2021-12-14 13:33:04 |
Lukas M |
description |
Currently its not possible to reload haproxy with docker kill -s HUP haproxy ( when certificate is changed , for example i am using DNS01 and certbot systemd timer service for automatic renewal )
Seems its fixed for tripleo https://review.opendev.org/c/openstack/tripleo-heat-templates/+/504412/
Should be possible to use Runtime API https://www.haproxy.com/blog/dynamic-ssl-certificate-storage-in-haproxy/ ( via custom node config ) or even Dataplane API https://github.com/haproxytech/dataplaneapi , but this invole a dockerfile change.
Thanks |
Currently its not possible to reload haproxy with docker kill -s HUP haproxy ( when certificate is changed , for example i am using DNS01 and certbot systemd timer service for automatic cert renewal )
Seems its fixed for tripleo https://review.opendev.org/c/openstack/tripleo-heat-templates/+/504412/
Should be possible to use Runtime API https://www.haproxy.com/blog/dynamic-ssl-certificate-storage-in-haproxy/ ( via custom node config ) or even Dataplane API https://github.com/haproxytech/dataplaneapi , but this invole a dockerfile change.
Thanks |
|
2021-12-14 13:33:20 |
Lukas M |
description |
Currently its not possible to reload haproxy with docker kill -s HUP haproxy ( when certificate is changed , for example i am using DNS01 and certbot systemd timer service for automatic cert renewal )
Seems its fixed for tripleo https://review.opendev.org/c/openstack/tripleo-heat-templates/+/504412/
Should be possible to use Runtime API https://www.haproxy.com/blog/dynamic-ssl-certificate-storage-in-haproxy/ ( via custom node config ) or even Dataplane API https://github.com/haproxytech/dataplaneapi , but this invole a dockerfile change.
Thanks |
Currently its not possible to reload haproxy with docker kill -s HUP haproxy ( when certificate is changed , for example i am using DNS01 and certbot systemd timer service for automatic cert renewal )
Seems its fixed for tripleo https://review.opendev.org/c/openstack/tripleo-heat-templates/+/504412/
Should be possible to use Runtime API https://www.haproxy.com/blog/dynamic-ssl-certificate-storage-in-haproxy/ ( via custom node config ) or even Dataplane API https://github.com/haproxytech/dataplaneapi , but this involve a dockerfile change.
Thanks |
|