fix: Update to use absolute names in cert hooks to allow renewals from crontab

2024-08-20 13:13:04 +10:00 · 2024-08-20 13:13:04 +10:00 · 004e7fcd9f
commit 004e7fcd9f
parent 9baefbf6e7
3 changed files with 7 additions and 6 deletions
--- a/cert.py
+++ b/cert.py
@ -7,11 +7,11 @@ import time

 AUTH = ""
 # Check if token file exists
-if os.path.isfile("token"):
+if os.path.isfile("/root/hns_doh_loadbalancer/token"):
    print("ERROR: Token file not found")

 # Read token from file
-with open("token", "r") as fh:
+with open("/root/hns_doh_loadbalancer/token", "r") as fh:
    AUTH = fh.read().strip()

 # Check if token is empty
@ -132,4 +132,4 @@ if __name__ == "__main__":
    # Update the TXT record in acme-dns instance
    client.update_txt_record(VALIDATION_TOKEN)
    # Wait for the DNS to propagate for 60 seconds
-    time.sleep(60)
+    time.sleep(60)
--- a/cert.sh
+++ b/cert.sh
@ -2,6 +2,7 @@

 # Tell dnsdist to reload the config
 dnsdist -c -e 'reloadAllCertificates()'
+systemctl restart caddy

 # Save last run time
-date +%s > last_cert_reload.txt
+date +%s > last_cert_reload.txt
--- a/install.sh
+++ b/install.sh
@ -19,7 +19,7 @@ sudo apt-get install -y dnsdist
 sudo apt install snapd -y
 sudo snap install --classic certbot
 sudo ln -s /snap/bin/certbot /usr/bin/certbot
-sudo certbot certonly --manual --manual-auth-hook ./cert.py --preferred-challenges dns -d hnsdoh.com --deploy-hook ./cert.sh
+sudo certbot certonly --manual --manual-auth-hook /root/hns_doh_loadbalancer/cert.py --preferred-challenges dns -d hnsdoh.com --deploy-hook /root/hns_doh_loadbalancer/cert.sh
 sudo cp ./resolved.conf /etc/systemd/resolved.conf
 sudo systemctl restart systemd-resolved

@ -68,4 +68,4 @@ npm install --omit=dev
 sudo cp ./hsd.service /lib/systemd/system/hsd.service
 sudo systemctl daemon-reload
 sudo systemctl enable hsd
-sudo systemctl start hsd
+sudo systemctl start hsd