From 7c85705510160e6a86e96402dcce0198c1bef7ec Mon Sep 17 00:00:00 2001 From: Amin Vakil Date: Thu, 2 Jun 2022 21:06:32 +0430 Subject: [PATCH] Fix init letsencrypt (#14) * Fix openssl temp key generation 1024 fails with `routines:SSL_CTX_use_certificate:ee key too small` * Rename scalelite-nginx to scalelite-proxy This has been changed in https://github.com/jfederico/scalelite-run/commit/bc94d6 * Fix domains variable in init-letsencrypt.sh nginx looks for $URL_HOST and will break if the folder does not exist --- init-letsencrypt.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/init-letsencrypt.sh b/init-letsencrypt.sh index d796b61..d526610 100755 --- a/init-letsencrypt.sh +++ b/init-letsencrypt.sh @@ -13,7 +13,7 @@ fi URL_HOST=$(grep URL_HOST .env | cut -d '=' -f2) echo $URL_HOST -domains=($URL_HOST,redis.$URL_HOST) +domains=($URL_HOST) rsa_key_size=4096 data_path="./data/certbot" email="$LETSENCRYPT_EMAIL" # Adding a valid address is strongly recommended @@ -39,15 +39,15 @@ echo "### Creating dummy certificate for $domains ..." path="/etc/letsencrypt/live/$domains" mkdir -p "$data_path/conf/live/$domains" docker-compose run --rm --entrypoint "\ - openssl req -x509 -nodes -newkey rsa:1024 -days 1\ + openssl req -x509 -nodes -newkey rsa:2048 -days 1\ -keyout '$path/privkey.pem' \ -out '$path/fullchain.pem' \ -subj '/CN=localhost'" certbot echo -echo "### Starting scalelite-nginx ..." -docker-compose up --force-recreate -d scalelite-nginx +echo "### Starting scalelite-proxy ..." +docker-compose up --force-recreate -d scalelite-proxy echo echo "### Deleting dummy certificate for $domains ..." @@ -85,5 +85,5 @@ docker-compose run --rm --entrypoint "\ --force-renewal" certbot echo -echo "### Reloading scalelite-nginx ..." -docker-compose exec scalelite-nginx nginx -s reload +echo "### Reloading scalelite-proxy ..." +docker-compose exec scalelite-proxy nginx -s reload