public
/
docker-service-nginx
關注 1
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
瀏覽代碼

Merge pull request #3 from ShaneMcC/check-for-cert 

Check that certificate file exists before we create the service.
pull/4/head
Chris Smith 6 年之前
父節點
0a54f9fc6e 8f70782ba7
當前提交
b716742a41
沒有連結到貢獻者的電子郵件帳戶。
共有 1 個檔案被更改,包括 23 行新增14 行删除
統一視圖 顯示文件統計
  1. 23
    14
      generate.py

+ 23
- 14
generate.py 查看文件

4 
 import etcdlib
 4 
 import etcdlib
5 
 import jinja2
 5 
 import jinja2
6 
 import os
 6 
 import os
7 
+import os.path
7
8
8 
 parser = argparse.ArgumentParser()
 9 
 parser = argparse.ArgumentParser()
9 
 parser.add_argument('--name', help='Name of the docker host to request certificates for', default='unknown')
 10 
 parser.add_argument('--name', help='Name of the docker host to request certificates for', default='unknown')
20 
 fetcher = etcdlib.Connection(args.etcd_host, args.etcd_port, args.etcd_prefix)
 21 
 fetcher = etcdlib.Connection(args.etcd_host, args.etcd_port, args.etcd_prefix)
21
22
22 
 while True:
 23 
 while True:
24 
+  wroteConfig = False;
23 
   services = []
 25 
   services = []
24 
   domains = {k: v.split(',') for k, v in fetcher.get_label('com.chameth.vhost').items()}
 26 
   domains = {k: v.split(',') for k, v in fetcher.get_label('com.chameth.vhost').items()}
25 
   protocols = fetcher.get_label('com.chameth.proxy.protocol')
 27 
   protocols = fetcher.get_label('com.chameth.proxy.protocol')
26 
   defaults = fetcher.get_label('com.chameth.proxy.default')
 28 
   defaults = fetcher.get_label('com.chameth.proxy.default')
27 
   for container, values in fetcher.get_label('com.chameth.proxy').items():
 29 
   for container, values in fetcher.get_label('com.chameth.proxy').items():
28 
     networks = fetcher.get_networks(container)
 30 
     networks = fetcher.get_networks(container)
29 
-    services.append({
30 
-      'protocol': protocols[container] if container in protocols else 'http',
31 
-      'vhosts': domains[container],
32 
-      'host': next(iter(networks.values())), # TODO: Pick a bridge sensibly?
33 
-      'port': values,
34 
-      'certificate': args.cert_path % domains[container][0],
35 
-      'trusted_certificate': args.trusted_cert_path % domains[container][0],
36 
-      'certificate_key': args.cert_key_path % domains[container][0],
37 
-      'default': container in defaults,
38 
-    })
39 
-
40 
-  with open('/nginx-config/vhosts.conf', 'w') as f:
41 
-    print('Writing vhosts.conf...', flush=True)
42 
-    f.write(template.render(services=services))
31 
+    certfile = args.cert_path % domains[container][0];
32 
+    if os.path.isfile(certfile):
33 
+      services.append({
34 
+        'protocol': protocols[container] if container in protocols else 'http',
35 
+        'vhosts': domains[container],
36 
+        'host': next(iter(networks.values())), # TODO: Pick a bridge sensibly?
37 
+        'port': values,
38 
+        'certificate': args.cert_path % domains[container][0],
39 
+        'trusted_certificate': args.trusted_cert_path % domains[container][0],
40 
+        'certificate_key': args.cert_key_path % domains[container][0],
41 
+        'default': container in defaults,
42 
+      })
43 
+
44 
+  if wroteConfig or len(services) > 0 or not os.path.isfile('/nginx-config/vhosts.conf'):
45 
+    with open('/nginx-config/vhosts.conf', 'w') as f:
46 
+      print('Writing vhosts.conf...', flush=True)
47 
+      f.write(template.render(services=services))
48 
+      wroteConfig = True;
49 
+    print('Done writing config.', flush=True)
50 
+  else:
51 
+    print('Not writing empty config. Ensure that your letsencrypt certificates are accessible to this container.')
43
52
44 
   print('Done writing config.', flush=True)
 53 
   print('Done writing config.', flush=True)
45
54

Write Preview
Loading…
取消
儲存