summaryrefslogtreecommitdiff
path: root/proxy/renew-cert.sh
diff options
context:
space:
mode:
authoryyamashita <yyamashita@hetzner.yyamashita.com>2026-07-02 23:08:58 +0900
committeryyamashita <yyamashita@hetzner.yyamashita.com>2026-07-02 23:08:58 +0900
commit1a7b5adf8484ec0f2b6feb350b578142e186ab26 (patch)
treee8c670ac5554d2b17b491ee96e9717f4432d64a9 /proxy/renew-cert.sh
parent88be3b3f503d4674d764a7265edb2d4e380ae738 (diff)
Move forward proxy from Squid to Caddy (port 80/443)
Replace standalone Squid container with caddy-forwardproxy plugin so the proxy shares Caddy's existing ports and TLS. HTTP on :80 and HTTPS on :443. Auth is read from the same vpn/users.conf at Caddy startup via entrypoint.sh. DNS: add proxy to setup-route53.py WEB_SUBDOMAINS. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Diffstat (limited to 'proxy/renew-cert.sh')
-rw-r--r--proxy/renew-cert.sh22
1 files changed, 0 insertions, 22 deletions
diff --git a/proxy/renew-cert.sh b/proxy/renew-cert.sh
deleted file mode 100644
index 8924d9b..0000000
--- a/proxy/renew-cert.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-cd "$(dirname "$0")"
-
-DOMAIN="proxy.yyamashita.com"
-CADDY_DIR="/app/infra/caddy"
-CADDY_CERT_BASE="/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${DOMAIN}/${DOMAIN}"
-
-echo "証明書を更新中..."
-mkdir -p certs
-
-if ! docker compose -f "$CADDY_DIR/docker-compose.yml" exec -T caddy \
- cat "${CADDY_CERT_BASE}.crt" > certs/server.crt; then
- echo "Error: 証明書の取得に失敗しました。Caddyfile に ${DOMAIN} が設定されているか確認してください。"
- exit 1
-fi
-docker compose -f "$CADDY_DIR/docker-compose.yml" exec -T caddy \
- cat "${CADDY_CERT_BASE}.key" > certs/server.key
-chmod 600 certs/server.key
-
-echo "証明書を更新しました。"
-bash "$(pwd)/deploy.sh"