From 3b5668d828f1ceed25e8ef722e4cdb26b7a78d46 Mon Sep 17 00:00:00 2001
From: OscarSotoSanchez <oscarsotosanchez@gmail.com>
Date: Mon, 29 Jun 2020 16:37:26 +0200
Subject: [PATCH] Proxy updated for auto renew letscrypt certificated

---
 .../docker/openvidu-docker-compose/docker-compose.yml    | 2 +-
 openvidu-server/docker/openvidu-proxy/create_image.sh    | 4 ++--
 .../default_nginx_conf/ce/default-app-without-demos.conf | 6 ++++++
 .../default_nginx_conf/ce/default-app.conf               | 6 ++++++
 .../pro/default-app-without-demos.conf                   | 6 ++++++
 .../openvidu-proxy/default_nginx_conf/pro/default.conf   | 6 ++++++
 openvidu-server/docker/openvidu-proxy/entrypoint.sh      | 9 ++++-----
 7 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/openvidu-server/docker/openvidu-docker-compose/docker-compose.yml b/openvidu-server/docker/openvidu-docker-compose/docker-compose.yml
index fc844d1f..47f73d66 100644
--- a/openvidu-server/docker/openvidu-docker-compose/docker-compose.yml
+++ b/openvidu-server/docker/openvidu-docker-compose/docker-compose.yml
@@ -74,7 +74,7 @@ services:
             - MAX_PORT=65535
 
     nginx:
-        image: openvidu/openvidu-proxy:2.0.0
+        image: openvidu/openvidu-proxy:3.0.0-beta1
         restart: on-failure
         network_mode: host
         volumes:
diff --git a/openvidu-server/docker/openvidu-proxy/create_image.sh b/openvidu-server/docker/openvidu-proxy/create_image.sh
index 0a24514f..e170b769 100755
--- a/openvidu-server/docker/openvidu-proxy/create_image.sh
+++ b/openvidu-server/docker/openvidu-proxy/create_image.sh
@@ -2,9 +2,9 @@ VERSION=$1
 if [[ ! -z $VERSION ]]; then
     cp ../utils/discover_my_public_ip.sh ./discover_my_public_ip.sh
 
-    docker build -t openvidu/openvidu-nginx:$VERSION .
+    docker build -t openvidu/openvidu-proxy:$VERSION .
 
     rm ./discover_my_public_ip.sh
 else
     echo "Error: You need to specify a version as first argument"
-fi
\ No newline at end of file
+fi
diff --git a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app-without-demos.conf b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app-without-demos.conf
index 22c5a6d4..cdff24fe 100644
--- a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app-without-demos.conf
+++ b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app-without-demos.conf
@@ -94,4 +94,10 @@ server {
         deny all;
         proxy_pass http://openviduserver;
     }
+
+    # letsencrypt
+    location /.well-known/acme-challenge {
+        root /var/www/certbot;
+        try_files $uri $uri/ =404;
+    }
 }
diff --git a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app.conf b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app.conf
index a3c1787e..0fcd2142 100644
--- a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app.conf
+++ b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/ce/default-app.conf
@@ -94,4 +94,10 @@ server {
         deny all;
         proxy_pass http://openviduserver;
     }
+
+    # letsencrypt
+    location /.well-known/acme-challenge {
+        root /var/www/certbot;
+        try_files $uri $uri/ =404;
+    }
 }
diff --git a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default-app-without-demos.conf b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default-app-without-demos.conf
index 58a72c7e..1473ac20 100644
--- a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default-app-without-demos.conf
+++ b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default-app-without-demos.conf
@@ -156,4 +156,10 @@ server {
         deny all;
         proxy_pass http://openviduserver;
     }
+
+    # letsencrypt
+    location /.well-known/acme-challenge {
+        root /var/www/certbot;
+        try_files $uri $uri/ =404;
+    }
 }
diff --git a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default.conf b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default.conf
index ff98de0f..d5ada4eb 100644
--- a/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default.conf
+++ b/openvidu-server/docker/openvidu-proxy/default_nginx_conf/pro/default.conf
@@ -166,4 +166,10 @@ server {
         deny all;
         proxy_pass http://openviduserver;
     }
+
+    # letsencrypt
+    location /.well-known/acme-challenge {
+        root /var/www/certbot;
+        try_files $uri $uri/ =404;
+    }
 }
diff --git a/openvidu-server/docker/openvidu-proxy/entrypoint.sh b/openvidu-server/docker/openvidu-proxy/entrypoint.sh
index 8d29a5f8..98c8f2f0 100755
--- a/openvidu-server/docker/openvidu-proxy/entrypoint.sh
+++ b/openvidu-server/docker/openvidu-proxy/entrypoint.sh
@@ -127,8 +127,10 @@ case ${CERTIFICATE_TYPE} in
     fi
     ;;
 
-  "letsencrypt")  
-    echo "0 12 * * * certbot renew >> /var/log/nginx/cron-letsencrypt.log" | crontab - # Auto renew cert
+  "letsencrypt")
+    # Init cron
+    /usr/sbin/crond -f &
+    echo '0 */12 * * * certbot renew --post-hook "nginx -s reload" >> /var/log/cron-letsencrypt.log' | crontab - # Auto renew cert
 
     if [[ ! -f "${CERTIFICATES_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/privkey.pem" && \
           ! -f "${CERTIFICATES_FOLDER:?}/${DOMAIN_OR_PUBLIC_IP}/fullchain.pem" ]]; then
@@ -337,8 +339,5 @@ printf "\n  ======================================="
 printf "\n\n"
 nginx -s reload
 
-# Init cron
-/usr/sbin/crond -f &
-
 # nginx logs
 tail -f /var/log/nginx/*.log