certificates/dehydrated-cron
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changes in change_ssl_directives.sh: skip replacement if directive is already present.

Browse Source
This commit is contained in:
Christoph 2017-06-20 17:22:12 +02:00
parent 1e60c49b19
commit 031b099eff
1 changed files with 47 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
install_dehydrated.sh
View File

@ -2815,7 +2815,7 @@ echo_failed(){
echo -e "\033[75G[ \033[1;31mfailed\033[m ]"
}
echo_skipped() {
echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]"
echo -e "\033[75G[ \033[37m\033[1mskipped\033[m ]"
}
## - Check if a given array (parameter 2) contains a given string (parameter 1)
@ -2940,11 +2940,16 @@ fi
echo ""
echononl " Backup existing VHost Directory .."
cp -a \$VHOST_DIR \${VHOST_DIR}.\$_date
if [[ "\$(dirname \$VHOST_DIR)" =~ vhosts?/?\$ ]] ; then
BACKUP_SRC_DIR="\$(dirname \$VHOST_DIR)"
else
BACKUP_SRC_DIR="\$VHOST_DIR"
fi
cp -a "\$BACKUP_SRC_DIR" "\${BACKUP_SRC_DIR}.\$_date"
if [[ \$? -eq 0 ]] ; then
echo_ok
else
echo_skipped
echo_failed
fi
echo ""
@ -2988,40 +2993,60 @@ while IFS=' ' read -r site_server_name rest ; do
continue
fi
failed=false
_ssl_directive_changed=false
if [[ "\$VHOST_DIR" =~ apache ]]; then
# - Apache or nginx ?
# -
for _name in \${vhost_file_arr[@]} ; do
perl -i -n -p -e s"#^(\s*)SSLCertificateFile.*#\1SSLCertificateFile \${_cert_dir}/fullchain.pem#" \$_name
[[ \$? -ne 0 ]] && failed=true
perl -i -n -p -e s"#^(\s*)SSLCertificateKeyFile.*#\1SSLCertificateKeyFile \${_cert_dir}/privkey.pem#" \$_name
[[ \$? -ne 0 ]] && failed=true
sed -i '/SSLCertificateChainFile/d' \$_name
[[ \$? -ne 0 ]] && failed=true
if ! grep -q -i -E "\s*SSLCertificateFile\s*\${_cert_dir}/fullchain.pem" \$_name 2> /dev/null ; then
perl -i -n -p -e s"#^(\s*)SSLCertificateFile.*#\1SSLCertificateFile \${_cert_dir}/fullchain.pem#" \$_name
[[ \$? -ne 0 ]] && failed=true
_ssl_directive_changed=true
fi
if ! grep -q -i -E "\s*SSLCertificateKeyFile\s+\${_cert_dir}/privkey.pem" \$_name 2> /dev/null ; then
perl -i -n -p -e s"#^(\s*)SSLCertificateKeyFile.*#\1SSLCertificateKeyFile \${_cert_dir}/privkey.pem#" \$_name
[[ \$? -ne 0 ]] && failed=true
_ssl_directive_changed=true
fi
if grep -q -i -E "\s*/SSLCertificateChainFile" \$_name 2> /dev/null ; then
sed -i '/SSLCertificateChainFile/d' \$_name
[[ \$? -ne 0 ]] && failed=true
_ssl_directive_changed=true
fi
done
else
for _name in \${vhost_file_arr[@]} ; do
perl -i -n -p -e s"#^(\s*)ssl_certificate\s+.*#\1ssl_certificate \${_cert_dir}/fullchain.pem;#" \$_name
[[ \$? -ne 0 ]] && failed=true
perl -i -n -p -e s"#^(\s*)ssl_certificate_key\s+.*#\1ssl_certificate_key \${_cert_dir}/privkey.pem;#" \$_name
[[ \$? -ne 0 ]] && failed=true
sed -i '/SSLCertificateChainFile/d' \$_name
[[ \$? -ne 0 ]] && failed=true
if ! grep -q -i -E "\s*\s*ssl_certificate\s+\${_cert_dir}/fullchain.pem" \$_name 2> /dev/null ; then
perl -i -n -p -e s"#^(\s*)ssl_certificate\s+.*#\1ssl_certificate \${_cert_dir}/fullchain.pem;#" \$_name
[[ \$? -ne 0 ]] && failed=true
_ssl_directive_changed=true
fi
if ! grep -q -i -E "\s*\s*ssl_certificate_key\s+\${_cert_dir}/privkey.pem" \$_name 2> /dev/null ; then
perl -i -n -p -e s"#^(\s*)ssl_certificate_key\s+.*#\1ssl_certificate_key \${_cert_dir}/privkey.pem;#" \$_name
[[ \$? -ne 0 ]] && failed=true
_ssl_directive_changed=true
fi
done
fi
if \$failed ; then
echo_failed
if \$_ssl_directive_changed ; then
if \$failed ; then
echo_failed
else
echo_ok
fi
else
echo_ok
echo_skipped
fi
fi
done < <(cat \$DOMAINS_TXT_FILE)
if [[ -d "\${VHOST_DIR}.\$_date" ]]; then
diff -Nur \$VHOST_DIR \${VHOST_DIR}.\$_date > /dev/null 2>&1
if [[ -d "\${BACKUP_SRC_DIR}.\$_date" ]]; then
diff -Nur "\$BACKUP_SRC_DIR" "\${BACKUP_SRC_DIR}.\$_date" > /dev/null 2>&1
if [[ \$? -eq 0 ]]; then
info "No VHosts configuration has changed.\n\t Removing previously created backup"
echononl "Delete \"\${VHOST_DIR}.\$_date\".."
rm -rf \${VHOST_DIR}.\$_date
echononl "Delete \"\${BACKUP_SRC_DIR}.\$_date\".."
rm -rf "\${BACKUP_SRC_DIR}.\$_date"
if [[ \$? -eq 0 ]]; then
echo_ok
else