54 lines
1.2 KiB
Markdown
54 lines
1.2 KiB
Markdown
# ketreweb containers
|
|
|
|
The cron job to update certificates isn't quite working yet.
|
|
|
|
To update certificates:
|
|
|
|
```bash
|
|
docker exec -it ketrenet-cron /bin/bash
|
|
/usr/bin/certbot renew --no-self-upgrade --webroot -w /var/www/ketrenos.com
|
|
/usr/bin/scp -q -i /keys/opnsense-letsencrypt /etc/letsencrypt/live/ketrenos.com/{fullchain,privkey}.pem letsencrypt@opnsense.ketrenos.com:.
|
|
/usr/bin/ssh -i /keys/opnsense-letsencrypt letsencrypt@opnsense.ketrenos.com sudo ./update-cert.sh fullchain.pem privkey.pem
|
|
```
|
|
|
|
After that completes (without errors) outside the container use `./sync-certs` to push
|
|
the updated certificates to all the service containers and servers.
|
|
|
|
## ketreweb
|
|
|
|
nginx and apache2
|
|
monitors keys from ./config/letsencrypt and restarts nginx and apache if changed
|
|
|
|
apache2 is only being used for mailman, which is currently offline
|
|
|
|
## ketreweb-roundcube
|
|
|
|
default container for roundcube
|
|
|
|
## ketreweb-cron
|
|
|
|
Runs letsencrypt via cron once per day
|
|
Runs email-check via cron once per day
|
|
|
|
## ketreweb-mail
|
|
|
|
uses LDAP to 192.168.1.78
|
|
dovecot
|
|
postfix
|
|
|
|
## ketrenet-dns
|
|
|
|
Runs dhcp and bind
|
|
|
|
Host needs to have following in /etc/systemd/resolved.conf:
|
|
|
|
```bash
|
|
[Resolve]
|
|
DNSStubListener=no
|
|
DNSStubListenerExtra=1053
|
|
```
|
|
|
|
```bash
|
|
sudo systemctl restart systemd-resolved
|
|
```
|