67 lines
1.6 KiB
Bash
Executable File
67 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
HOST="isl"
|
|
TLD="example.com"
|
|
FQDN="$HOST.$TLD"
|
|
LABEL="DATA"
|
|
|
|
CERT_DIR=/$LABEL/CERTS
|
|
CERT_NGINX=/$LABEL/etc/ssl/nginx
|
|
CERT_CONFPROXY=/$LABEL/etc/ssl/confproxy
|
|
GETREPO=""
|
|
GETUSER=""
|
|
GETPASS=""
|
|
|
|
function getCurrentVersion() {
|
|
# Get hash from latest revision
|
|
git log --format=format:%H -1
|
|
}
|
|
|
|
cd $CERT_DIR
|
|
|
|
if [ -z "$GETREPO" ]; then
|
|
GIT_REVISION=0
|
|
GIT_NEW_REVISION=1
|
|
cd $FQDN
|
|
elif [ ! -d "$FQDN" ]; then
|
|
GIT_REVISION=0
|
|
git clone "https://$GETUSER:$GETPASS@$GETREPO"
|
|
cd $FQDN
|
|
GIT_NEW_REVISION=$(getCurrentVersion)
|
|
else
|
|
cd $FQDN
|
|
GIT_REVISION=$(getCurrentVersion)
|
|
git commit -m "CRON: auto commit"
|
|
git fetch
|
|
git merge origin/master -m "Auto Merge"
|
|
GIT_NEW_REVISION=$(getCurrentVersion)
|
|
fi
|
|
|
|
echo "old: $GIT_REVISION"
|
|
echo "new: $GIT_NEW_REVISION"
|
|
|
|
if [ $GIT_REVISION != $GIT_NEW_REVISION ]
|
|
then
|
|
echo "Update ISL Conference Proxy certificate..."
|
|
mkdir -p $CERT_CONFPROXY
|
|
rm -rf /opt/confproxy/ssl
|
|
ln -sf $CERT_CONFPROXY /opt/confproxy/ssl
|
|
cp $CERT_DIR/$FQDN/$FQDN-cert.pem $CERT_CONFPROXY/cert.pem
|
|
cp $CERT_DIR/$FQDN/$FQDN-chain.pem $CERT_CONFPROXY/chain.pem
|
|
cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_CONFPROXY/privkey.pem
|
|
echo "Restart ISL Conference Proxy..."
|
|
systemctl is-active --quiet confproxy && systemctl restart confproxy
|
|
|
|
echo "Update Nginx certificate..."
|
|
mkdir -p $CERT_NGINX
|
|
cp $CERT_DIR/$FQDN/$FQDN-fullchain.pem $CERT_NGINX/nginx.pem
|
|
cp $CERT_DIR/KEYS/$FQDN-key.pem $CERT_NGINX/nginx.key
|
|
chown nginx:nginx $CERT_NGINX/nginx.*
|
|
chmod 444 $CERT_NGINX/nginx.pem
|
|
chmod 400 $CERT_NGINX/nginx.key
|
|
echo "Restarting Nginx..."
|
|
systemctl is-active --quiet nginx && systemctl restart nginx
|
|
fi
|
|
|
|
exit 0
|