67 lines
1.6 KiB
Bash
67 lines
1.6 KiB
Bash
|
#!/bin/bash
|
||
|
|
||
|
HOST="tryton"
|
||
|
TLD="example.com"
|
||
|
FQDN="$HOST.$TLD"
|
||
|
LABEL="DATA"
|
||
|
|
||
|
CERT_DIR=/$LABEL/CERTS
|
||
|
CERT_TRYTOND=/$LABEL/etc/ssl/trytond
|
||
|
CERT_NGINX=/$LABEL/etc/ssl/nginx
|
||
|
GETREPO=""
|
||
|
GETUSER=""
|
||
|
GETPASS=""
|
||
|
|
||
|
function getCurrentVersion() {
|
||
|
# Get hash from latest revision
|
||
|
git log --format=format:%H -1
|
||
|
}
|
||
|
|
||
|
cd $CERT_DIR
|
||
|
|
||
|
if [ -z "$GETREPO" ]; then
|
||
|
GIT_REVISION=0
|
||
|
GIT_NEW_REVISION=1
|
||
|
cd $FQDN
|
||
|
elif [ ! -d "$FQDN" ]; then
|
||
|
GIT_REVISION=0
|
||
|
git clone "https://$GETUSER:$GETPASS@$GETREPO"
|
||
|
cd $FQDN
|
||
|
GIT_NEW_REVISION=$(getCurrentVersion)
|
||
|
else
|
||
|
cd $FQDN
|
||
|
GIT_REVISION=$(getCurrentVersion)
|
||
|
git commit -m "CRON: auto commit"
|
||
|
git fetch
|
||
|
git merge origin/master -m "Auto Merge"
|
||
|
GIT_NEW_REVISION=$(getCurrentVersion)
|
||
|
fi
|
||
|
|
||
|
echo "old: $GIT_REVISION"
|
||
|
echo "new: $GIT_NEW_REVISION"
|
||
|
|
||
|
if [ $GIT_REVISION != $GIT_NEW_REVISION ]
|
||
|
then
|
||
|
echo "Update Trytond certificate..."
|
||
|
mkdir -p $CERT_TRYTOND
|
||
|
cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_TRYTOND/server.pem
|
||
|
cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_TRYTOND/server.key
|
||
|
chown trytond:trytond $CERT_TRYTOND/server.*
|
||
|
chmod 444 $CERT_TRYTOND/server.pem
|
||
|
chmod 440 $CERT_TRYTOND/server.key
|
||
|
echo "Restarting Trytond..."
|
||
|
systemctl is-active --quiet trytond && systemctl restart trytond
|
||
|
|
||
|
echo "Update Nginx certificate..."
|
||
|
mkdir -p $CERT_NGINX
|
||
|
cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_NGINX/nginx.pem
|
||
|
cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_NGINX/nginx.key
|
||
|
chown nginx:nginx $CERT_NGINX/nginx.*
|
||
|
chmod 444 $CERT_NGINX/nginx.pem
|
||
|
chmod 400 $CERT_NGINX/nginx.key
|
||
|
echo "Restarting Nginx..."
|
||
|
systemctl is-active --quiet nginx && systemctl restart nginx
|
||
|
fi
|
||
|
|
||
|
exit 0
|