mykola/opnsense-ports
1
0
Fork 0
forked from Lainports/opnsense-ports
Code Pull requests Activity
opnsense-ports/security/acme-client/files/deploy.sh.sample.in
Franco Fichtner 41e610765d security/acme-client: sync with upstream 
Taken from: FreeBSD
2016-11-04 23:10:53 +01:00

37 lines
1.5 KiB
Bash
Raw Blame History

#!/bin/sh
set -e
DOMAIN="example.net"
ACMEDIR="%%PREFIX%%/etc/ssl/acme"
JAILSDIR="/usr/jails"
TARGETS="mail http"
for jail in ${targets}; do
targetdir="${JAILSDIR}/${jail}/etc/ssl"
# Check if the certificate has changed
[[ -z "`diff -rq ${ACMEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
cp -L "${ACMEDIR}/private/${domain}.pem" "${targetdir}/priv/${domain}.pem"
cp -L "${ACMEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
chmod 400 "${targetdir}/priv/${domain}.pem"
chmod 644 "${targetdir}/certs/${domain}.pem"
# Restart/-load relevant services
[[ "${jail}" = "http" ]] && jexec ${jail} service apache24 restart
[[ "${jail}" = "mail" ]] && jexec ${jail} service smtpd restart
done
# Repeat for other certificates
#DOMAIN="example.org"
#TARGETS="mail"
#for jail in ${targets}; do
# targetdir="${JAILSDIR}/${jail}/etc/ssl"
# # Check if the certificate has changed
# [[ -z "`diff -rq ${ACMEDIR}/${domain}/fullchain.pem ${targetdir}/certs/${domain}.pem`" ]] && continue
# cp -L "${ACMEDIR}/private/${domain}.pem" "${targetdir}/priv/${domain}.pem"
# cp -L "${ACMEDIR}/${domain}/fullchain.pem" "${targetdir}/certs/${domain}.pem"
# chmod 400 "${targetdir}/priv/${domain}.pem"
# chmod 644 "${targetdir}/certs/${domain}.pem"
# # Restart/-load relevant services
# [[ "${jail}" = "http" ]] && jexec ${jail} service apache24 restart
# [[ "${jail}" = "mail" ]] && jexec ${jail} service smtpd restart
#done
View git blame Copy permalink