Mercurial > hg > rlgallery-misc

annotate scripts/create-combined-pemfile @ 100:44e8aaa20d02 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix the format of archive links.
author John "Elwin" Edwards
date Wed, 03 Aug 2022 20:49:38 -0400
parents 08c6e8c87caa
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
76
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
1 #!/bin/sh
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
2 # Combines a private key and host cert into a single pemfile, for webservers
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
3 # that require it.
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
4
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
5 if [ $# -lt 1 ]
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
6 then
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
7 echo "No domains given."
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
8 exit 1
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
9 fi
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
10
88
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
11 if [ "$1" = "-r" ]
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
12 then
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
13 RESTART=1
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
14 shift
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
15 else
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
16 RESTART=0
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
17 fi
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
18
76
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
19 for DOMAIN in "$@"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
20 do
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
21 LINKDIR=/etc/letsencrypt/live/"$DOMAIN"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
22 if [ ! -d "$LINKDIR" ]
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
23 then
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
24 echo "No certificates for $DOMAIN, skipping"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
25 continue
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
26 fi
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
27 REALCERTFILE=`readlink -f "$LINKDIR"/cert.pem`
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
28 PEMFILE=`dirname "$REALCERTFILE"`/combined.pem
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
29 touch "$PEMFILE"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
30 chown root:root "$PEMFILE"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
31 chmod 400 "$PEMFILE"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
32 cat "$LINKDIR"/privkey.pem "$LINKDIR"/cert.pem >"$PEMFILE"
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
33 ln -s -f -r "$PEMFILE" "$LINKDIR"/combined.pem
c99fac2b0dc7 Add files related to SSL support.
John "Elwin" Edwards
parents:
diff changeset
34 done
88
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
35
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
36 if [ "$RESTART" = 1 ]
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
37 then
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
38 systemctl restart lighttpd
08c6e8c87caa Certificate post-hook script: add option to restart lighttpd.
John "Elwin" Edwards
parents: 76
diff changeset
39 fi