appliances/ejabberd/appliance/cert-renew.sh

67 lines
1.6 KiB
Bash
Raw Normal View History

2021-03-16 19:33:40 +01:00
#!/bin/bash
HOST="ejabberd"
TLD="example.com"
FQDN="$HOST.$TLD"
LABEL="DATA"
CERT_DIR=/$LABEL/CERTS
CERT_EJABBERD=/$LABEL/etc/ssl/ejabberd
CERT_NGINX=/$LABEL/etc/ssl/nginx
GETREPO=""
GETUSER=""
GETPASS=""
function getCurrentVersion() {
# Get hash from latest revision
git log --format=format:%H -1
}
cd $CERT_DIR
if [ -z "$GETREPO" ]; then
GIT_REVISION=0
GIT_NEW_REVISION=1
cd $FQDN
elif [ ! -d "$FQDN" ]; then
GIT_REVISION=0
git clone "https://$GETUSER:$GETPASS@$GETREPO"
cd $FQDN
GIT_NEW_REVISION=$(getCurrentVersion)
else
cd $FQDN
GIT_REVISION=$(getCurrentVersion)
git commit -m "CRON: auto commit"
git fetch
git merge origin/master -m "Auto Merge"
GIT_NEW_REVISION=$(getCurrentVersion)
fi
echo "old: $GIT_REVISION"
echo "new: $GIT_NEW_REVISION"
if [ $GIT_REVISION != $GIT_NEW_REVISION ]
then
echo "Update Ejabberd certificate..."
mkdir -p $CERT_EJABBERD
cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_EJABBERD/server.pem
cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_EJABBERD/server.key
chown root:jabber $CERT_EJABBERD/server.*
chmod 444 $CERT_EJABBERD/server.pem
chmod 440 $CERT_EJABBERD/server.key
2021-04-02 18:18:54 +02:00
echo "Restarting Ejabberd..."
systemctl is-active --quiet ejabberd && systemctl restart ejabberd
2021-03-16 19:33:40 +01:00
echo "Update Nginx certificate..."
mkdir -p $CERT_NGINX
cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_NGINX/nginx.pem
cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_NGINX/nginx.key
chown nginx:nginx $CERT_NGINX/nginx.*
chmod 444 $CERT_NGINX/nginx.pem
chmod 400 $CERT_NGINX/nginx.key
2021-04-02 18:18:54 +02:00
echo "Restarting Nginx..."
systemctl is-active --quiet nginx && systemctl restart nginx
2021-03-16 19:33:40 +01:00
fi
2021-04-02 18:18:54 +02:00
exit 0