|
@@ -7,6 +7,7 @@ COMMAND = ''
|
|
|
// TARGET_HOSTS_APACHE = [ 'sugar', 'owncloud' ]
|
|
// TARGET_HOSTS_APACHE = [ 'sugar', 'owncloud' ]
|
|
|
TARGET_HOSTS_APACHE = [ 'sugar', 'pbx', 'zabbix3' ]
|
|
TARGET_HOSTS_APACHE = [ 'sugar', 'pbx', 'zabbix3' ]
|
|
|
TARGET_HOSTS_PROXMOX = [ 'kvm-test', 'kvm1', 'kvm2', 'kvm3', 'kvm4', 'kvm5', 'kvm6', 'kvm7' ]
|
|
TARGET_HOSTS_PROXMOX = [ 'kvm-test', 'kvm1', 'kvm2', 'kvm3', 'kvm4', 'kvm5', 'kvm6', 'kvm7' ]
|
|
|
|
|
+TARGET_HOSTS_PBS = [ 'pbs' ]
|
|
|
//TARGET_HOSTS_PROXMOX = [ 'kvm4' ]
|
|
//TARGET_HOSTS_PROXMOX = [ 'kvm4' ]
|
|
|
pipeline {
|
|
pipeline {
|
|
|
agent {
|
|
agent {
|
|
@@ -48,20 +49,20 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
- stage("Run Renewal") {
|
|
|
|
|
- steps {
|
|
|
|
|
- withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
|
|
|
|
|
- sh """set +x
|
|
|
|
|
- docker run -t --rm -e TZ=Europe/Moscow \
|
|
|
|
|
- -e DOMAIN=${DOMAIN} -e CONFIG_DIR=${CONFIG_DIR} -e BACKUP_FILE=${BACKUP_FILE} \
|
|
|
|
|
- -e JENKINS_MAIL=${JENKINS_MAIL} -e JENKINS_MAIL_USER=${JENKINS_USER} -e JENKINS_MAIL_PASS=${JENKINS_PASS} \
|
|
|
|
|
- -e git_url=${PKI_GIT_URL} -e SMTP_SERVER=${SMTP_SERVER} -e RECIPIENT_MAIL_BOX=${RECIPIENT_MAIL_BOX} \
|
|
|
|
|
- -e "SSHKEY=`cat ${GIT_SSH_KEY}`" -p 5353:53/udp -p 5353:53/tcp ${IMAGE_NAME} \
|
|
|
|
|
- /${COMMAND}
|
|
|
|
|
- """
|
|
|
|
|
- }
|
|
|
|
|
- }
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ // stage("Run Renewal") {
|
|
|
|
|
+ // steps {
|
|
|
|
|
+ // withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
|
|
|
|
|
+ // sh """set +x
|
|
|
|
|
+ // docker run -t --rm -e TZ=Europe/Moscow \
|
|
|
|
|
+ // -e DOMAIN=${DOMAIN} -e CONFIG_DIR=${CONFIG_DIR} -e BACKUP_FILE=${BACKUP_FILE} \
|
|
|
|
|
+ // -e JENKINS_MAIL=${JENKINS_MAIL} -e JENKINS_MAIL_USER=${JENKINS_USER} -e JENKINS_MAIL_PASS=${JENKINS_PASS} \
|
|
|
|
|
+ // -e git_url=${PKI_GIT_URL} -e SMTP_SERVER=${SMTP_SERVER} -e RECIPIENT_MAIL_BOX=${RECIPIENT_MAIL_BOX} \
|
|
|
|
|
+ // -e "SSHKEY=`cat ${GIT_SSH_KEY}`" -p 5353:53/udp -p 5353:53/tcp ${IMAGE_NAME} \
|
|
|
|
|
+ // /${COMMAND}
|
|
|
|
|
+ // """
|
|
|
|
|
+ // }
|
|
|
|
|
+ // }
|
|
|
|
|
+ // }
|
|
|
stage("Update docker secret in SWARM cluster") {
|
|
stage("Update docker secret in SWARM cluster") {
|
|
|
steps {
|
|
steps {
|
|
|
script {
|
|
script {
|
|
@@ -94,6 +95,23 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
+ stage("Update certificate and key to PBS") {
|
|
|
|
|
+ steps {
|
|
|
|
|
+ script {
|
|
|
|
|
+ NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
|
|
|
|
|
+ TARGET_HOSTS_PBS.each { item ->
|
|
|
|
|
+ ENDDATE = sh (script: "echo|openssl s_client -servername ${item}.${DOMAIN} -connect ${item}.${DOMAIN}:8007 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
|
|
|
+ if (ENDDATE == NEW_ENDDATE) {
|
|
|
|
|
+ echo "Update certificate and key for ${item}"
|
|
|
|
|
+ def PLAYBOOK = PKI_GIT_NAME + '/' + DOMAIN + '/wildcard/acme-dns/' + 'pbs.yml'
|
|
|
|
|
+ def TARGET_HOST = item + '.' + DOMAIN
|
|
|
|
|
+ def TARGET_DIR = WORKSPACE + '/' + CONFIG_DIR
|
|
|
|
|
+ dockerWCrenewal.update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
stage("Update certificate and key APACHE-HOSTS") {
|
|
stage("Update certificate and key APACHE-HOSTS") {
|
|
|
steps {
|
|
steps {
|
|
|
script {
|
|
script {
|
