appliances/isl/appliance/cert-renew.sh

#!/bin/bash

HOST="isl"
TLD="example.com"
FQDN="$HOST.$TLD"
LABEL="DATA"

CERT_DIR=/$LABEL/CERTS
CERT_EJABBERD=/$LABEL/etc/ssl/ejabberd
CERT_CONFPROXY=/$LABEL/opt/confproxy/ssl
GETREPO=""
GETUSER=""
GETPASS=""

function getCurrentVersion() {
# Get hash from latest revision
  git log --format=format:%H -1
}

cd $CERT_DIR

if [ -z "$GETREPO" ]; then
  GIT_REVISION=0
  GIT_NEW_REVISION=1
  cd $FQDN
elif [ ! -d "$FQDN" ]; then
  GIT_REVISION=0
  git clone "https://$GETUSER:$GETPASS@$GETREPO"
  cd $FQDN
  GIT_NEW_REVISION=$(getCurrentVersion)
else
  cd $FQDN
  GIT_REVISION=$(getCurrentVersion)
  git commit -m "CRON: auto commit"
  git fetch
  git merge origin/master -m "Auto Merge"
  GIT_NEW_REVISION=$(getCurrentVersion)
fi

echo "old: $GIT_REVISION"
echo "new: $GIT_NEW_REVISION"

if [ $GIT_REVISION != $GIT_NEW_REVISION ]
then
  echo "Update ISL Conference Proxy certificate..."
  mkdir -p $CERT_CONFPROXY
  cp $CERT_DIR/$FQDN/$FQDN-cert.pem $CERT_CONFPROXY/cert.pem
  cp $CERT_DIR/$FQDN/$FQDN-chain.pem $CERT_CONFPROXY/chain.pem
  cp $CERT_DIR/$FQDN/$FQDN-key.pem $CERT_CONFPROXY/privkey.pem
  echo "Restart ISL Conference Proxy..."
  systemctl is-active --quiet confproxy && systemctl restart confproxy

  echo "Update Nginx certificate..."
  mkdir -p $CERT_NGINX
  cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_NGINX/nginx.pem
  cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_NGINX/nginx.key
  chown nginx:nginx $CERT_NGINX/nginx.*
  chmod 444 $CERT_NGINX/nginx.pem
  chmod 400 $CERT_NGINX/nginx.key
  echo "Restarting Nginx..."
  systemctl is-active --quiet nginx && systemctl restart nginx
fi

exit 0
ISL Online appliance 2022-03-11 15:57:04 +01:00			`#!/bin/bash`

			`HOST="isl"`
			`TLD="example.com"`
			`FQDN="$HOST.$TLD"`
			`LABEL="DATA"`

			`CERT_DIR=/$LABEL/CERTS`
			`CERT_EJABBERD=/$LABEL/etc/ssl/ejabberd`
			`CERT_CONFPROXY=/$LABEL/opt/confproxy/ssl`
			`GETREPO=""`
			`GETUSER=""`
			`GETPASS=""`

			`function getCurrentVersion() {`
			`# Get hash from latest revision`
			`git log --format=format:%H -1`
			`}`

			`cd $CERT_DIR`

			`if [ -z "$GETREPO" ]; then`
			`GIT_REVISION=0`
			`GIT_NEW_REVISION=1`
			`cd $FQDN`
			`elif [ ! -d "$FQDN" ]; then`
			`GIT_REVISION=0`
			`git clone "https://$GETUSER:$GETPASS@$GETREPO"`
			`cd $FQDN`
			`GIT_NEW_REVISION=$(getCurrentVersion)`
			`else`
			`cd $FQDN`
			`GIT_REVISION=$(getCurrentVersion)`
			`git commit -m "CRON: auto commit"`
			`git fetch`
			`git merge origin/master -m "Auto Merge"`
			`GIT_NEW_REVISION=$(getCurrentVersion)`
			`fi`

			`echo "old: $GIT_REVISION"`
			`echo "new: $GIT_NEW_REVISION"`

			`if [ $GIT_REVISION != $GIT_NEW_REVISION ]`
			`then`
			`echo "Update ISL Conference Proxy certificate..."`
			`mkdir -p $CERT_CONFPROXY`
			`cp $CERT_DIR/$FQDN/$FQDN-cert.pem $CERT_CONFPROXY/cert.pem`
			`cp $CERT_DIR/$FQDN/$FQDN-chain.pem $CERT_CONFPROXY/chain.pem`
			`cp $CERT_DIR/$FQDN/$FQDN-key.pem $CERT_CONFPROXY/privkey.pem`
			`echo "Restart ISL Conference Proxy..."`
			`systemctl is-active --quiet confproxy && systemctl restart confproxy`

			`echo "Update Nginx certificate..."`
			`mkdir -p $CERT_NGINX`
			`cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_NGINX/nginx.pem`
			`cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_NGINX/nginx.key`
			`chown nginx:nginx $CERT_NGINX/nginx.*`
			`chmod 444 $CERT_NGINX/nginx.pem`
			`chmod 400 $CERT_NGINX/nginx.key`
			`echo "Restarting Nginx..."`
			`systemctl is-active --quiet nginx && systemctl restart nginx`
			`fi`

			`exit 0`