Start9/registry
2
0
Fork 0
mirror of https://github.com/Start9Labs/registry.git synced 2026-03-26 02:11:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes path dependence

Browse Source
This commit is contained in:
Keagan McClelland
2020-08-04 13:18:43 -06:00
parent f385d23210
commit 7c008f321c
3 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/settings.yml
View File

@@ -29,7 +29,7 @@ ip-from-header: "_env:YESOD_IP_FROM_HEADER:false"
# See https://github.com/yesodweb/yesod/wiki/Configuration#parsing-numeric-values-as-strings # See https://github.com/yesodweb/yesod/wiki/Configuration#parsing-numeric-values-as-strings
app-compatibility-path: "_env:APP_COMPATIBILITY_CONFIG:/etc/start9/registry/compatibility.json" app-compatibility-path: "_env:APP_COMPATIBILITY_CONFIG:/etc/start9/registry/compatibility.json"
resources-path: "_env:RESOURCES_PATH:/var/www/html/resources" resources-path: "_env:RESOURCES_PATH:/var/www/html/resources"
ssl-path: "_env:SSL_PATH:/var/ssl" ssl-path: "_env:SSL_PATH:/var/ssl"
registry-hostname: "_env:REGISTRY_HOSTNAME:registry.start9labs.com" registry-hostname: "_env:REGISTRY_HOSTNAME:registry.start9labs.com"

15
src/Application.hs
View File

@@ -170,12 +170,6 @@ appMain = do
-- allow environment variables to override -- allow environment variables to override
useEnv useEnv
void . forkIO $ forever $ do
shouldRenew <- doesSslNeedRenew (sslCertLocation settings)
when shouldRenew $ do
putStrLn @Text "Renewing SSL Certs."
renewSslCerts (sslCertLocation settings)
sleep 86_400
-- Generate the foundation from the settings -- Generate the foundation from the settings
makeFoundation settings >>= startApp makeFoundation settings >>= startApp
@@ -186,6 +180,15 @@ startApp foundation = do
putStrLn @Text "Setting up SSL" putStrLn @Text "Setting up SSL"
_ <- setupSsl $ appSettings foundation _ <- setupSsl $ appSettings foundation
putStrLn @Text "SSL Setup Complete" putStrLn @Text "SSL Setup Complete"
-- certbot renew loop
void . forkIO $ forever $ do
shouldRenew <- doesSslNeedRenew (sslCertLocation $ appSettings foundation)
when shouldRenew $ do
putStrLn @Text "Renewing SSL Certs."
runReaderT (renewSslCerts (sslCertLocation $ appSettings foundation)) foundation
sleep 86_400
startWeb foundation startWeb foundation
startWeb :: RegistryCtx -> IO () startWeb :: RegistryCtx -> IO ()

6
src/Lib/Ssl.hs
View File

@@ -9,6 +9,7 @@ import Data.String.Interpolate.IsString
import System.Directory import System.Directory
import System.Process import System.Process
import Foundation
import Settings import Settings
-- openssl genrsa -out key.pem 2048 -- openssl genrsa -out key.pem 2048
@@ -45,7 +46,8 @@ doesSslNeedRenew cert = do
ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|] ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
pure $ ec /= ExitSuccess pure $ ec /= ExitSuccess
renewSslCerts :: FilePath -> IO () renewSslCerts :: FilePath -> ReaderT RegistryCtx IO ()
renewSslCerts cert = do renewSslCerts cert = do
domain <- asks $ registryHostname . appSettings
void . liftIO $ system [i|certbot renew|] void . liftIO $ system [i|certbot renew|]
void . liftIO $ system [i|cp /etc/letsencrypt/live/beta-registry.start9labs.com/fullchain.pem #{cert}|] void . liftIO $ system [i|cp /etc/letsencrypt/live/#{domain}/fullchain.pem #{cert}|]