feat(roles/lego): Add support for LEGO_HTTP_PORT_FALLBACK #5

Manually merged
jadyn merged 1 commits from jadyn/finallycoffee.base:main into main 2024-08-20 16:01:49 +00:00
Member

ref #4

ref #4
jadyn added 1 commit 2024-08-01 18:11:16 +00:00
transcaffeine requested changes 2024-08-01 19:29:33 +00:00
transcaffeine left a comment
Owner

Commit message scope should not include roles/, should be feat(lego): [...].

Needs some mention/example in lego's README.md

Commit message scope should not include `roles/`, should be `feat(lego): [...]`. Needs some mention/example in [lego's README.md](roles/lego/README.md)
@ -3,8 +3,16 @@
LEGO_BINARY=$(/usr/bin/env which lego)
FILES_IN_DIR=$(find "$LEGO_CERT_STORE_PATH/certificates" | wc -l)

Move L5 directly to before its corresponding if-statement

Move L5 directly to before its corresponding if-statement
jadyn marked this conversation as resolved
@ -7,3 +6,1 @@
$LEGO_BINARY $LEGO_COMMAND_ARGS renew --days=$LEGO_CERT_DAYS_TO_RENEW
else
$LEGO_BINARY $LEGO_COMMAND_ARGS run
if [[ -n "$LEGO_HTTP_FALLBACK_PORT" ]]; then

Where is $LEGO_HTTP_FALLBACK_PORT coming from? possibly missing documentation...

Where is $LEGO_HTTP_FALLBACK_PORT coming from? possibly missing documentation...
@ -8,2 +6,2 @@
else
$LEGO_BINARY $LEGO_COMMAND_ARGS run
if [[ -n "$LEGO_HTTP_FALLBACK_PORT" ]]; then
nc -z 127.0.0.1 $LEGO_HTTP_PORT;

specify -w to avoid waiting for up to 30s. Also consider lego binds to 0.0.0.0, and a webserver might be bound only to an external IP (which would be not detected properly)

specify `-w` to avoid waiting for up to 30s. Also consider lego binds to `0.0.0.0`, and a webserver might be bound only to an external IP (which would be not detected properly)
Author
Member

As the debian/stable version doesn't support IPv6 (yet?) and other options utilizing pre-installed tools require root access, this could be fixed by using a more complex approach or installing additional software. Otherwise I'd suggest looping over all configured (external IPs) using $(hostname --all-ip-addresses).

As the debian/stable version doesn't support IPv6 (yet?) and other options utilizing pre-installed tools require root access, this could be fixed by using a more complex approach or installing additional software. Otherwise I'd suggest looping over all configured (external IPs) using `$(hostname --all-ip-addresses)`.
@ -10,1 +10,4 @@
fi
fi
LEGO_COMMAND_ARGS_EXPANDED=$(bash -c "echo $LEGO_COMMAND_ARGS") # This is a bit icky but
echo $LEGO_COMMAND_ARGS_EXPANDED

Remove debug statement

Remove debug statement
jadyn marked this conversation as resolved
jadyn force-pushed main from d08993d358 to 96f5da9bf6 2024-08-04 13:14:35 +00:00 Compare
jadyn manually merged commit 96f5da9bf6 into main 2024-08-20 16:01:49 +00:00
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: finallycoffee/base#5
No description provided.