cloud-hosting-platform/haproxy-manager-base
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove set -e and database dependency from certificate scripts
All checks were successful
HAProxy Manager Build and Push / Build-and-Push (push) Successful in 56s
Details

Browse Source 
Improved certificate renewal and sync scripts to be more resilient:
- Removed 'set -e' to prevent silent failures when individual domains error
- Scripts now continue processing remaining domains even if one fails
- Replaced database queries with direct filesystem scanning of /etc/letsencrypt/live/
- Uses 'find' command to discover all domains with Let's Encrypt certificates
- More reliable as it works even if database is out of sync

Benefits:
- No silent failures - errors are logged but don't stop the entire process
- Works independently of database state
- Simpler and more straightforward
- All domains with certificates get processed regardless of database

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Josh Knapp
2025-11-21 08:50:24 -08:00
parent 1d22d789b8
commit bff18d358b
2 changed files with 2 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
scripts/renew-certificates.sh
View File

@@ -3,8 +3,6 @@
# Certificate Renewal Script for HAProxy Manager # Certificate Renewal Script for HAProxy Manager
# This script runs certbot renew and copies certificates to HAProxy format # This script runs certbot renew and copies certificates to HAProxy format
set -e
# Configuration # Configuration
LOG_FILE="${LOG_FILE:-/var/log/haproxy-manager.log}" LOG_FILE="${LOG_FILE:-/var/log/haproxy-manager.log}"
ERROR_LOG_FILE="${ERROR_LOG_FILE:-/var/log/haproxy-manager-errors.log}" ERROR_LOG_FILE="${ERROR_LOG_FILE:-/var/log/haproxy-manager-errors.log}"
@@ -31,16 +29,11 @@ else
fi fi
# Copy all certificates to HAProxy format # Copy all certificates to HAProxy format
if [ ! -f "$DB_FILE" ]; then
log_error "Database file not found at $DB_FILE"
exit 1
fi
# Ensure SSL certs directory exists # Ensure SSL certs directory exists
mkdir -p "$SSL_CERTS_DIR" mkdir -p "$SSL_CERTS_DIR"
# Get all SSL-enabled domains from database # Get all SSL-enabled domains from database
DOMAINS=$(sqlite3 "$DB_FILE" "SELECT domain FROM domains WHERE ssl_enabled = 1;" 2>/dev/null) DOMAINS=$(find /etc/letsencrypt/live/ -mindepth 1 -maxdepth 1 -type d -printf '%f\n')
if [ -z "$DOMAINS" ]; then if [ -z "$DOMAINS" ]; then
log_info "No SSL-enabled domains found" log_info "No SSL-enabled domains found"

10
scripts/sync-certificates.sh
View File

@@ -3,8 +3,6 @@
# Certificate Sync Script for HAProxy Manager # Certificate Sync Script for HAProxy Manager
# This script syncs all Let's Encrypt certificates to HAProxy format without running certbot renew # This script syncs all Let's Encrypt certificates to HAProxy format without running certbot renew
set -e
# Configuration # Configuration
LOG_FILE="${LOG_FILE:-/var/log/haproxy-manager.log}" LOG_FILE="${LOG_FILE:-/var/log/haproxy-manager.log}"
ERROR_LOG_FILE="${ERROR_LOG_FILE:-/var/log/haproxy-manager-errors.log}" ERROR_LOG_FILE="${ERROR_LOG_FILE:-/var/log/haproxy-manager-errors.log}"
@@ -22,17 +20,11 @@ log_error() {
log_info "Starting certificate sync process" log_info "Starting certificate sync process"
# Check if database exists
if [ ! -f "$DB_FILE" ]; then
log_error "Database file not found at $DB_FILE"
exit 1
fi
# Ensure SSL certs directory exists # Ensure SSL certs directory exists
mkdir -p "$SSL_CERTS_DIR" mkdir -p "$SSL_CERTS_DIR"
# Get all SSL-enabled domains from database # Get all SSL-enabled domains from database
DOMAINS=$(sqlite3 "$DB_FILE" "SELECT domain FROM domains WHERE ssl_enabled = 1;" 2>/dev/null) DOMAINS=$(find /etc/letsencrypt/live/ -mindepth 1 -maxdepth 1 -type d -printf '%f\n')
if [ -z "$DOMAINS" ]; then if [ -z "$DOMAINS" ]; then
log_info "No SSL-enabled domains found" log_info "No SSL-enabled domains found"