Commit 127eb722 authored by Nolan's avatar Nolan

Refresh boundery.me cert at boot.

Pebble annoyingly regens a new root cert each time you run it.
parent 1fc8b037
......@@ -132,6 +132,7 @@ Vagrant.configure("2") do |config|
exit 92
fi
#XXX It is probably OK to just do this at boot time...
sudo /etc/rc.local #Refetch ssl root cert in case pebble restarted.
rm -rf boundery-linux-client*
......
......@@ -2,3 +2,12 @@
#/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate protects this from eth0 dhcp renew.
echo "nameserver 30.0.1.1" > /etc/resolv.conf
#Need to renew our cert, in case pebble restarted.
if which docker &>/dev/null; then
while [ -z "`docker ps -q -f name=root_sslnginx_1`" ]; do
sleep 1
done
rm -rf /root/data/sslnginx/letsencrypt/{a*,c*,k*,l*,r*}
docker exec root_sslnginx_1 bash -c 'certbot certonly --webroot --webroot-path /usr/share/nginx/html -n --agree-tos -m letsencrypt@sigbus.net -d boundery.me -d www.boundery.me && pkill -HUP nginx'
fi
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment