Merge "Add LetsEncrypt images for cert request/renewal"
This commit is contained in:
commit
cabfd43f49
29
docker/letsencrypt/Dockerfile.j2
Normal file
29
docker/letsencrypt/Dockerfile.j2
Normal file
@ -0,0 +1,29 @@
|
||||
FROM {{ namespace }}/{{ image_prefix }}openstack-base:{{ tag }}
|
||||
LABEL maintainer="{{ maintainer }}" name="{{ image_name }}"
|
||||
|
||||
{% block letsencrypt_header %}{% endblock %}
|
||||
|
||||
{% import "macros.j2" as macros with context %}
|
||||
|
||||
{# NOTE(jkirsch): EPEL required for lego #}
|
||||
{{ macros.enable_extra_repos(['epel']) }}
|
||||
|
||||
{% if base_package_type == 'rpm' %}
|
||||
{% set letsencrypt_packages = [
|
||||
'certbot',
|
||||
'cronie'
|
||||
] %}
|
||||
{% elif base_package_type == 'deb' %}
|
||||
{% set letsencrypt_packages = [
|
||||
'certbot',
|
||||
'cron'
|
||||
] %}
|
||||
{% endif %}
|
||||
{{ macros.install_packages(letsencrypt_packages | customizable("packages")) }}
|
||||
|
||||
|
||||
COPY extend_start.sh /usr/local/bin/kolla_extend_start
|
||||
RUN chmod 755 /usr/local/bin/kolla_extend_start
|
||||
|
||||
{% block letsencrypt_footer %}{% endblock %}
|
||||
{% block footer %}{% endblock %}
|
10
docker/letsencrypt/extend_start.sh
Normal file
10
docker/letsencrypt/extend_start.sh
Normal file
@ -0,0 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [[ ! -d "/var/log/kolla/letsencrypt" ]]; then
|
||||
mkdir -p /var/log/kolla/letsencrypt
|
||||
fi
|
||||
if [[ $(stat -c %a /var/log/kolla/letsencrypt) != "755" ]]; then
|
||||
chmod 755 /var/log/kolla/letsencrypt
|
||||
fi
|
||||
|
||||
. /usr/local/bin/kolla_httpd_setup
|
@ -58,6 +58,7 @@ _PROFILE_OPTS = [
|
||||
'keepalived',
|
||||
'kibana',
|
||||
'kolla-toolbox',
|
||||
'letsencrypt',
|
||||
'logstash',
|
||||
'mariadb',
|
||||
'memcached',
|
||||
@ -946,6 +947,10 @@ USERS = {
|
||||
'proxysql-user': {
|
||||
'uid': 42487,
|
||||
'gid': 42487,
|
||||
},
|
||||
'letsencrypt-user': {
|
||||
'uid': 42488,
|
||||
'gid': 42488,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -0,0 +1,4 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
Adds containers for integration with Let's Encrypt.
|
Loading…
Reference in New Issue
Block a user