Skip to content

Commit

Permalink
Fix certificate update by changing runner where it works (#2638)
Browse files Browse the repository at this point in the history 
* Fix certificate update by changing runner where it works

* Adding ability to run from PR for testing purposes

* Update workflows with FIREBASE_CONFIG var

* Remove additional domain brainup.fun

---------

Co-authored-by: Elena Moshnikova <15213856+ElenaSpb@users.noreply.github.com>
  • Loading branch information
@DmitriyStoyanov @ElenaSpb
DmitriyStoyanov and ElenaSpb authored Nov 14, 2024
1 parent 89b2d37 commit 1d9cee6
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 8 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/certbot-update-cert.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Update TLS certificates for vscale
name: Update TLS certificates for selectel

on:
workflow_dispatch:
Expand All @@ -7,26 +7,26 @@ on:

jobs:
update_certs:
runs-on: vscale
runs-on: selectel
steps:
- uses: actions/checkout@v4
- name: Configure secrets
run: |
echo "$S3_KEY"|base64 -d > aws-key.properties
echo "$FIREBASE_CONFIG"|base64 -d > firebase_config.json
mv docker-compose-run.yml docker-compose.yml
sed -i -e "s/_YANDEX_AUTH_TOKEN_/\\$YANDEX_AUTH_TOKEN/" docker-compose.yml
sed -i -e "s/_YANDEX_FOLDER_ID_/\\$YANDEX_FOLDER_ID/" docker-compose.yml
sed -i -e "s/_POSTGRES_PASSWORD_/\\$POSTGRES_PASSWORD/" docker-compose.yml
sed -i -e "s/_API_GITHUB_TOKEN_/\\$API_GITHUB_TOKEN/" docker-compose.yml
env:
S3_KEY: ${{ secrets.S3_KEY }}
FIREBASE_CONFIG: ${{ secrets.FIREBASE_CONFIG }}
YANDEX_AUTH_TOKEN: ${{ secrets.YANDEX_AUTH_TOKEN }}
YANDEX_FOLDER_ID: ${{ secrets.YANDEX_FOLDER_ID }}
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
API_GITHUB_TOKEN: ${{ secrets.API_GITHUB_TOKEN }}
- name: Update certs
run: |
docker compose pull
docker compose run --rm certbot renew --allow-subset-of-names
docker compose restart brn_fe_with_tls
docker image prune -af
6 changes: 4 additions & 2 deletions .github/workflows/create_cert.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,25 @@ on: [workflow_dispatch]

jobs:
update_certs:
runs-on: vscale
runs-on: selectel
steps:
- uses: actions/checkout@v4
- name: Configure secrets
run: |
echo "$S3_KEY"|base64 -d > aws-key.properties
echo "$FIREBASE_CONFIG"|base64 -d > firebase_config.json
mv docker-compose-run.yml docker-compose.yml
sed -i -e "s/_YANDEX_AUTH_TOKEN_/\\$YANDEX_AUTH_TOKEN/" docker-compose.yml
sed -i -e "s/_YANDEX_FOLDER_ID_/\\$YANDEX_FOLDER_ID/" docker-compose.yml
sed -i -e "s/_POSTGRES_PASSWORD_/\\$POSTGRES_PASSWORD/" docker-compose.yml
sed -i -e "s/_API_GITHUB_TOKEN_/\\$API_GITHUB_TOKEN/" docker-compose.yml
env:
S3_KEY: ${{ secrets.S3_KEY }}
FIREBASE_CONFIG: ${{ secrets.FIREBASE_CONFIG }}
YANDEX_AUTH_TOKEN: ${{ secrets.YANDEX_AUTH_TOKEN }}
YANDEX_FOLDER_ID: ${{ secrets.YANDEX_FOLDER_ID }}
POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
API_GITHUB_TOKEN: ${{ secrets.API_GITHUB_TOKEN }}
- name: Create cert
run: |
docker compose run --rm certbot certonly --webroot --webroot-path=/var/www/html --email brainupproject@yandex.ru -d brainup.fun
docker compose run --rm certbot certonly --webroot --webroot-path=/var/www/html --email brainupproject@yandex.ru
2 changes: 1 addition & 1 deletion .github/workflows/instances-redeploy.yml_tmp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
runs-on: ${{ matrix.runners }}
strategy:
matrix:
runners: [ epam, vscale ]
runners: [ selectel ]
steps:
- uses: actions/checkout@v4
- name: Configure secrets
Expand Down
2 changes: 1 addition & 1 deletion docker-compose-run.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ services:
- web-root-for-certbot:/var/www/html
depends_on:
- brn_fe_with_tls
command: certonly --webroot --webroot-path=/var/www/html --email brainupspbproject@gmail.com --agree-tos --no-eff-email --force-renewal -d brainup.fun
command: certonly --webroot --webroot-path=/var/www/html --email brainupspbproject@gmail.com --agree-tos --no-eff-email
secrets:
aws-key:
file: aws-key.properties
Expand Down

0 comments on commit 1d9cee6

Please sign in to comment.