get-wildcard-cert-prosody.sh hinzugefügt

get-wildcard-cert-prosody.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+
+set -e
+set -u
+set -o pipefail
+
+# Variables
+PROXY_SERVER="root@10.64.0.5"
+REMOTE_CERT_PATH="/etc/letsencrypt/live/lainlounge.xyz/"
+LOCAL_CERT_PATH="/etc/prosody/certs"
+DOMAIN="lainlounge.xyz"
+
+# Functions
+backup() {
+    echo "** Creating a backup from the current certificates..."
+    mkdir -p "$LOCAL_CERT_PATH/backup"
+    cp "$LOCAL_CERT_PATH/$DOMAIN.crt" "$LOCAL_CERT_PATH/backup/" || true
+    cp "$LOCAL_CERT_PATH/$DOMAIN.key" "$LOCAL_CERT_PATH/backup/" || true
+}
+
+fetch_wildcard_certificate() {
+    echo "** Getting wildcard certificates from the core proxy (nginx)..."
+    scp "$PROXY_SERVER:$REMOTE_CERT_PATH/fullchain.pem" "$LOCAL_CERT_PATH/$DOMAIN.crt"
+    scp "$PROXY_SERVER:$REMOTE_CERT_PATH/privkey.pem" "$LOCAL_CERT_PATH/$DOMAIN.key"
+}
+
+verify_certificates() {
+    echo "** Check if all certificate files has been transfered..."
+    if [[ ! -f "$LOCAL_CERT_PATH/$DOMAIN.crt" || ! -f "$LOCAL_CERT_PATH/$DOMAIN.key" ]]; then
+        echo "ERROR: Zertificat files missing!"
+        exit 1
+    fi
+}
+
+reload_prosody() {
+    echo "** Restarting prosody..."
+    systemctl reload prosody
+}
+
+# Main
+backup
+fetch_wildcard_certificate
+verify_certificates
+reload_prosody
+
+echo "Wildcard certificates has been installed and prosody has been restarted."