Skip to content

Commit

Permalink
fix: Настроена перевыдача сертификатов
Browse files Browse the repository at this point in the history
  • Loading branch information
@Denis-Shtanskiy
Denis-Shtanskiy committed Apr 22, 2024
1 parent 151d202 commit dba626c
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 11 deletions.
13 changes: 11 additions & 2 deletions .github/workflows/deploy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,6 +116,15 @@ jobs:
passphrase: ${{ secrets.SSH_PASSPHRASE }}
source: "infra/docker-compose-prod.yaml"
target: "codepet"
- name: Copy certbot_renew script via ssh
uses: appleboy/scp-action@master
with:
host: ${{ secrets.HOST }}
username: ${{ secrets.USER }}
key: ${{ secrets.SSH_KEY }}
passphrase: ${{ secrets.SSH_PASSPHRASE }}
source: "infra/certbot_renew.sh"
target: "codepet"
- name: Executing remote ssh commands to deploy
uses: appleboy/ssh-action@master
with:
Expand All @@ -131,6 +140,6 @@ jobs:
sudo docker compose -f docker-compose-prod.yaml exec backend python manage.py migrate
sudo docker compose -f docker-compose-prod.yaml exec backend python manage.py collectstatic --no-input
sudo docker compose -f docker-compose-prod.yaml exec backend cp -r static/. /backend_static/static/
sudo docker compose -f docker-compose-prod.yaml run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d devcodepet.tw1.ru
sudo docker compose -f docker-compose-prod.yaml run --rm certbot renew
sudo docker compose -f docker-compose-prod.yaml exec restart nginx
sudo echo "0 */12 * * * /root/codepet/infra/certbot_renew.sh && perl -e 'sleep int(rand(43200))" | crontab -
sudo docker system prune -f
8 changes: 4 additions & 4 deletions infra/certbot/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
FROM certbot/certbot

RUN apt-get update && apt-get install -y cron

ARG DOMAIN_NAME

COPY certbot_cron.cron /etc/cron.d/certbot_cron
COPY certbot_renew.sh /usr/local/bin/

RUN chmod +x /usr/local/bin/certbot_renew.sh

CMD ["cron", "-f"]
RUN echo "0 0 1 */2 * /usr/local/bin/certbot_renew.sh" | crontab -
3 changes: 0 additions & 3 deletions infra/certbot/certbot_cron.cron
View file

This file was deleted.

4 changes: 4 additions & 0 deletions infra/certbot_renew.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#!/bin/bash

docker compose -f docker-compose-prod.yaml exec -ti certbot certbot renew --quiet --non-interactive
docker compose -f docker-compose-prod.yaml restart nginx
5 changes: 3 additions & 2 deletions infra/docker-compose-prod.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,12 +64,13 @@ services:
- frontend

certbot:
image: ${DOCKERHUB_USERNAME}/${PROJECT_NAME}_certbot:latest
image: certbot/certbot
env_file: .env
environment:
- TZ=Europe/Moscow
volumes:
- certbot:/var/www/certbot/
- letsencrypt:/etc/letsencrypt/
- ./certbot_cron:etc/cron.d/certbot_cron:ro
restart: unless-stopped
depends_on:
- nginx
8 changes: 8 additions & 0 deletions src/backend/config/settings/dev.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
from .base import * # noqa

DEBUG = True

EMAIL_USE_TLS = True
EMAIL_USE_SSL = False
EMAIL_PORT = 587
Expand All @@ -10,6 +12,12 @@
"http://localhost:3000",
]

# CSRF_TRUSTED_ORIGINS = [
# "https://89.23.117.80",
# "https://devcodepet.tw1.ru",
# ]


LOGGING["loggers"].pop("django.db.backends", None)
LOGGING["loggers"]["django"]["level"] = "WARNING"

Expand Down

0 comments on commit dba626c

Please sign in to comment.