fix: [zato] restart load-balancer after updating the .pem cert

2025-09-02 16:18:38 +02:00
parent 1048cb4ba6
commit 120e4aed17
6 changed files with 31 additions and 1 deletions
--- a/zato/actions/.renew_crt.swp
+++ b/zato/actions/.renew_crt.swp
--- a/zato/actions/renew_crt
+++ b/zato/actions/renew_crt
@@ -9,3 +9,15 @@ DOMAIN=$(relation:get "$SERVICE_NAME":web-proxy domain)


 merge_crt_letsencrypt "$DOMAIN" || exit 1 
+
+zato_commands="
+cd /opt/zato &&
+./restart-load-balancer.sh
+"
+
+if ! exec_as_zato_in_container "$zato_commands"; then
+    printf "Error: failed to execute 'restart-load-balancer' in container '%s'.\n" "$CONTAINER_NAME" >&2
+    return 1
+fi
+
+echo "load balancer restarted"
--- a/zato/hooks/.init.swp
+++ b/zato/hooks/.init.swp
--- a/zato/hooks/init
+++ b/zato/hooks/init
@@ -22,6 +22,8 @@ DATASTORE_ZATO_DIR="$SERVICE_NAME$ZATO_DIR"
 SSH_PASSWORD_FILE="$SERVICE_DATASTORE"/.compose/password/ssh-password
 DASHBOARD_PASSWORD_FILE="$SERVICE_DATASTORE"/.compose/password/dashboard-password
 IDE_PASSWORD_FILE="$SERVICE_DATASTORE"/.compose/password/ide-password
+## Load balancer script in not in /opt/zato/env/qs-1 because this folder is created after launch
+RESTART_LOADBALANCER_FILE=/opt/zato/restart-load-balancer.sh

 ssh_password=$(generate_or_get_secret "$SSH_PASSWORD_FILE")
 dashboard_password=$(generate_or_get_secret "$DASHBOARD_PASSWORD_FILE")
@@ -36,6 +38,8 @@ $SERVICE_NAME:
    Zato_SSH_Password: \"$ssh_password\"
    Zato_Dashboard_Password: \"$dashboard_password\"
    Zato_IDE_Password: \"$ide_password\"
+  volumes:
+    - /srv/charm-store/elabore-charms/zato/resources$RESTART_LOADBALANCER_FILE:$RESTART_LOADBALANCER_FILE
 "

 # uid=$(docker_get_uid "$SERVICE_NAME" "zato")
--- a/zato/lib/common
+++ b/zato/lib/common
@@ -32,7 +32,7 @@ get_container_name(){
 exec_as_zato_in_container() {
    CONTAINER_NAME=$(get_container_name)
    local cmd="$1"
-    if ! docker exec -it "$CONTAINER_NAME" bash -c "su - zato -c '$cmd'"; then
+    if ! docker exec -i "$CONTAINER_NAME" bash -c "su - zato -c '$cmd'"; then
        printf "Error: Failed to execute command '%s' as zato user in container '%s'\n" "$cmd" "$CONTAINER_NAME" >&2
        return 1
    fi
--- a/zato/resources/opt/zato/restart-load-balancer.sh
+++ b/zato/resources/opt/zato/restart-load-balancer.sh
@@ -0,0 +1,14 @@
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:~/current/bin
+export PYTHONPATH=:/opt/zato/current/extlib
+export ZATO_PYTHON_REQS=/opt/hot-deploy/python-reqs/requirements.txt
+export ZATO_HOT_DEPLOY_DIR=/opt/hot-deploy/services:
+export ZATO_USER_CONF_DIR=/opt/hot-deploy/user-conf:/tmp/zato-user-conf
+export ZATO_HOT_DEPLOY_PREFER_SNAPSHOTS=True
+export Zato_Is_Quickstart=
+export Zato_Log_Env_Details=True
+export Zato_TLS_Verify=
+export Zato_Is_Docker=True
+
+~/current/bin/zato stop /opt/zato/env/qs-1/load-balancer 
+kill $(ps -aux | grep zato.agent.load_balancer.main | grep -v grep | grep -v /bin/sh | awk '{ print $2 }') 
+~/current/bin/zato start /opt/zato/env/qs-1/load-balancer --env-file /opt/hot-deploy/enmasse/env.ini