From 004e7fcd9ff0e6c5a1862fc308cf7b0cdc37d4f9 Mon Sep 17 00:00:00 2001 From: Nathan Woodburn Date: Tue, 20 Aug 2024 13:13:04 +1000 Subject: [PATCH] fix: Update to use absolute names in cert hooks to allow renewals from crontab --- cert.py | 6 +++--- cert.sh | 3 ++- install.sh | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/cert.py b/cert.py index 7bd4aab..2bf9a38 100644 --- a/cert.py +++ b/cert.py @@ -7,11 +7,11 @@ import time AUTH = "" # Check if token file exists -if os.path.isfile("token"): +if os.path.isfile("/root/hns_doh_loadbalancer/token"): print("ERROR: Token file not found") # Read token from file -with open("token", "r") as fh: +with open("/root/hns_doh_loadbalancer/token", "r") as fh: AUTH = fh.read().strip() # Check if token is empty @@ -132,4 +132,4 @@ if __name__ == "__main__": # Update the TXT record in acme-dns instance client.update_txt_record(VALIDATION_TOKEN) # Wait for the DNS to propagate for 60 seconds - time.sleep(60) \ No newline at end of file + time.sleep(60) diff --git a/cert.sh b/cert.sh index bd4d369..fbd0cb6 100644 --- a/cert.sh +++ b/cert.sh @@ -2,6 +2,7 @@ # Tell dnsdist to reload the config dnsdist -c -e 'reloadAllCertificates()' +systemctl restart caddy # Save last run time -date +%s > last_cert_reload.txt \ No newline at end of file +date +%s > last_cert_reload.txt diff --git a/install.sh b/install.sh index 6e0b97f..66d8f91 100755 --- a/install.sh +++ b/install.sh @@ -19,7 +19,7 @@ sudo apt-get install -y dnsdist sudo apt install snapd -y sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot -sudo certbot certonly --manual --manual-auth-hook ./cert.py --preferred-challenges dns -d hnsdoh.com --deploy-hook ./cert.sh +sudo certbot certonly --manual --manual-auth-hook /root/hns_doh_loadbalancer/cert.py --preferred-challenges dns -d hnsdoh.com --deploy-hook /root/hns_doh_loadbalancer/cert.sh sudo cp ./resolved.conf /etc/systemd/resolved.conf sudo systemctl restart systemd-resolved @@ -68,4 +68,4 @@ npm install --omit=dev sudo cp ./hsd.service /lib/systemd/system/hsd.service sudo systemctl daemon-reload sudo systemctl enable hsd -sudo systemctl start hsd \ No newline at end of file +sudo systemctl start hsd