Place certs in another dir

This commit is contained in:
dave 2017-07-19 22:13:18 -07:00
parent e4b4acc6c7
commit bdfee9f47d
3 changed files with 11 additions and 4 deletions

View File

@ -8,3 +8,5 @@ The webroot should be mounted to the real webhost's acme-challenge dir, like:
-v /host/real_webroot/.well-known/acme-challenge/:/srv/acme/webroot/.well-known/acme-challenge/
Master process logs in /srv/acme/logs/ are useful for debugging
The certs (and account.json) will be placed in /srv/acme/certs/

View File

@ -4,6 +4,7 @@ from subprocess import Popen, TimeoutExpired
import os
OUTPUT_DIR = "/srv/acme/certs/"
CONF_DIR = "/srv/acme/conf/"
WEB_ROOT = "/srv/acme/webroot/"
@ -16,12 +17,14 @@ def main():
with open(os.path.join(domain_dir, "aliases")) as f:
aliases = [i.strip() for i in f.read().strip().split()]
call_le(email, aliases, domain_dir)
output_dir = os.path.join(OUTPUT_DIR, name)
os.makedirs(output_dir, exist_ok=True)
os.chdir(output_dir)
call_le(email, aliases)
def call_le(email, domain_names, cwd):
def call_le(email, domain_names):
assert domain_names
os.chdir(cwd)
le_call = ["simp_le",
"--email", email,
@ -47,6 +50,8 @@ def call_le(email, domain_names, cwd):
elif p.returncode == 2:
print("error updating {}1".format(domain_names[0]))
return p.returncode
if __name__ == '__main__':
main()

2
start
View File

@ -1,6 +1,6 @@
#!/bin/bash -eux
mkdir -p /srv/acme/webroot/.well-known/acme-challenge /srv/acme/conf /srv/acme/logs
mkdir -p /srv/acme/webroot/.well-known/acme-challenge /srv/acme/conf /srv/acme/logs /srv/acme/certs
chown -R simplecert /srv/acme
exec cron -f