[DRE-commits] [gitlab] 01/02: stop nginx and retrieve letsencrypt cert

Praveen Arimbrathodiyil praveen at moszumanska.debian.org
Wed Feb 10 20:09:25 UTC 2016 

This is an automated email from the git hooks/post-receive script.

praveen pushed a commit to branch master
in repository gitlab.

commit b42334ad9696086fdeef6e20e6e5d8027ff22c3d
Author: Praveen Arimbrathodiyil <praveen at debian.org>
Date:   Thu Feb 11 01:37:00 2016 +0530

    stop nginx and retrieve letsencrypt cert
---
 debian/gitlab.templates | 8 +++++---
 debian/postinst         | 5 +++++
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/debian/gitlab.templates b/debian/gitlab.templates
index 8853d36..afeae7f 100644
--- a/debian/gitlab.templates
+++ b/debian/gitlab.templates
@@ -25,7 +25,8 @@ _Description: Enable https?
  (startssl.com) or WoSign (buy.wosign.com/free) offer free SSL certificates.
  .
  letsencrypt package may be used to automate interaction with Let’s Encrypt to
- obtain a certificate.
+ obtain a certificate. Nginx must be reloaded after the certificate and key
+ files are made available at /etc/gitlab/ssl.
 
 Template: gitlab/letsencrypt
 Type: boolean
@@ -38,5 +39,6 @@ _Description: Use Let's Encrypt?
  Otherwise, certificate and key files have to be placed manually to
  /etc/gitlab/ssl directory as 'gitlab.crt' and 'gitlab.key'.
  .
- Nginx must be reloaded after the certificate and key files are made available
- at /etc/gitlab/ssl.
+ Nginx will be stopped, if this option is selected, to allow letsencrypt to use
+ ports 80 and 443 during domain ownership validation and certificate retrieval
+ step.
diff --git a/debian/postinst b/debian/postinst
index 979e7df..e05fff7 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -86,6 +86,9 @@ case "$1" in
           /etc/gitlab/ssl/gitlab.crt
           ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/privkey.pem \
           /etc/gitlab/ssl/gitlab.key
+	  # Port 80 and 443 should be available for letsencrypt
+	  invoke-rc.d nginx stop
+	  letsencrypt -d ${GITLAB_HOST} certonly
         fi
       fi
 
@@ -98,6 +101,8 @@ case "$1" in
         echo "nginx example configuration file not found"
         exit 1
       fi
+      # Start nginx
+      invoke-rc.d nginx start
     else
       echo "Failed to retrieve fully qualified domain name"
       exit 1

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/gitlab.git

More information about the Pkg-ruby-extras-commits mailing list