data.coop/ansible
8
3
Fork 7
Code Issues 49 Pull requests 9 Projects 1 Releases Wiki Activity

Mailu Frontend doesn't refresh certificate automatically #86

New issue
Open
opened 2022-06-20 13:32:46 +00:00 by graffen · 2 comments
graffen commented 2022-06-20 13:32:46 +00:00
Contributor
Copy link

When the TLS Cert is updated by the reverse proxy, the mailu frontend container needs to be restarted. We need to find a way to do this automatically.

When the TLS Cert is updated by the reverse proxy, the mailu frontend container needs to be restarted. We need to find a way to do this automatically.
reynir commented 2022-06-23 10:07:28 +00:00
Owner
Copy link

Relevant: https://mailu.io/master/maintain.html#managing-of-external-let-s-encrypt-certificates

Relevant: https://mailu.io/master/maintain.html#managing-of-external-let-s-encrypt-certificates
samsapti commented 2022-06-23 20:03:50 +00:00
Owner
Copy link

https://git.data.coop/data.coop/ansible/src/branch/master/roles/docker/tasks/services/mailu.yml#L25-L38

The TLS certificate and key files are hard-linked from nginx to Mailu. When nginx renews the cert, the modified-date of the hard-link is updated as well. This means that, if we can somehow have something to listen for the files (the hard-links) being modified on Mailu's side of things, this would be easily solvable.

https://git.data.coop/data.coop/ansible/src/branch/master/roles/docker/tasks/services/mailu.yml#L25-L38 The TLS certificate and key files are hard-linked from nginx to Mailu. When nginx renews the cert, the modified-date of the hard-link is updated as well. This means that, if we can somehow have something to listen for the files (the hard-links) being modified on Mailu's side of things, this would be easily solvable.
samsapti added the
Existing Service
 label 2022-11-16 13:45:53 +00:00
valberg added this to the Devops work project 2024-02-09 07:52:18 +00:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
reynir-patch-1
proxmox
diun
use_sudo
woodpeckerci
linting
mailman
listmonk
sshd-password
No results found.
Labels
Clear labels   
Blocked

Something is blocking progress

  
Existing Service

Issues/improvements regarding existing services

  
Infrastructure Issue

Infrastructure issue that needs investigation or time to fix

  
Refactor

Refactoring of files / file structure or other improvements

  
Security Hardening

Non-verified / non-critical security improvements

  
Security Issue

Urgent security issue that needs to be fixed ASAP

  
Service Idea

Ideas for new services

  
Service Removal

Removal of services for one reason or another

  
Upgrade service
No labels
Blocked
Existing Service
Infrastructure Issue
Refactor
Security Hardening
Security Issue
Service Idea
Service Removal
Upgrade service
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Devops work
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: data.coop/ansible#86
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?