diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-04-20 00:45:05 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-04-20 00:45:05 +0200 |
commit | 2a8449ea7accaec58b97699ae96fa1d49f27aa59 (patch) | |
tree | af3a4e133909d318014119f8e9231c4480cdc76f /roles/apps/coturn/templates/acmetool-reload.sh.j2 | |
parent | update acmetool for sk-cloudia (diff) |
finalize acme-reload script for coturn
Diffstat (limited to 'roles/apps/coturn/templates/acmetool-reload.sh.j2')
-rw-r--r-- | roles/apps/coturn/templates/acmetool-reload.sh.j2 | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/roles/apps/coturn/templates/acmetool-reload.sh.j2 b/roles/apps/coturn/templates/acmetool-reload.sh.j2 index 70e0b686..1eff1ad3 100644 --- a/roles/apps/coturn/templates/acmetool-reload.sh.j2 +++ b/roles/apps/coturn/templates/acmetool-reload.sh.j2 @@ -5,8 +5,6 @@ EVENT_NAME="$1" MAIN_HOSTNAME="{{ coturn_hostnames[0] }}" SSL_D="{{ coturn_base_path }}/{{ coturn_realm }}/config/ssl" -USER="coturn" -GROUP="coturn" while read name; do certdir="$ACME_STATE_DIR/live/$name" @@ -17,10 +15,17 @@ while read name; do continue fi - cp "$certdir/fullchain" "$SSL_D/cert.pem" - cp "$certdir/privkey" "$SSL_D/privkey.pem" - chown "$USER:$GROUP" "$SSL_D/cert.pem" "$SSL_D/privkey.pem" - break + install -m 0644 -o root -g coturn "$certdir/fullchain" "$SSL_D/cert.pem" + install -m 0640 -o root -g coturn "$certdir/privkey" "$SSL_D/privkey.pem" + +{% if kubernetes_cri_socket is defined %} + export CONTAINER_RUNTIME_ENDPOINT="{{ kubernetes_cri_socket }}" +{% endif %} + pod_id=$(crictl pods -q --state ready --name "^coturn-{{ coturn_realm }}-{{ ansible_nodename }}$") + [ -n "$pod_id" ] || exit 42 + container_id=$(crictl ps -q --name '^coturn$' -p "$pod_id") + [ -n "$container_id" ] || exit 42 + crictl stop "$container_id" - ## TODO: trigger restart of coturn!!! + break done |