Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Renew LetsEncrypt certificates #641

Merged
merged 15 commits into from
Mar 22, 2023
Merged

Renew LetsEncrypt certificates #641

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
e26d64c
gateway/certs: added API for custom domains...
iulianbarbu Mar 1, 2023
514f456
review-feedback: adjust shuttle admin args...
iulianbarbu Mar 3, 2023
cf948a3
review-feedback: refactored credentials sharing
iulianbarbu Mar 3, 2023
f494f71
shuttle-dev*/Containerfile: copy pem files as well
iulianbarbu Mar 15, 2023
7cf7430
auth/admin: authorize renew certs APIs
iulianbarbu Mar 15, 2023
68b0126
gateway: fixed x509 certificates parsing
iulianbarbu Mar 15, 2023
a39420a
admin/docs: added notes for Pebble setup...
iulianbarbu Mar 16, 2023
56a2632
gateway/acme: bumped instant-acme version
iulianbarbu Mar 16, 2023
4e45ff9
Containerfile: arch agnostic protoc setup
iulianbarbu Mar 21, 2023
ad21636
admin: fix gateway string responses
iulianbarbu Mar 21, 2023
15482cb
Makefile: keep *.pem files for dev images
iulianbarbu Mar 21, 2023
17c51e3
gateway: simplify certificate polling duration
iulianbarbu Mar 21, 2023
3aeb06e
Makefile: remove comment
iulianbarbu Mar 21, 2023
b177ac1
gateway: revert the type coercion for Arc::clone
iulianbarbu Mar 21, 2023
b2f6e60
Containerfile: added comment to explain the addition...
iulianbarbu Mar 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Makefile: keep *.pem files for dev images
  • Loading branch information
@iulianbarbu
iulianbarbu committed Mar 21, 2023
commit 15482cbbc929156078d60ce609ab4691d20d8704
3 changes: 2 additions & 1 deletion Containerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ WORKDIR /build
FROM shuttle-build as cache
WORKDIR /src
COPY . .
RUN find ${SRC_CRATES} \( -name "*.proto" -or -name "*.rs" -or -name "*.toml" -or -name "Cargo.lock" -or -name "README.md" -or -name "*.sql" -or -name "*.pem" \) -type f -exec install -D \{\} /build/\{\} \;
RUN find ${SRC_CRATES} \( -name "*.proto" -or -name "*.rs" -or -name "*.toml" -or -name "Cargo.lock" -or -name "README.md" -or -name "*.sql" \) -type f -exec install -D \{\} /build/\{\} \;
RUN [ "$CARGO_PROFILE" != "release" ] && find ${SRC_CRATES} -name "*.pem" -type f -exec install -D \{\} /build/\{\} \;
iulianbarbu marked this conversation as resolved.
Show resolved Hide resolved

FROM shuttle-build AS planner
COPY --from=cache /build .
Expand Down
7 changes: 6 additions & 1 deletion admin/README.md
View file
Open in desktop
iulianbarbu marked this conversation as resolved.
Show resolved Hide resolved
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,11 @@ setting the `SSL_CERT_FILE` environment variable. If you deploy the `gateway` th
need to export the `SSL_CERT_FILE` environmanet variable through the `docker-compose.yml` file, for the `gateway`
service.

**Note**: Building the containers locally will carry over to the images any "*.pem" files from the shuttle root
directory, given they are needed to enable the `SSL_CERT_FILE` on the gateway. You can have you Pebble CA root
certificate under shuttle root directory and this will be carried in the gateway container under `/usr/src/shuttle`.
Then the `SSL_CERT_FILE` can be set as `/usr/src/shuttle/{path_to_pebble.minica.pem}`.

``` shell
export SSL_CERT_FILE="$PWD/test/certs/pebble.minica.pem"
```
Expand All @@ -33,7 +38,7 @@ container that `https://localhost:14000/dir` points to the host machine pebble i
`gateway`s `/etc/hosts` a new entry for `localhost` to point also to the `host.docker.internal` IP. The `host.docker.internal`
IP can be found by running `ping host.docker.internal` in the `gateway` container.

Now you'll want this admin client to use the local `Pebble` server when making new account. Therefore, use the
Now you'll want this admin client to use the local `Pebble` server when making a new account. Therefore, use the
following command when you create new accounts:

``` shell
Expand Down