mykola/opnsense-ports
1
0
Fork 0
forked from Lainports/opnsense-ports
Code Pull requests Activity
opnsense-ports/security/letskencrypt/files/deploy.sh.sample.in
Franco Fichtner 07a65b6ffa security/letskencrypt: sync with upstream 
Taken from: FreeBSD
2016-06-20 04:50:07 +02:00

37 lines
1.4 KiB
Bash
Raw Blame History

#!/bin/sh
set -e
DOMAIN="example.net"
LEDIR="%%PREFIX%%/etc/ssl/letsencrypt"
JAILSDIR="/usr/jails"
TARGETS="mail http"
for jail in ${targets}; do
targetdir="${JAILSDIR}/${jail}/etc/ssl"
# Check if the certificate has changed
[[ -z "`diff -rq ${LEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
cp -L "${LEDIR}/private/${domain}.pem" "${targetdir}/priv/${domain}.pem"
cp -L "${LEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
chmod 400 "${targetdir}/priv/${domain}.pem"
chmod 644 "${targetdir}/certs/${domain}.pem"
# Restart/-load relevant services
[[ "${jail}" = "http" ]] && jexec ${jail} service apache24 restart
[[ "${jail}" = "mail" ]] && jexec ${jail} service smtpd restart
done
# Repeat for other certificates
#DOMAIN="example.org"
#TARGETS="mail"
#for jail in ${targets}; do
# targetdir="${JAILSDIR}/${jail}/etc/ssl"
# # Check if the certificate has changed
# [[ -z "`diff -rq ${LEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
# cp -L "${LEDIR}/private/${domain}.pem" "${targetdir}/priv/${domain}.pem"
# cp -L "${LEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
# chmod 400 "${targetdir}/priv/${domain}.pem"
# chmod 644 "${targetdir}/certs/${domain}.pem"
# # Restart/-load relevant services
# [[ "${jail}" = "http" ]] && jexec ${jail} service apache24 restart
# [[ "${jail}" = "mail" ]] && jexec ${jail} service smtpd restart
#done
View git blame Copy permalink