Start9/registry
2
0
Fork 0
mirror of https://github.com/Start9Labs/registry.git synced 2026-04-01 20:44:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

testing complete

Browse Source
This commit is contained in:
Keagan McClelland
2020-08-04 17:01:51 -06:00
parent 5df3523f87
commit f9bba3b65b
2 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Lib/Ssl.hs
View File

@@ -41,15 +41,16 @@ setupSsl AppSettings {..} = do
"openssl"
["x509", "-req", "-in", sslCsrLocation, "-signkey", sslKeyLocation, "-out", sslCertLocation]
doesSslNeedRenew :: FilePath -> IO Bool
doesSslNeedRenew cert = do
ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
doesSslNeedRenew :: ReaderT RegistryCtx IO Bool
doesSslNeedRenew = do
cert <- asks $ sslCertLocation . appSettings
ec <- liftIO $ system [i|openssl x509 -checkend 2592000 -noout -in #{cert}|]
pure $ ec /= ExitSuccess
renewSslCerts :: ReaderT RegistryCtx IO ()
renewSslCerts = do
domain <- asks $ registryHostname . appSettings
(cert, key) <- asks $ (sslCertLocation &&& sslKeyLocation) . appSettings
void . liftIO $ system [i|certbot renew --dry-run|]
void . liftIO $ system [i|certbot renew|]
void . liftIO $ system [i|cp /etc/letsencrypt/live/#{domain}/fullchain.pem #{cert}|]
void . liftIO $ system [i|cp /etc/letsencrypt/live/#{domain}/privkey.pem #{key}|]