Solved cert bugs

2025-08-29 15:06:26 +02:00 · 2025-01-21 18:18:18 +01:00
parent 3f0f666d25
commit b9c51d29ae
9 changed files with 40 additions and 19 deletions
--- a/roles/nginx-docker-cert-deploy/files/nginx-docker-cert-deploy.sh
+++ b/roles/nginx-docker-cert-deploy/files/nginx-docker-cert-deploy.sh
@@ -11,14 +11,35 @@ domain="$1"
 docker_compose_instance_directory="$2"

 # Copy certificates
-cp "/etc/letsencrypt/live/$domain/privkey.pem" "$docker_compose_instance_directory/certs/key.pem" || exit 1
-cp "/etc/letsencrypt/live/$domain/fullchain.pem" $docker_compose_instance_directory/certs/cert.pem || exit 1
+cp -Rv "/etc/letsencrypt/live/$domain/"* "$docker_compose_instance_directory/certs" || exit 1
+
+# Flag to track if any Nginx reload was successful
+nginx_reload_successful=false

 # Reload Nginx in all containers within the Docker Compose setup
 cd "$docker_compose_instance_directory" || exit 1
-docker compose ps --services | while read -r service; do
-    docker compose exec "$service" nginx -s reload && exit 0
+
+# Iterate over all services
+for service in $(docker compose ps --services); do
+    echo "Checking service: $service"
+    # Check if Nginx exists in the container
+    if docker compose exec -T "$service" which nginx > /dev/null 2>&1; then
+        echo "Reloading Nginx for service: $service"
+        if docker compose exec -T "$service" nginx -s reload; then
+            nginx_reload_successful=true
+            echo "Successfully reloaded Nginx for service: $service"
+        else
+            echo "Failed to reload Nginx for service: $service" >&2
+        fi
+    else
+        echo "Nginx not found in service: $service, skipping."
+    fi
 done

-# Restart all docker containers if no nginx reload is possible
-docker compose restart || exit 1
+# Restart all containers if no Nginx reload was successful
+if [ "$nginx_reload_successful" = false ]; then
+    echo "No Nginx reload was successful. Restarting all Docker containers."
+    docker compose restart || exit 1
+else
+    echo "At least one Nginx reload was successful. No restart needed."
+fi
--- a/roles/nginx-docker-cert-deploy/handlers/main.yml
+++ b/roles/nginx-docker-cert-deploy/handlers/main.yml
@@ -1,7 +1,7 @@
 ---
 - name: "restart nginx-docker-cert-deploy.cymais.service"
  systemd:
-    name:           nginx-docker-cert-deploy.{{domain}}.cymais.service
+    name:           nginx-docker-cert-deploy.{{docker_compose_project_name}}.cymais.service
    state:          restarted
    enabled:        yes
    daemon_reload:  yes
--- a/roles/nginx-docker-cert-deploy/vars/main.yml
+++ b/roles/nginx-docker-cert-deploy/vars/main.yml
@@ -1,2 +1 @@
-cert_mount_directory:             "{{docker_compose_instance_directory}}/certs/"
 nginx_docker_cert_deploy_script:  "{{path_administrator_scripts}}nginx-docker-cert-deploy.sh"