Moved repo url and email for letsencrypt to env variables
All checks were successful
AWS Deploy on Push / build (push) Successful in 4m15s
All checks were successful
AWS Deploy on Push / build (push) Successful in 4m15s
This commit is contained in:
@@ -2,3 +2,5 @@ FREEDNS_User=MyFreeDNSUsername
|
|||||||
FREEDNS_Password=MyFreeDNSPassword
|
FREEDNS_Password=MyFreeDNSPassword
|
||||||
DOMAIN_NAME=mydomain.com
|
DOMAIN_NAME=mydomain.com
|
||||||
SSH_PUBLIC_KEY="ssh-rsa AAAAB3NzaC1yc2EMYPUBLICKEY7+"
|
SSH_PUBLIC_KEY="ssh-rsa AAAAB3NzaC1yc2EMYPUBLICKEY7+"
|
||||||
|
REPO_URL="https://git.example.com/user/repo.git"
|
||||||
|
LETSENCRYPT_EMAIL="admin@example.com"
|
||||||
@@ -44,6 +44,8 @@ jobs:
|
|||||||
FREEDNS_Password: ${{ secrets.FREEDNS_PASSWORD }}
|
FREEDNS_Password: ${{ secrets.FREEDNS_PASSWORD }}
|
||||||
DOMAIN_NAME: ${{ secrets.DOMAIN_NAME }}
|
DOMAIN_NAME: ${{ secrets.DOMAIN_NAME }}
|
||||||
SSH_PUBLIC_KEY: ${{ secrets.SSH_PUBLIC_KEY }}
|
SSH_PUBLIC_KEY: ${{ secrets.SSH_PUBLIC_KEY }}
|
||||||
|
REPO_URL: ${{ secrets.REPO_URL }}
|
||||||
|
LETSENCRYPT_EMAIL: ${{ secrets.LETSENCRYPT_EMAIL }}
|
||||||
|
|
||||||
- name: Install AWS CLI
|
- name: Install AWS CLI
|
||||||
run: |
|
run: |
|
||||||
|
|||||||
1
.vscode/settings.json
vendored
1
.vscode/settings.json
vendored
@@ -15,6 +15,7 @@
|
|||||||
"fullchain",
|
"fullchain",
|
||||||
"gitea",
|
"gitea",
|
||||||
"iptv",
|
"iptv",
|
||||||
|
"LETSENCRYPT",
|
||||||
"nohup",
|
"nohup",
|
||||||
"passlib",
|
"passlib",
|
||||||
"pyjwt",
|
"pyjwt",
|
||||||
|
|||||||
26
app.py
26
app.py
@@ -10,24 +10,30 @@ freedns_user = os.environ.get("FREEDNS_User")
|
|||||||
freedns_password = os.environ.get("FREEDNS_Password")
|
freedns_password = os.environ.get("FREEDNS_Password")
|
||||||
domain_name = os.environ.get("DOMAIN_NAME")
|
domain_name = os.environ.get("DOMAIN_NAME")
|
||||||
ssh_public_key = os.environ.get("SSH_PUBLIC_KEY")
|
ssh_public_key = os.environ.get("SSH_PUBLIC_KEY")
|
||||||
|
repo_url = os.environ.get("REPO_URL")
|
||||||
|
letsencrypt_email = os.environ.get("LETSENCRYPT_EMAIL")
|
||||||
|
|
||||||
if not freedns_user or not freedns_password:
|
required_vars = {
|
||||||
raise ValueError("FREEDNS_User and FREEDNS_Password environment variables must be set.")
|
"FREEDNS_User": freedns_user,
|
||||||
|
"FREEDNS_Password": freedns_password,
|
||||||
|
"DOMAIN_NAME": domain_name,
|
||||||
|
"SSH_PUBLIC_KEY": ssh_public_key,
|
||||||
|
"REPO_URL": repo_url,
|
||||||
|
"LETSENCRYPT_EMAIL": letsencrypt_email
|
||||||
|
}
|
||||||
|
|
||||||
if not domain_name:
|
# Check for missing required variables
|
||||||
raise ValueError("DOMAIN_NAME environment variable must be set.")
|
missing_vars = [k for k, v in required_vars.items() if not v]
|
||||||
|
if missing_vars:
|
||||||
if not ssh_public_key: # Check if SSH public key is set
|
raise ValueError(f"Missing required environment variables: {', '.join(missing_vars)}")
|
||||||
raise ValueError("SSH_PUBLIC_KEY environment variable must be set.")
|
|
||||||
|
|
||||||
IptvUpdaterStack(app, "IptvUpdaterStack",
|
IptvUpdaterStack(app, "IptvUpdaterStack",
|
||||||
freedns_user=freedns_user,
|
freedns_user=freedns_user,
|
||||||
freedns_password=freedns_password,
|
freedns_password=freedns_password,
|
||||||
domain_name=domain_name,
|
domain_name=domain_name,
|
||||||
ssh_public_key=ssh_public_key,
|
ssh_public_key=ssh_public_key,
|
||||||
# If you don't specify 'env', the stack will be deployed to the account and region that are
|
repo_url=repo_url,
|
||||||
# configured in your AWS CLI profile. Defaulting to the environment where the CLI is configured.
|
letsencrypt_email=letsencrypt_email
|
||||||
# env=cdk.Environment(account=os.getenv('CDK_DEFAULT_ACCOUNT'), region=os.getenv('CDK_DEFAULT_REGION')),
|
|
||||||
)
|
)
|
||||||
|
|
||||||
app.synth()
|
app.synth()
|
||||||
@@ -19,6 +19,8 @@ class IptvUpdaterStack(Stack):
|
|||||||
freedns_password: str,
|
freedns_password: str,
|
||||||
domain_name: str,
|
domain_name: str,
|
||||||
ssh_public_key: str,
|
ssh_public_key: str,
|
||||||
|
repo_url: str,
|
||||||
|
letsencrypt_email: str,
|
||||||
**kwargs
|
**kwargs
|
||||||
) -> None:
|
) -> None:
|
||||||
super().__init__(scope, construct_id, **kwargs)
|
super().__init__(scope, construct_id, **kwargs)
|
||||||
@@ -165,7 +167,9 @@ class IptvUpdaterStack(Stack):
|
|||||||
userdata.add_commands(
|
userdata.add_commands(
|
||||||
f'export FREEDNS_User="{freedns_user}"',
|
f'export FREEDNS_User="{freedns_user}"',
|
||||||
f'export FREEDNS_Password="{freedns_password}"',
|
f'export FREEDNS_Password="{freedns_password}"',
|
||||||
f'export DOMAIN_NAME="{domain_name}"'
|
f'export DOMAIN_NAME="{domain_name}"',
|
||||||
|
f'export REPO_URL="{repo_url}"',
|
||||||
|
f'export LETSENCRYPT_EMAIL="{letsencrypt_email}"'
|
||||||
)
|
)
|
||||||
|
|
||||||
# Adds one or more commands to the userdata object.
|
# Adds one or more commands to the userdata object.
|
||||||
|
|||||||
@@ -9,7 +9,7 @@ pip3 install certbot certbot-nginx
|
|||||||
|
|
||||||
cd /home/ec2-user
|
cd /home/ec2-user
|
||||||
|
|
||||||
git clone https://git.fiorinis.com/Home/iptv-updater-aws.git
|
git clone ${REPO_URL}
|
||||||
cd iptv-updater-aws
|
cd iptv-updater-aws
|
||||||
|
|
||||||
pip3 install -r requirements.txt
|
pip3 install -r requirements.txt
|
||||||
@@ -36,7 +36,7 @@ EOF
|
|||||||
crontab -u root -l >/dev/null 2>&1 || (echo "" | crontab -u root -)
|
crontab -u root -l >/dev/null 2>&1 || (echo "" | crontab -u root -)
|
||||||
|
|
||||||
# Install and configure acme.sh
|
# Install and configure acme.sh
|
||||||
curl https://get.acme.sh | sh -s email=stefano@fiorinis.com
|
curl https://get.acme.sh | sh -s email=${LEFTENCRYPT_EMAIL}
|
||||||
|
|
||||||
# Configure acme.sh to use DNS API for FreeDNS
|
# Configure acme.sh to use DNS API for FreeDNS
|
||||||
. "/.acme.sh/acme.sh.env"
|
. "/.acme.sh/acme.sh.env"
|
||||||
|
|||||||
@@ -9,8 +9,13 @@ if [ -f ${PWD}/.env ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Check if required environment variables are set
|
# Check if required environment variables are set
|
||||||
if [ -z "$FREEDNS_User" ] || [ -z "$FREEDNS_Password" ] || [ -z "$DOMAIN_NAME" ] || [ -z "$SSH_PUBLIC_KEY" ]; then
|
if [ -z "$FREEDNS_User" ] ||
|
||||||
echo "Error: FREEDNS_User, FREEDNS_Password, DOMAIN_NAME, and SSH_PUBLIC_KEY must be set as environment variables or in a .env file."
|
[ -z "$FREEDNS_Password" ] ||
|
||||||
|
[ -z "$DOMAIN_NAME" ] ||
|
||||||
|
[ -z "$SSH_PUBLIC_KEY" ] ||
|
||||||
|
[ -z "$REPO_URL" ] ||
|
||||||
|
[ -z "$LETSENCRYPT_EMAIL" ]; then
|
||||||
|
echo "Error: FREEDNS_User, FREEDNS_Password, DOMAIN_NAME, SSH_PUBLIC_KEY, REPO_URL, and LETSENCRYPT_EMAIL must be set as environment variables or in a .env file."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@@ -9,8 +9,13 @@ if [ -f ${PWD}/.env ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Check if required environment variables are set
|
# Check if required environment variables are set
|
||||||
if [ -z "$FREEDNS_User" ] || [ -z "$FREEDNS_Password" ] || [ -z "$DOMAIN_NAME" ] || [ -z "$SSH_PUBLIC_KEY" ]; then
|
if [ -z "$FREEDNS_User" ] ||
|
||||||
echo "Error: FREEDNS_User, FREEDNS_Password, DOMAIN_NAME, and SSH_PUBLIC_KEY must be set as environment variables or in a .env file."
|
[ -z "$FREEDNS_Password" ] ||
|
||||||
|
[ -z "$DOMAIN_NAME" ] ||
|
||||||
|
[ -z "$SSH_PUBLIC_KEY" ] ||
|
||||||
|
[ -z "$REPO_URL" ] ||
|
||||||
|
[ -z "$LETSENCRYPT_EMAIL" ]; then
|
||||||
|
echo "Error: FREEDNS_User, FREEDNS_Password, DOMAIN_NAME, SSH_PUBLIC_KEY, REPO_URL, and LETSENCRYPT_EMAIL must be set as environment variables or in a .env file."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user