New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add pre/post renewal hooks scripts #24
Conversation
@dhimmel: I have tested the new scripts and renewed the SSL certificate on https://neo4j.het.io successfully. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So guessing that without this renewal has been failing? If we have any logs of the failure can we post them as a PR comment so we can search for them in the future if something similar happens.
One minor suggestion, otherwise looks good to me. I will merge when ready.
@@ -25,22 +25,26 @@ sudo certbot certonly \ | |||
# Create "sync-neo4j-ssl.sh" dynamically and run it: | |||
cat > ./sync-neo4j-ssl.sh << EOF | |||
#!/bin/bash | |||
# Certbot post-renewal-hook script that synchronizes SSL certificates for neo4j | |||
# Certbot deploy-renewal-hook script, which synchronizes SSL certificates for neo4j. | |||
# This script will be executed ONLY WHEN certificate is renrewed successfully. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
# This script will be executed ONLY WHEN certificate is renrewed successfully. | |
# This script will be executed ONLY WHEN certificate is renewed successfully. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch. Thanks.
if [ -n $(docker ps --quiet --filter name=hetionet-container) ]; then | ||
echo -n "Restarting " | ||
docker restart hetionet-container | ||
fi |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So the command above is just for the initial installation of SSH and the hooks are for future renewals?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes.
@dhimmel: I realized this issue due to a message sent to The exact error can be found in
|
If you don't have any other comments, please feel free to merge it. Thanks. |
This PR adds
pre
andpost
renewal scripts so that the SSL certificate can be renewed successfully. Thepre
script stops neo4j docker container before renewal process (otherwise port 80 would be taken by the docker container and the renewal would fail); andpost
scripts starts the docker container.