sysadmin/openfreemap
1
0
Fork 0
mirror of https://github.com/hyperknot/openfreemap.git synced 2026-05-22 14:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

ledns_writer

Browse Source
This commit is contained in:
Zsolt Ero
2024-03-03 01:31:58 +01:00
parent e079bd1c67
commit 09260b26b6
3 changed files with 34 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
init-server.py
View File

@@ -107,7 +107,6 @@ def ledns_writer(hostname, user, port):
setup_ledns_writer(c) setup_ledns_writer(c)
@cli.command() @cli.command()
@common_options @common_options
def debug(hostname, user, port): def debug(hostname, user, port):

10
scripts/ledns/rclone_write.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/usr/bin/env bash
#env > /data/ofm/ledns/env.txt
RENEWED_DOMAINS=direct.openfreemap.org
RENEWED_LINEAGE=/etc/letsencrypt/live/ofm_ledns
rclone copy -v "$RENEWED_LINEAGE/fullchain.pem" "remote:ofm-secret/ledns/$RENEWED_DOMAINS/ofm_ledns.cert"
rclone copy -v "$RENEWED_LINEAGE/privkey.pem" "remote:ofm-secret/ledns/$RENEWED_DOMAINS/ofm_ledns.key"

42
ssh_lib/tasks.py
View File

@@ -186,37 +186,43 @@ def setup_ledns_writer(c):
assert (CONFIG_DIR / 'rclone.conf').exists() assert (CONFIG_DIR / 'rclone.conf').exists()
rclone(c) rclone(c)
certbot(c)
c.sudo(f'mkdir -p {REMOTE_CONFIG}') c.sudo(f'mkdir -p {REMOTE_CONFIG}')
put( put(
c, c,
CONFIG_DIR / 'rclone.conf', CONFIG_DIR / 'rclone.conf',
f'{REMOTE_CONFIG}/rclone.conf', f'{REMOTE_CONFIG}/rclone.conf',
permissions='600', permissions=400,
) )
return
c.sudo('mkdir -p /root/.secrets')
put( put(
c, c,
CONFIG_DIR / 'cloudflare.ini', CONFIG_DIR / 'cloudflare.ini',
'/root/.secrets/ofm_ledns_cloudflare.ini', f'{REMOTE_CONFIG}/cloudflare.ini',
permissions=400, permissions=400,
) )
# TODO change to /data/ofm/config, owner root put(
sudo_cmd(
c, c,
'certbot certonly ' SCRIPTS_DIR / 'ledns' / 'rclone_write.sh',
'--dns-cloudflare ' '/data/ofm/ledns/rclone_write.sh',
'--dns-cloudflare-credentials /root/.secrets/ofm_ledns_cloudflare.ini ' create_parent_dir=True,
'--dns-cloudflare-propagation-seconds 60 ' permissions=500,
'--staging '
f'--noninteractive -m {le_email} '
f'--agree-tos '
f'--cert-name=ofm_ledns '
f'-d {domain_ledns}',
) )
#
# sudo_cmd(
# c,
# 'certbot certonly '
# '--dns-cloudflare '
# f'--dns-cloudflare-credentials {REMOTE_CONFIG}/cloudflare.ini '
# '--dns-cloudflare-propagation-seconds 20 '
# '--staging '
# f'--noninteractive -m {le_email} '
# f'--agree-tos '
# f'--cert-name=ofm_ledns '
# f'--deploy-hook /data/ofm/ledns/rclone_write.sh '
# f'-d {domain_ledns}',
# )