backup and recover code add in letsencrypt.sh, compose file update

Author: bluebamus

compose/web_service/nginx_gunicorn/docker-compose.yml

@@ -7,16 +7,16 @@ services:
     volumes:
         - ../../../www:/www
         - ../../../script/:/script/
-        - ../../../bin/certbot-auto:/usr/local/bin/certbot-auto
         - ../../../config/web-server/nginx/gunicorn/sites-available/:/etc/nginx/sites-available/
         - ../../../config/web-server/nginx/gunicorn/nginx_conf/nginx.conf:/etc/nginx/nginx.conf
         - ../../../config/web-server/nginx/gunicorn/fastcgi/fastcgi_params:/etc/nginx/fastcgi_params
-        - ../../../ssl/letsencrypt/:/etc/letsencrypt/
-        - ../../../ssl/ssl/:/etc/ssl/
+        - ../../../ssl/:/ssl/
         - ../../../log:/log
     ports:
         - "80:80"
         - "443:443"
+    environment:
+        TZ: "Asia/Seoul"
     restart: always
 
   uwsgi-app:
@@ -28,5 +28,7 @@ services:
         - ../../../log:/log        
     command:
         - /tmp/run.sh    
+    environment:
+        TZ: "Asia/Seoul"
     restart: always
 

compose/web_service/nginx_php/docker-compose.yml

@@ -7,16 +7,16 @@ services:
     volumes:
         - ../../../www:/www
         - ../../../script/:/script/
-        - ../../../bin/certbot-auto:/usr/local/bin/certbot-auto
         - ../../../config/web-server/nginx/php/sites-available/:/etc/nginx/sites-available/
         - ../../../config/web-server/nginx/php/nginx_conf/nginx.conf:/etc/nginx/nginx.conf
         - ../../../config/web-server/nginx/php/fastcgi/fastcgi_params:/etc/nginx/fastcgi_params
-        - ../../../ssl/letsencrypt/:/etc/letsencrypt/
-        - ../../../ssl/ssl/:/etc/ssl/
+        - ../../../ssl/:/ssl/
         - ../../../log:/log
     ports:
         - "80:80"
         - "443:443"
+    environment:
+        TZ: "Asia/Seoul"
     restart: always
 
 
@@ -29,4 +29,6 @@ services:
         - ../../../config/app-server/php/pool.d/:/etc/php/7.3/fpm/pool.d
         - ../../../config/app-server/php/php_ini/php.ini:/etc/php/7.3/fpm/php.ini
         - ../../../log:/log
+    environment:
+        TZ: "Asia/Seoul"
     restart: always

compose/web_service/nginx_uwsgi/docker-compose.yml

@@ -7,16 +7,16 @@ services:
     volumes:
         - ../../../www:/www
         - ../../../script/:/script/
-        - ../../../bin/certbot-auto:/usr/local/bin/certbot-auto
         - ../../../config/web-server/nginx/uwsgi/sites-available/:/etc/nginx/sites-available/
         - ../../../config/web-server/nginx/uwsgi/nginx_conf/nginx.conf:/etc/nginx/nginx.conf
         - ../../../config/web-server/nginx/uwsgi/uwsgi_params/uwsgi_params:/etc/nginx/uwsgi_params
-        - ../../../ssl/letsencrypt/:/etc/letsencrypt/
-        - ../../../ssl/ssl/:/etc/ssl/
+        - ../../../ssl/:/ssl/
         - ../../../log:/log
     ports:
         - "80:80"
         - "443:443"
+    environment:
+        TZ: "Asia/Seoul"
     restart: always
 
 
@@ -30,4 +30,6 @@ services:
         - ../../../log:/log
     command:
         - /tmp/run.sh
+    environment:
+        TZ: "Asia/Seoul"
     restart: always

config/web-server/nginx/uwsgi/nginx_conf.sh

@@ -9,7 +9,7 @@ service_port=$5
 sed 's/account/'$account'/' sample_nginx.conf > $account'1'.temp
 sed 's/domain/'$domain'/g' $account'1'.temp > $account'2'.temp
 sed 's/portnumber;/'$portnumber';/' $account'2'.temp > $account'3'.temp
-sed 's/appname;/'$appname';/' $account'3'.temp > $account'4'.temp
+sed 's/appname/'$appname'/' $account'3'.temp > $account'4'.temp
 sed 's/service_port/'$service_port'/' $account'4'.temp > ./sites-available/$account'_ng'.conf 
 
 rm *.temp

script/letsencrypt.sh

@@ -2,14 +2,30 @@
 
 apt-get update  &&  apt-get install -y sendmail wget vim cron
 
-wget https://dl.eff.org/certbot-auto \
-    && mv certbot-auto /usr/local/bin/certbot-auto \
-    && chown root /usr/local/bin/certbot-auto \
-    && chmod 0755 /usr/local/bin/certbot-auto \
-    && certbot-auto --version -n
+wget --no-check-certificate https://dl.eff.org/certbot-auto \
+ && mv certbot-auto /usr/local/bin/certbot-auto \
+ && chown root /usr/local/bin/certbot-auto \
+ && chmod 0755 /usr/local/bin/certbot-auto \
+ && certbot-auto --version -n
 
-if ! test -d /etc/letsencrypt/live/<domain>; then certbot-auto -n certonly -n --webroot -w /www/<web root folder>/ -d <domain> --agree-tos -m <mail address>; fi
+#if ! test -d /etc/letsencrypt/live/cococok.com ; 
+if ! test -d /ssl/letsencrypt/live/cococok.com ; then 
+    echo "try to get authentication key using certbot-auto "
+    certbot-auto -n certonly -n --webroot -w /www/cococok/ -d cococok.com --agree-tos -m bluebamus@naver.com; 
+    cp /etc/letsencrypt/ /ssl/letsencrypt/ -rf 
+else
+    echo "copy letsencrypt folder by already maden"
+    cp /ssl/letsencrypt/ /etc/letsencrypt/ -rf
+fi
 
-if ! test -f /etc/ssl/certs/dhparam.pem; then openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096; fi
+#if ! test -f /etc/ssl/certs/dhparam.pem ; 
+if test -f /ssl/ssl/certs/dhparam.pem ; then 
+    echo "try to get ssl key using openssl "
+    openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096; 
+    cp /etc/ssl/certs/dhparam.pem /ssl/certs/dhparam.pem -rf
+else
+    echo "copy ssl folder by already maden"
+    cp /ssl/certs/dhparam.pem /etc/ssl/certs/dhparam.pem -rf
+fi
 
 cat <(crontab -l) <(echo "0 5 * * 1 certbot-auto renew --quiet --renew-hook "/etc/init.d/nginx reload"") | crontab -