self/certupdater
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix
Some checks failed
Deploy Dev / Build (pull_request) Successful in 5s
Details
Deploy Dev / Push (pull_request) Successful in 8s
Details
Deploy Dev / Deploy dev (pull_request) Failing after 7s
Details

Browse Source
This commit is contained in:
Egor Matveev 2025-06-01 19:24:11 +03:00
parent eaf5cbfa55
commit 7abedce009
2 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.deploy/deploy-dev.yaml
View File

@ -16,7 +16,7 @@ services:
networks:
- configurator
deploy:
mode: replicated
mode: global
restart_policy:
condition: any
update_config:

29
main.py
View File

@ -25,25 +25,33 @@ def get_hosts() -> list[str]:
return list(set(configurator.get_config("hosts") + ["platform.develop.chocomarsh.com"]))
def update_host(host: str):
gen_cert = call(f"docker exec -it $(docker ps -q -f name=infra-development_nginx) certbot --nginx --email emmtvv@gmail.com --agree-tos -d \"{host}\"")
def update_host(host: str) -> bool:
container_id_run = call(f"echo $(docker ps -q -f name=infra-development_nginx)")
if container_id_run.code != 0:
print(f"something wrong {container_id_run.err}")
return False
container_name = container_id_run.out
gen_cert = call(f"docker exec -it {container_name} certbot --nginx --email emmtvv@gmail.com --agree-tos -d \"{host}\"")
if gen_cert.code != 0:
print(f"failed generating certificate: {gen_cert.err}")
return
return False
fullchain_command = call(f"docker exec -it $(docker ps -q -f name=infra_nginx) cat /etc/letsencrypt/live/{host}/fullchain.pem")
fullchain_command = call(f"docker exec -it {container_name} cat /etc/letsencrypt/live/{host}/fullchain.pem")
if fullchain_command.code != 0:
print(f"failed getting fullchain: {fullchain_command.err}")
return
return True
privkey_command = call(f"docker exec -it $(docker ps -q -f name=infra_nginx) cat /etc/letsencrypt/live/{host}/privkey.pem")
privkey_command = call(f"docker exec -it {container_name} cat /etc/letsencrypt/live/{host}/privkey.pem")
if privkey_command.code != 0:
print(f"failed getting fullchain: {privkey_command.err}")
return
return True
fullchain = fullchain_command.out.encode("utf-8")
privkey = privkey_command.out.encode("utf-8")
minio.put_object("certupdater", f"certificates/{host}/fullchain.pem", fullchain, len(fullchain))
minio.put_object("certupdater", f"certificates/{host}/privkey.pem", privkey, len(privkey))
return True
while True:
@ -51,7 +59,8 @@ while True:
mongo_hosts = mongo.hosts
for host in get_hosts():
if now + datetime.timedelta(days=14) > mongo_hosts.get(host, {"expire_time": datetime.datetime.fromtimestamp(1)})["expire_time"]:
update_host(host)
print(f"Host {host} updated")
mongo.update_date(host)
success = update_host(host)
if success:
print(f"Host {host} updated")
mongo.update_date(host)
time.sleep(5 * 60)