @@ action :create do

  include_recipe "kosmos-base::letsencrypt"

+  certbot_bin = node[:platform_version].to_f < 20.04 ? "/usr/bin/certbot" : "/snap/bin/certbot"
+
  # Generate a Let's Encrypt cert (only if the nginx vhost exists and no cert
  # has been generated before. The renew cron will take care of renewing
  execute "letsencrypt cert for #{domain}" do
-    command "/usr/bin/certbot certonly --webroot --agree-tos --email ops@kosmos.org --webroot-path #{root_directory} -d #{domain} -n"
+    command "#{certbot_bin} certonly --webroot --agree-tos --email ops@kosmos.org --webroot-path #{root_directory} -d #{domain} -n"
    only_if do
      ::File.exist?("#{node['nginx']['dir']}/sites-enabled/#{domain}_certbot") &&
        !::File.exist?("/etc/letsencrypt/live/#{domain}/fullchain.pem")