search

RITlug / infrastructure

This repository hosts all RITlug-related server configuration management.
Mozilla Public License 2.0
0 stars 0 forks source link

Set RITlug GitLab to autorenew Let's Encrypt cert #12

Closed Tjzabel closed 5 years ago

Tjzabel commented 5 years ago

Currently the hosted gitlab does not autorenew, and so we run into issues where the gitlab goes down.

We should add this as a cron job so we do not need to do this manually.

ct-martin commented 5 years ago

Need an account with shell & sudo access

Tjzabel commented 5 years ago

@ct-martin sure thing. I'll get to that this afternoon.

Tjzabel commented 5 years ago

This is blocked on me getting christian access.

jwflory commented 5 years ago

If it's helpful, I have a Bash script and crontab file to help automate LetsEncrypt renewal. See it all here.

Tjzabel commented 5 years ago

@jwflory thanks! We make make a similar architectural setup. I still just need to get @ct-martin access and we can work from there to figure out the best way to implement this.

GitLab needs to be shutdown before the autorenewal can be done, and then put back up, for instance.

ct-martin commented 5 years ago

I've used hooks before so I can take care of it. I won't be able to do this until after finals though

-- Christian Martin (Phone)

On Tue, Dec 11, 2018, 11:56 AM Tim Zabel <notifications@github.com wrote:

@jwflory https://github.com/jwflory thanks! We make make a similar architectural setup. I still just need to get @ct-martin https://github.com/ct-martin access and we can work from there to figure out the best way to implement this.

GitLab needs to be shutdown before the autorenewal can be done, and then put back up, for instance.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/RITlug/tasks/issues/91#issuecomment-446275401, or mute the thread https://github.com/notifications/unsubscribe-auth/AYJ2H3smVX6Vs7Vqm0kFiLBkQtmst62kks5u3-JxgaJpZM4Y4yly .

Tjzabel commented 5 years ago

@ct-martin you should now finally be able to ssh into the RITlug gitlab machine

ct-martin commented 5 years ago

@Tjzabel thanks, confirmed that I can access and changed password. When you fixed it, did you do a one-off renew or did you set up the auto-renew?

Tjzabel commented 5 years ago

@ct-martin for written reference, I did a one-off renew.

Tjzabel commented 5 years ago

From looking in cron, it seems git.ritlug.com is indeed renewing. Closing as fixed.