From 1f49ce42426091aa9ae358c8b7f3918ce3b1358b Mon Sep 17 00:00:00 2001
From: Kristijan Mitrovic <kris@noreply.git.bubblev.org>
Date: Tue, 14 Jul 2020 13:23:37 +0000
Subject: [PATCH] Wait for required nginx files (#27)

Merge branch 'master' into kris/wait_for_required_nginx_files

Check if key files are not empty before nginx restart

Fix typo

Wait for required nginx files

Co-authored-by: jonathan <jonathan@noreply.git.bubblev.org>
Co-authored-by: Kristijan Mitrovic <kmitrovic@itekako.com>
Reviewed-on: https://git.bubblev.org/bubblev/bubble/pulls/27
---
 .../ansible/roles/finalizer/files/bubble_role.json   |  1 +
 .../resources/ansible/roles/finalizer/tasks/main.yml |  9 ++++++---
 .../packer/roles/common/files/ensure_file_exists.sh  | 12 +++++++-----
 3 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/bubble-server/src/main/resources/ansible/roles/finalizer/files/bubble_role.json b/bubble-server/src/main/resources/ansible/roles/finalizer/files/bubble_role.json
index 643d29be..9cdbcb67 100644
--- a/bubble-server/src/main/resources/ansible/roles/finalizer/files/bubble_role.json
+++ b/bubble-server/src/main/resources/ansible/roles/finalizer/files/bubble_role.json
@@ -1,6 +1,7 @@
 {
   "name": "finalizer",
   "config": [
+    {"name": "server_name", "value": "[[node.fqdn]]"},
     {"name": "server_alias", "value": "[[network.networkDomain]]"},
     {"name": "restore_key", "value": "[[restoreKey]]"},
     {"name": "install_type", "value": "[[installType]]"},
diff --git a/bubble-server/src/main/resources/ansible/roles/finalizer/tasks/main.yml b/bubble-server/src/main/resources/ansible/roles/finalizer/tasks/main.yml
index f1f2b6b7..28ee2c63 100644
--- a/bubble-server/src/main/resources/ansible/roles/finalizer/tasks/main.yml
+++ b/bubble-server/src/main/resources/ansible/roles/finalizer/tasks/main.yml
@@ -42,9 +42,12 @@
 - name: reload supervisord
   shell: supervisorctl reload
 
-# dhparams file is created async. it takes a while and might not have finished. nginx will fail to start without it.
-- name: Ensure dhparams.pem exists
-  shell: /usr/local/bin/ensure_file_exists.sh /etc/nginx/dhparams.pem 300
+- name: Ensure nginx required files exist
+  shell: /usr/local/bin/ensure_file_exists.sh {{ item }} 300
+  with_items:
+    - /etc/nginx/dhparams.pem
+    - /etc/letsencrypt/live/{{ server_alias }}/fullchain.pem
+    - /etc/letsencrypt/live/{{ server_name }}/fullchain.pem
 
 - name: Ensure nginx is restarted
   service:
diff --git a/bubble-server/src/main/resources/packer/roles/common/files/ensure_file_exists.sh b/bubble-server/src/main/resources/packer/roles/common/files/ensure_file_exists.sh
index 8f9f3a23..e6cdec82 100644
--- a/bubble-server/src/main/resources/packer/roles/common/files/ensure_file_exists.sh
+++ b/bubble-server/src/main/resources/packer/roles/common/files/ensure_file_exists.sh
@@ -7,13 +7,15 @@ TIMEOUT=${2:?no timeout provided}
 LOG=/tmp/ensure_file_$(echo ${TARGET_FILE} | tr '/' '_').log
 
 start=$(date +%s)
-while [[ ! -f ${TARGET_FILE} && $(expr $(date +%s) - ${start}) -le ${TIMEOUT} ]] ; do
-  echo "$(date): $0: waiting for target file to exist ${TARGET_FILE} (will timeout after ${TIMEOUT} seconds)" | tee -a ${LOG}
+while [[ ! -s ${TARGET_FILE} && $(expr $(date +%s) - ${start}) -le ${TIMEOUT} ]] ; do
+  echo "$(date): $0: waiting for target file to exist with some content ${TARGET_FILE} (will timeout after ${TIMEOUT} seconds)" \
+    | tee -a ${LOG}
   sleep 1s
 done
 
-if [[ ! -f ${TARGET_FILE} ]] ; then
-  echo "target file did not get created: ${TARGET_FILE} (timeout after ${TIMEOUT} seconds)" | tee -a ${LOG}
+if [[ ! -s ${TARGET_FILE} ]] ; then
+  echo "target file did not get created or is empty: ${TARGET_FILE} (timeout after ${TIMEOUT} seconds)" | tee -a ${LOG}
   exit 1
 fi
-echo "target file has been created: ${TARGET_FILE}" | tee -a ${LOG}
\ No newline at end of file
+
+echo "target file has been created: ${TARGET_FILE}" | tee -a ${LOG}