Add pre/post renewal hooks scripts #24
Conversation
|
@dhimmel: I have tested the new scripts and renewed the SSL certificate on https://neo4j.het.io successfully. |
There was a problem hiding this comment.
So guessing that without this renewal has been failing? If we have any logs of the failure can we post them as a PR comment so we can search for them in the future if something similar happens.
One minor suggestion, otherwise looks good to me. I will merge when ready.
| @@ -25,22 +25,26 @@ sudo certbot certonly \ | |||
| # Create "sync-neo4j-ssl.sh" dynamically and run it: | |||
| cat > ./sync-neo4j-ssl.sh << EOF | |||
| #!/bin/bash | |||
| # Certbot post-renewal-hook script that synchronizes SSL certificates for neo4j | |||
| # Certbot deploy-renewal-hook script, which synchronizes SSL certificates for neo4j. | |||
| # This script will be executed ONLY WHEN certificate is renrewed successfully. | |||
There was a problem hiding this comment.
| # This script will be executed ONLY WHEN certificate is renrewed successfully. | |
| # This script will be executed ONLY WHEN certificate is renewed successfully. |
There was a problem hiding this comment.
Good catch. Thanks.
| if [ -n $(docker ps --quiet --filter name=hetionet-container) ]; then | ||
| echo -n "Restarting " | ||
| docker restart hetionet-container | ||
| fi |
There was a problem hiding this comment.
So the command above is just for the initial installation of SSH and the hooks are for future renewals?
|
@dhimmel: I realized this issue due to a message sent to The exact error can be found in |
|
If you don't have any other comments, please feel free to merge it. Thanks. |
This PR adds
preandpostrenewal scripts so that the SSL certificate can be renewed successfully. Theprescript stops neo4j docker container before renewal process (otherwise port 80 would be taken by the docker container and the renewal would fail); andpostscripts starts the docker container.