Browse Source

new: [docker-host] don't restart docker for certificate installation if it is not needed.

framadate
Valentin Lab 6 years ago
parent
commit
60502091c2
  1. 26
      precise/host/hooks/install.d/70-0k.sh

26
precise/host/hooks/install.d/70-0k.sh

@ -162,16 +162,30 @@ apt-get install -y curl </dev/null
## This does not seem to work anymore (docker v1.12, ubutnu 14.04 on gani) ## This does not seem to work anymore (docker v1.12, ubutnu 14.04 on gani)
ca=/etc/ssl/ca.0k.io.pem
need_restart=
oldmd5=
if [ -f "$ca" ]; then
oldmd5=$(md5sum "$ca")
fi
echo "Fetching 0k.io CA certificate..." echo "Fetching 0k.io CA certificate..."
curl http://docker.0k.io/get/ca.0k.io.pem > /etc/ssl/ca.0k.io.pem
cat /etc/ssl/ca.0k.io.pem >> /etc/ssl/certs/ca-certificates.crt
curl http://docker.0k.io/get/ca.0k.io.pem > "$ca"
if [[ "$(md5sum "$ca")" != "$oldmd5" ]]; then
need_restart=1
cat "$ca" >> /etc/ssl/certs/ca-certificates.crt
fi
## This is the new way: https://docs.docker.com/engine/security/certificates/ ## This is the new way: https://docs.docker.com/engine/security/certificates/
mkdir -p /etc/docker/certs.d/docker.0k.io
ln -sfn /etc/ssl/ca.0k.io.pem /etc/docker/certs.d/docker.0k.io/ca.crt
ca_ln="/etc/docker/certs.d/docker.0k.io/ca.crt"
mkdir -p "$(dirname "$ca_ln")"
if ! [ -L "$ca_ln" ] || [ "$(realpath "$ca_ln")" != "$ca" ] ; then
ln -sfn "$ca" "$ca_ln"
need_restart=1
fi
service docker restart
if [ "$need_restart" ]; then
service docker restart
fi
echo "Login into our server." echo "Login into our server."
docker login -u vm -p iamavm https://docker.0k.io docker login -u vm -p iamavm https://docker.0k.io

Loading…
Cancel
Save