ba3a89944b
Currently the only method is by downloading the certbot-auto script and executing that. Some distros supply a so this patch sets up an option for a future patch to add distro package support Change-Id: Ie32e6f577c9aa898906ee76199fd0ebe75d5ae95
12 lines
330 B
Django/Jinja
12 lines
330 B
Django/Jinja
#!/bin/bash
|
|
# renew cert if required and copy to haproxy destination
|
|
|
|
{{ haproxy_ssl_letsencrypt_venv }}/bin/certbot renew \
|
|
--standalone \
|
|
--pre-hook "systemctl stop haproxy" \
|
|
|
|
cat /etc/letsencrypt/live/{{ external_lb_vip_address }}/{fullchain,privkey}.pem \
|
|
> /etc/ssl/private/haproxy.pem
|
|
|
|
systemctl reload haproxy
|