[sysadmin-bin] Recreate router-certs with renewed certificates for OCP4

From: Bartłomiej Piotrowski <bpiotrowski src gnome org>
To: gnome-sysadmin gnome org,commits-list gnome org
Subject: [sysadmin-bin] Recreate router-certs with renewed certificates for OCP4
Date: Tue, 8 Mar 2022 09:49:01 +0000 (UTC)

commit 09ea4fb2094b34816cd459b75acc7af0799277ee
Author: Bartłomiej Piotrowski <bpiotrowski gnome org>
Date:   Tue Mar 8 10:46:00 2022 +0100

    Recreate router-certs with renewed certificates for OCP4

 certbot/cleanup-hook | 4 ++++
 1 file changed, 4 insertions(+)
---
diff --git a/certbot/cleanup-hook b/certbot/cleanup-hook
index 613936b..3a7369f 100755
--- a/certbot/cleanup-hook
+++ b/certbot/cleanup-hook
@@ -39,6 +39,10 @@ def main():
 
     base_domain = ".".join(domain.split(".")[-2:])
 
+    if domain == "apps.openshift4.gnome.org":
+        subprocess.run(["oc", "-n", "openshift-ingress", "delete", "secret", "router-certs"], check=True)
+        subprocess.run(["oc", "-n", "openshift-ingress", "create", "secret", "tls", "router-certs", 
f"--cert=/srv/letsencrypt/config/live/{domain}/fullchain.pem", "--key", 
f"/srv/letsencrypt/config/live/{domain}/privkey.pem"], check=True)
+
     with tempfile.TemporaryDirectory() as tmpdir:
         repo = pygit2.clone_repository("/git/dns.git", tmpdir)
         if not repo:

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]