From 25a070108da8a455ee97d353ef42d8fb056c0292 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 2 Oct 2024 11:09:34 +0200 Subject: [SS?S] Make slx-cert cronjob a systemd timer so we keep logs --- .../static_files/lighttpd/etc/systemd/system/slx-cert.service | 6 ++++++ .../static_files/lighttpd/etc/systemd/system/slx-cert.timer | 10 ++++++++++ .../etc/systemd/system/timers.target.wants/slx-cert.timer | 1 + satellit_installer/static_files/slxadmin/etc/cron.d/slx-admin | 2 -- satellit_upgrader/updater.template.sh | 3 +++ 5 files changed, 20 insertions(+), 2 deletions(-) create mode 100644 satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.service create mode 100644 satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.timer create mode 120000 satellit_installer/static_files/lighttpd/etc/systemd/system/timers.target.wants/slx-cert.timer diff --git a/satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.service b/satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.service new file mode 100644 index 0000000..7235203 --- /dev/null +++ b/satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.service @@ -0,0 +1,6 @@ +[Unit] +Description=Check for internal certificate expiry + +[Service] +ExecStart=/opt/openslx/slx-cert --restart +Type=oneshot diff --git a/satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.timer b/satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.timer new file mode 100644 index 0000000..e2153eb --- /dev/null +++ b/satellit_installer/static_files/lighttpd/etc/systemd/system/slx-cert.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Trigger certificate expiry check once a day + +[Timer] +OnCalendar=01:14 +AccuracySec=600 +RandomizedDelaySec=600 + +[Install] +WantedBy=timers.target diff --git a/satellit_installer/static_files/lighttpd/etc/systemd/system/timers.target.wants/slx-cert.timer b/satellit_installer/static_files/lighttpd/etc/systemd/system/timers.target.wants/slx-cert.timer new file mode 120000 index 0000000..1ab9151 --- /dev/null +++ b/satellit_installer/static_files/lighttpd/etc/systemd/system/timers.target.wants/slx-cert.timer @@ -0,0 +1 @@ +../slx-cert.timer \ No newline at end of file diff --git a/satellit_installer/static_files/slxadmin/etc/cron.d/slx-admin b/satellit_installer/static_files/slxadmin/etc/cron.d/slx-admin index c6ae537..1e6cd11 100644 --- a/satellit_installer/static_files/slxadmin/etc/cron.d/slx-admin +++ b/satellit_installer/static_files/slxadmin/etc/cron.d/slx-admin @@ -5,5 +5,3 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # web-cron runs every 5 minutes */5 * * * * www-data /opt/openslx/slxadmin-cronscript -# check certificate once a day -12 1 * * * root /opt/openslx/slx-cert --restart diff --git a/satellit_upgrader/updater.template.sh b/satellit_upgrader/updater.template.sh index 3a0f3d2..abd132a 100644 --- a/satellit_upgrader/updater.template.sh +++ b/satellit_upgrader/updater.template.sh @@ -621,6 +621,9 @@ diffcp "lighttpd" "/etc/lighttpd/lighttpd.conf" && restart["lighttpd.service"]=j diffcp "lighttpd" "/usr/share/lighttpd/auto-ssl.sh" && restart["lighttpd.service"]=ja diffcp "lighttpd" "/opt/openslx/slx-cert" && restart["lighttpd.service"]=ja diffcp "lighttpd" "/usr/share/lighttpd/include-conf-d.sh" && restart["lighttpd.service"]=ja +diffcp "lighttpd" "/etc/systemd/system/slx-cert.service" +diffcp "lighttpd" "/etc/systemd/system/slx-cert.timer" +diffcp "lighttpd" "/etc/systemd/system/timers.target.wants/slx-cert.timer" # ********************** lighttpd php_children ************* mkdir -p /usr/local/sbin -- cgit v1.2.3-55-g7522