kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add SSL certificate preservation across test environment resets

Browse Source 
- Add acme.json to .gitignore to prevent accidental commits
- Modify reset script to preserve certificates in repo folder before cleanup
- Modify setup script to restore certificates to correct location
- Update step numbering in reset script (now 7 steps)
- Maintain proper file permissions and ownership for certificates
This commit is contained in:
kelin
2026-01-15 20:25:07 -05:00
parent 4609ec5e89
commit a697bc265c
3 changed files with 37 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -69,6 +69,7 @@ yarn-error.log*
*.cer *.cer
*.p12 *.p12
*.pfx *.pfx
acme.json
# Monitoring data (if stored locally) # Monitoring data (if stored locally)
prometheus-data/ prometheus-data/

35
scripts/reset-test-environment.sh
View File

@@ -61,7 +61,7 @@ log_info "Starting safe cleanup process..."
echo "" echo ""
# Step 1: Stop all Docker Compose stacks gracefully # Step 1: Stop all Docker Compose stacks gracefully
log_info "Step 1/6: Stopping all Docker Compose stacks..." log_info "Step 1/7: Stopping all Docker Compose stacks..."
if [ -d "/opt/stacks/dashboards" ]; then if [ -d "/opt/stacks/dashboards" ]; then
cd /opt/stacks/dashboards && docker compose down 2>/dev/null || true cd /opt/stacks/dashboards && docker compose down 2>/dev/null || true
@@ -83,8 +83,21 @@ sleep 3
log_success "All stacks stopped gracefully" log_success "All stacks stopped gracefully"
echo "" echo ""
# Step 2: Remove Docker volumes (data will be lost) # Step 2: Preserve SSL certificates for test environment reuse
log_info "Step 2/6: Removing Docker volumes..." log_info "Step 2/7: Preserving SSL certificates..."
if [ -f "/opt/stacks/core/traefik/acme.json" ]; then
cp "/opt/stacks/core/traefik/acme.json" "/home/$ACTUAL_USER/AI-Homelab/acme.json" 2>/dev/null && \
log_success "SSL certificates preserved in repo folder" || \
log_warning "Could not preserve SSL certificates"
else
log_info "No SSL certificates found to preserve"
fi
echo ""
# Step 3: Remove Docker volumes (data will be lost)
log_info "Step 3/7: Removing Docker volumes..."
# List volumes to remove # List volumes to remove
VOLUMES=$(docker volume ls -q | grep -E "^(core_|infrastructure_|dashboards_)" 2>/dev/null || true) VOLUMES=$(docker volume ls -q | grep -E "^(core_|infrastructure_|dashboards_)" 2>/dev/null || true)
@@ -99,8 +112,8 @@ fi
echo "" echo ""
# Step 3: Remove stack directories (configs will be regenerated) # Step 4: Remove stack directories (configs will be regenerated)
log_info "Step 3/6: Removing stack configuration directories..." log_info "Step 4/7: Removing stack configuration directories..."
if [ -d "/opt/stacks" ]; then if [ -d "/opt/stacks" ]; then
rm -rf /opt/stacks/core rm -rf /opt/stacks/core
@@ -118,8 +131,8 @@ fi
echo "" echo ""
# Step 4: Clean up temporary files # Step 5: Clean up temporary files
log_info "Step 4/6: Cleaning temporary files..." log_info "Step 5/7: Cleaning temporary files..."
rm -f /tmp/authelia_admin_credentials.tmp rm -f /tmp/authelia_admin_credentials.tmp
rm -f /tmp/authelia_password_hash.tmp rm -f /tmp/authelia_password_hash.tmp
@@ -128,8 +141,8 @@ rm -f /tmp/nvidia*.log
log_success "Temporary files cleaned" log_success "Temporary files cleaned"
echo "" echo ""
# Step 5: Remove Docker networks # Step 6: Remove Docker networks
log_info "Step 5/6: Removing Docker networks..." log_info "Step 6/7: Removing Docker networks..."
docker network rm homelab-network 2>/dev/null && log_success "Removed homelab-network" || log_info "homelab-network not found" docker network rm homelab-network 2>/dev/null && log_success "Removed homelab-network" || log_info "homelab-network not found"
docker network rm traefik-network 2>/dev/null && log_success "Removed traefik-network" || log_info "traefik-network not found" docker network rm traefik-network 2>/dev/null && log_success "Removed traefik-network" || log_info "traefik-network not found"
@@ -138,8 +151,8 @@ docker network rm media-network 2>/dev/null && log_success "Removed media-networ
echo "" echo ""
# Step 6: Prune unused Docker resources # Step 7: Prune unused Docker resources
log_info "Step 6/6: Pruning unused Docker resources..." log_info "Step 7/7: Pruning unused Docker resources..."
docker system prune -f --volumes 2>&1 | grep -E "(Deleted|Total reclaimed)" || true docker system prune -f --volumes 2>&1 | grep -E "(Deleted|Total reclaimed)" || true
log_success "Docker cleanup complete" log_success "Docker cleanup complete"

12
scripts/setup-homelab.sh
View File

@@ -491,6 +491,18 @@ step_8_create_directories() {
chown -R "$ACTUAL_USER:$ACTUAL_USER" /mnt/git chown -R "$ACTUAL_USER:$ACTUAL_USER" /mnt/git
log_success "Directory structure created" log_success "Directory structure created"
# Restore SSL certificates if available
if [ -f "$REPO_DIR/acme.json" ]; then
mkdir -p /opt/stacks/core/traefik
cp "$REPO_DIR/acme.json" /opt/stacks/core/traefik/acme.json
chmod 600 /opt/stacks/core/traefik/acme.json
chown "$ACTUAL_USER:$ACTUAL_USER" /opt/stacks/core/traefik/acme.json
log_success "SSL certificates restored from repository"
else
log_info "No SSL certificates found in repository (first-time setup)"
fi
STEPS_COMPLETED=$((STEPS_COMPLETED + 1)) STEPS_COMPLETED=$((STEPS_COMPLETED + 1))
log_progress "Completed: $STEPS_COMPLETED/$STEPS_TOTAL steps" log_progress "Completed: $STEPS_COMPLETED/$STEPS_TOTAL steps"
echo "" echo ""