MrMeeb/certbot-cron-docker
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 7 Wiki Activity

Compare commits

base: MrMeeb:5bda2c108106348a8065eb4ea8c3d60382463754
Branches Tags
MrMeeb:master
MrMeeb:fix/build-failure
MrMeeb:1.3.0
MrMeeb:1.2.1
MrMeeb:1.2.0
MrMeeb:1.1.2
MrMeeb:1.1.1
MrMeeb:1.1.0
MrMeeb:1.0.0
..
compare: MrMeeb:2452650b38fd697c05b5a61a7779ee55e3f235af
Branches Tags
MrMeeb:master
MrMeeb:fix/build-failure
MrMeeb:1.3.0
MrMeeb:1.2.1
MrMeeb:1.2.0
MrMeeb:1.1.2
MrMeeb:1.1.1
MrMeeb:1.1.0
MrMeeb:1.0.0

5 Commits
5bda2c1081 ... 2452650b38

Author SHA1 Message Date
MrMeeb
2452650b38 Correct detection of missing APPRISE_URL
All checks were successful
Test Pull Request / Build Image (pull_request) Successful in 6m8s
Details
Test Pull Request / Notify (pull_request) Successful in 3s
Details
2024-05-30 20:58:57 +00:00
MrMeeb
8c4314e311 Move renewal function to its own file 2024-05-30 20:58:57 +00:00
MrMeeb
c16a19d965 Add new env vars to readme 2024-05-30 20:58:57 +00:00
MrMeeb
ff11414fa0 Add support for alerting on success or failure of renewal 
Installs apprise and allows config of alerting for successful or failed renewals. Currently only supports renewals, not inital issuing. Not necessarily a problem as I'd hope you'd be watching the logs on first run.
I don't love how I create /config/.renew-list.sh. I should readdress this somehow
 2024-05-30 20:58:57 +00:00
MrMeeb
1dce5880f3 Move to Feature Branch Workflow [skip ci] (#23) 
Change branch method for [Feature Branch](https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow) workflow. Gitflow workflow is overkill for my needs.

Reviewed-on: #23
Co-authored-by: MrMeeb <charles.macdonald@me.com>
Co-committed-by: MrMeeb <charles.macdonald@me.com>
 2024-05-30 20:55:47 +00:00
2 changed files with 3 additions and 92 deletions
Show Stats Expand all files Collapse all files

88
.gitea/workflows/build-develop.yaml
View File

@ -1,88 +0,0 @@
name: Build Image
on:
push:
branches:
- 'develop'
env:
TEST_TAG: mrmeeb/certbot-cron:test
FULL_TAG: git.mrmeeb.stream/mrmeeb/certbot-cron:develop
jobs:
"Validate Image":
runs-on: [ubuntu-docker-latest, linux/amd64]
steps:
- name: Build locally
uses: docker/build-push-action@v5
with:
load: true
tags: ${{ env.TEST_TAG }}
provenance: false
- name: Test certificate issuing
id: test
run: |
# First create a volume
docker volume create ${{ gitea.sha }} && \
# Then issue a certificate
docker run --rm -v ${{ gitea.sha }}:/config -e STAGING=true -e EMAIL=${{ secrets.EMAIL }} -e DOMAINS=${{ gitea.sha }}.mrmeeb.stream -e PLUGIN=cloudflare -e CLOUDFLARE_TOKEN=${{ secrets.CLOUDFLARE_TOKEN }} -e ONE_SHOT=true -e GENERATE_DHPARAM=false ${{ env.TEST_TAG }} && \
# Then revoke it again
docker run --rm --entrypoint "/usr/bin/certbot" -v ${{ gitea.sha }}:/config ${{ env.TEST_TAG }} revoke --non-interactive --agree-tos --email ${{ secrets.EMAIL }} --staging --config-dir /config/letsencrypt --work-dir /config/.tmp --logs-dir /config/logs --cert-path /config/letsencrypt/live/${{ gitea.sha }}.mrmeeb.stream/fullchain.pem
- name: Tidy up
if: always()
run: |
echo "Removing docker volume ${{ gitea.sha }}" && \
docker volume rm ${{ gitea.sha }}
- name: Test Failure
uses: rjstone/discord-webhook-notify@v1
if: failure()
with:
severity: error
details: Test Failed!
webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
username: Gitea
avatarUrl: ${{ vars.RUNNER_ICON_URL }}
"Publish Image":
runs-on: [ubuntu-docker-latest, linux/amd64]
needs: ["Validate Image"]
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Gitea Container Registry
uses: docker/login-action@v3
with:
registry: git.mrmeeb.stream
username: ${{ env.GITHUB_ACTOR }}
password: ${{ secrets.GTCR_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v5
with:
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ env.FULL_TAG }}
provenance: false
- name: Build Failure
uses: rjstone/discord-webhook-notify@v1
if: failure()
with:
severity: error
details: Build Failed!
webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
username: Gitea
avatarUrl: ${{ vars.RUNNER_ICON_URL }}
"Notify":
runs-on: [ubuntu-docker-latest, linux/amd64]
needs: ["Validate Image", "Publish Image"]
steps:
- name: Notify of success
uses: rjstone/discord-webhook-notify@v1
if: success()
with:
severity: info
details: Build succeeded!
webhookUrl: ${{ secrets.DISCORD_WEBHOOK }}
username: Gitea
avatarUrl: ${{ vars.RUNNER_ICON_URL }}

7
README.md
View File

@ -4,10 +4,9 @@ Dockerised Certbot that utilises cron to schedule creating and renewing SSL cert
## Tags ## Tags
|Tag |Description| I use the [Feature Branch](https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow) workflow. The `latest` tag contains all of the latest changes that have been merged from individual feature branches. Feature branches are squashed into `master`.
|-------|-----------|
|latest |Latest image built from the main branch. Usually coincides with a tagged release.| Pinned releases are created by creating a tag off `master` to capture the repo in a particular state. They are recommended for stability.
|develop|Latest image built from the develop branch. Commits are made to the develop branch before being merged to main. Old versions of `develop` are removed after 14 days.|
## Running ## Running