We have a chicken/egg problem with new servers, our webserver cookbooks (nginx and uwsgi) don't actually start the servers until the end of the chef run to give chef time to install the code and get everything in place, etc.
This works great normally but doesn't work when Let's Encrypt expects a running server to create ssl certificates.
To get around this issue, we might try doing what standalone does, start a littlemini server, we could use a chef ruby script to run a server in the root:
And then run the Let's Encrypt command to create the certificates, and then kill the server.
How the http recipe would do it is first it would check if requests were being answered on port 80, if they weren't, then it would fire up the server, otherwise it would just use the currently running server.
Moving to here from PRIVATE_REPO_ISSUE#61 from Dec 2016 but I think this might be outdated now
We have a chicken/egg problem with new servers, our webserver cookbooks (nginx and uwsgi) don't actually start the servers until the end of the chef run to give chef time to install the code and get everything in place, etc.
This works great normally but doesn't work when Let's Encrypt expects a running server to create ssl certificates.
To get around this issue, we might try doing what standalone does, start a little mini server, we could use a chef ruby script to run a server in the
root:And then run the Let's Encrypt command to create the certificates, and then kill the server.
How the http recipe would do it is first it would check if requests were being answered on port 80, if they weren't, then it would fire up the server, otherwise it would just use the currently running server.
Moving to here from PRIVATE_REPO_ISSUE#61 from Dec 2016 but I think this might be outdated now