From 891c7dc3cd11bd3e8a11ed19672bb057787d36c2 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 21 Mar 2021 15:55:10 +0100
Subject: add mumble to glt-coturn

---
 roles/apps/mumble/templates/acmetool-reload.sh.j2 | 31 +++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 roles/apps/mumble/templates/acmetool-reload.sh.j2

(limited to 'roles/apps/mumble/templates/acmetool-reload.sh.j2')

diff --git a/roles/apps/mumble/templates/acmetool-reload.sh.j2 b/roles/apps/mumble/templates/acmetool-reload.sh.j2
new file mode 100644
index 00000000..e3b8dbb7
--- /dev/null
+++ b/roles/apps/mumble/templates/acmetool-reload.sh.j2
@@ -0,0 +1,31 @@
+#!/bin/sh
+set -e
+EVENT_NAME="$1"
+[ "$EVENT_NAME" = "live-updated" ] || exit 42
+
+MAIN_HOSTNAME="{{ mumble_hostnames[0] }}"
+SSL_D="{{ mumble_base_path }}/{{ mumble_instance }}/config/ssl"
+
+while read name; do
+  certdir="$ACME_STATE_DIR/live/$name"
+  if [ -z "$name" -o ! -e "$certdir" ]; then
+    continue
+  fi
+  if [ "$name" != "$MAIN_HOSTNAME" ]; then
+    continue
+  fi
+
+  install -m 0644 -o root -g mumble "$certdir/fullchain" "$SSL_D/cert.pem"
+  install -m 0640 -o root -g mumble "$certdir/privkey" "$SSL_D/privkey.pem"
+
+{% if kubernetes_cri_socket %}
+  export CONTAINER_RUNTIME_ENDPOINT="{{ kubernetes_cri_socket }}"
+{% endif %}
+  pod_id=$(crictl pods -q --state ready --name "^mumble-{{ mumble_instance }}-{{ ansible_nodename }}$")
+  [ -n "$pod_id" ] || exit 42
+  container_id=$(crictl ps -q --name '^mumble$' -p "$pod_id")
+  [ -n "$container_id" ] || exit 42
+  crictl exec "$container_id" kill -USR1 1
+
+  break
+done
-- 
cgit v1.2.3