Add cert rotation and systemd service

main
Eric Ihli 1 year ago
parent 11e45f8f39
commit 4adb6d1fdc

@ -17,7 +17,9 @@ build: FORCE
darklimericks.jar -C -m com.darklimericks.server.core darklimericks.jar -C -m com.darklimericks.server.core
push: FORCE push: FORCE
rsync -aP web/darklimericks.jar root@165.227.16.47:/root/darklimericks/web/ rsync -aP web/darklimericks.jar root@darklimericks.com:/root/darklimericks/web/
rsync -P rotate-cert.sh root@darklimericks.com:/root/darklimericks/
rsync -P darklimericks.service root@darklimericks.com:/etc/systemd/system/
certs: certs:
ssh root@darklimericks.com \ ssh root@darklimericks.com \

@ -1,4 +1,5 @@
#!/bin/sh #!/bin/sh
set -eoux
HOST_IP=`ip -4 addr show scope global dev docker0 | grep inet | awk '{print \$2}' | cut -d / -f 1` HOST_IP=`ip -4 addr show scope global dev docker0 | grep inet | awk '{print \$2}' | cut -d / -f 1`
FULLCHAIN_PEM="${FULLCHAIN_PEM:-/etc/letsencrypt/live/darklimericks.com/fullchain.pem}" FULLCHAIN_PEM="${FULLCHAIN_PEM:-/etc/letsencrypt/live/darklimericks.com/fullchain.pem}"

@ -0,0 +1,7 @@
#!/usr/bin/env sh
cd darklimericks/load-balancer
docker stop haproxy
docker rm haproxy
cat /etc/letsencrypt/live/darklimericks.com/privkey.pem >> /etc/letsencrypt/live/darklimericks.com/fullchain.pem
./run.sh

@ -1,7 +1,5 @@
#+TITLE: Ssl #+TITLE: Ssl
#+begin_src sh #+begin_src sh
certbot certonly -d darklimericks.com --webroot --webroot-path /root/darklimericks/web/resources/public --keep certbot certonly -d darklimericks.com --webroot --webroot-path /root/darklimericks/web/resources/public --keep
cat /etc/letsencrypt/archive/darklimericks.com/privkey.pem >> /etc/letsencrypt/archive/darklimericks.com/fullchain.pem cat /etc/letsencrypt/archive/darklimericks.com/privkey.pem >> /etc/letsencrypt/archive/darklimericks.com/fullchain.pem

@ -0,0 +1,10 @@
[Unit]
Description=Run DarkLimericks web server
[Service]
WorkingDirectory=/root/darklimericks/web
ExecStart=/usr/bin/java -Xmx3072m -jar darklimericks.jar
Restart=on-failure
[Install]
WantedBy=multi-user.target
Loading…
Cancel
Save