From 404502f47044304978e122ec7dd4fa6d0be4acf5 Mon Sep 17 00:00:00 2001 From: Praveen Arimbrathodiyil Date: Mon, 4 Apr 2016 23:12:52 +0530 Subject: [PATCH] check if letsencrypt cert is already present --- debian/changelog | 1 + debian/postinst | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/debian/changelog b/debian/changelog index 1e31096207..d20658a54a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,7 @@ gitlab (8.5.8+dfsg-3) UNRELEASED; urgency=medium * Use embedded copy of fuzzaldrin-plus (See #814871 for more details) * Bring back db check in postinst (initialize the db only if it is empty) * Choose unicode for db encoding (fixes wiki creation error) + * Don't run letsencrypt if certificate is already present -- Pirate Praveen Sun, 03 Apr 2016 17:41:28 +0530 diff --git a/debian/postinst b/debian/postinst index f8f9ba2130..a4f9c4fa6d 100755 --- a/debian/postinst +++ b/debian/postinst @@ -97,13 +97,18 @@ case "$1" in # Check if letsencrypt option is selected db_get gitlab/letsencrypt if [ "${RET}" = "true" ]; then - ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/fullchain.pem \ - /etc/gitlab/ssl/gitlab.crt - ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/privkey.pem \ - /etc/gitlab/ssl/gitlab.key - # Port 80 and 443 should be available for letsencrypt - invoke-rc.d nginx stop - letsencrypt -d ${GITLAB_HOST} certonly + # Check if certificate is already present + if [ -e /etc/letsencrypt/live/${GITLAB_HOST}/fullchain.pem ]; then + echo "Let's encrypt certificate already present." + else + ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/fullchain.pem \ + /etc/gitlab/ssl/gitlab.crt + ln -sf /etc/letsencrypt/live/${GITLAB_HOST}/privkey.pem \ + /etc/gitlab/ssl/gitlab.key + # Port 80 and 443 should be available for letsencrypt + invoke-rc.d nginx stop + letsencrypt -d ${GITLAB_HOST} certonly + fi fi fi