Skip to content
Snippets Groups Projects
Commit 0d4f96c1 authored by Mariano Cano's avatar Mariano Cano
Browse files

Update renew with force flag.

Clean old certificates in volumes on start.
parent f7154a9b
No related branches found
No related tags found
No related merge requests found
...@@ -5,7 +5,6 @@ binaries: ...@@ -5,7 +5,6 @@ binaries:
GOOS=linux go build -o renewer/step github.com/smallstep/cli/cmd/step GOOS=linux go build -o renewer/step github.com/smallstep/cli/cmd/step
build: build-nginx build-ca build-renewer build: build-nginx build-ca build-renewer
build-nginx: build-nginx:
docker build -t nginx-test:latest nginx docker build -t nginx-test:latest nginx
build-ca: build-ca:
...@@ -21,3 +20,6 @@ down: ...@@ -21,3 +20,6 @@ down:
inspect: inspect:
step certificate inspect https://localhost:4443 --insecure step certificate inspect https://localhost:4443 --insecure
.PHONY: all binaries up down inspect
.PHONY: build build-nginx build-ca build-renewer
# min hour day month weekday command # min hour day month weekday command
* * * * * rm -f /var/local/step/site-new.crt && step ca renew --out /var/local/step/site-new.crt /var/local/step/site.crt /var/local/step/site.key && mv /var/local/step/site-new.crt /var/local/step/site.crt * * * * * step ca renew --force /var/local/step/site.crt /var/local/step/site.key
...@@ -3,16 +3,16 @@ ...@@ -3,16 +3,16 @@
# Wait for CA # Wait for CA
sleep 5 sleep 5
if [ ! -f /var/local/step/root_ca.crt ]; then # Clean old certificates
rm -f /var/local/step/root_ca.crt
rm -f /var/local/step/site.crt /var/local/step/site.key
# Donwload the root certificate # Donwload the root certificate
step ca root /var/local/step/root_ca.crt step ca root /var/local/step/root_ca.crt
fi
if [ ! -f /var/local/step/site.crt ]; then
# Get token # Get token
STEP_TOKEN=$(step ca token $COMMON_NAME) STEP_TOKEN=$(step ca token $COMMON_NAME)
# Donwload the root certificate # Donwload the root certificate
step ca certificate --token $STEP_TOKEN $COMMON_NAME /var/local/step/site.crt /var/local/step/site.key step ca certificate --token $STEP_TOKEN $COMMON_NAME /var/local/step/site.crt /var/local/step/site.key
fi
exec "$@" exec "$@"
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment