certificates/dehydrated-cron
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make hook.sh script compartible with dash

Browse Source
This commit is contained in:
Christoph 2016-12-14 14:23:55 +01:00
parent 355c8aca6d
commit 47ca1ef6c1
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
install_dehydrated.sh
View File

@ -724,11 +724,11 @@ while read -r line || [[ -n "$line" ]]; do
echo " #ln -s root-\${TIMESTAMP}.ca \${BASEDIR}/certs/\${DOMAIN}/root.ca" >> $HOOK_OUT_FILE
echo " #cp -a \`realpath \$FULLCHAINFILE\` \`realpath \$FULLCHAINFILE\`.ORIG" >> $HOOK_OUT_FILE
echo " #cat \`realpath \$FULLCHAINFILE\`.ORIG \${BASEDIR}/certs/\${DOMAIN}/root-\${TIMESTAMP}.ca > \$FULLCHAINFILE" >> $HOOK_OUT_FILE
echo " cat \$KEYFILE \$FULLCHAINFILE > \${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain-\${TIMESTAMP}.pem" >> $HOOK_OUT_FILE
echo " if [[ -h \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem\" ]]; then" >> $HOOK_OUT_FILE
echo " rm \${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem" >> $HOOK_OUT_FILE
echo " cat \"\$KEYFILE\" \"\$FULLCHAINFILE\" > \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain-\${TIMESTAMP}.pem\"" >> $HOOK_OUT_FILE
echo " if [ -h \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem\" ]; then" >> $HOOK_OUT_FILE
echo " rm \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem"\" >> $HOOK_OUT_FILE
echo " fi" >> $HOOK_OUT_FILE
echo " ln -s privkey_cert_chain-\${TIMESTAMP}.pem \${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem" >>$HOOK_OUT_FILE
echo " ln -s \"privkey_cert_chain-\${TIMESTAMP}.pem\" \"\${BASEDIR}/certs/\${DOMAIN}/privkey_cert_chain.pem\"" >>$HOOK_OUT_FILE
echo " echo \" + Hook: \$DOMAIN - Certificate has been produced\"" >> $HOOK_OUT_FILE
echo "" >> $HOOK_OUT_FILE
found=false
@ -2858,7 +2858,7 @@ cat <<EOF > ${DH_BASE_DIR}/tools/dh_tlsgen.sh
#!/usr/bin/env bash
if [[ \$# -ne 1 ]] ; then
echo -e "\n usage: \`basename \$0\` <hostname:port>\n"
echo -e "\n usage: \$(basename "\$0") <hostname:port>\n"
exit
fi
@ -2875,10 +2875,10 @@ tlsa_record_311=\$(
printf '_%s._tcp.%s. IN TLSA 3 1 1 %s\n' \\
\$port \\
\$hostname \\
\$(openssl x509 -in \$cert -noout -pubkey |
"\$(openssl x509 -in \$cert -noout -pubkey |
openssl pkey -pubin -outform DER |
openssl dgst -sha256 -binary |
hexdump -ve '/1 "%02x"')
hexdump -ve '/1 "%02x"')"
)
cert=/var/lib/dehydrated/certs/\${hostname}/chain.pem
@ -2886,10 +2886,10 @@ tlsa_record_211_chain=\$(
printf '_%s._tcp.%s. IN TLSA 2 1 1 %s\n' \\
\$port \\
\$hostname \\
\$(openssl x509 -in \$cert -noout -pubkey |
"\$(openssl x509 -in \$cert -noout -pubkey |
openssl pkey -pubin -outform DER |
openssl dgst -sha256 -binary |
hexdump -ve '/1 "%02x"')
hexdump -ve '/1 "%02x"')"
)
tlsa_record_211_root=""
@ -2899,26 +2899,26 @@ if [[ -f "\$cert" ]]; then
printf '_%s._tcp.%s. IN TLSA 2 1 1 %s\n' \\
\$port \\
\$hostname \\
\$(openssl x509 -in \$cert -noout -pubkey |
"\$(openssl x509 -in \$cert -noout -pubkey |
openssl pkey -pubin -outform DER |
openssl dgst -sha256 -binary |
hexdump -ve '/1 "%02x"')
hexdump -ve '/1 "%02x"')"
)
fi
echo ""
echo "TLSA 3 1 1 certificate"
echo "======================"
echo \$tlsa_record_311
echo "\$tlsa_record_311"
echo ""
echo "TLSA 2 1 1 chain"
echo "================"
echo \$tlsa_record_211_chain
echo "\$tlsa_record_211_chain"
echo ""
if [[ -n "\$tlsa_record_211_root" ]]; then
echo "TLSA 2 1 1 root"
echo "==============="
echo \$tlsa_record_211_root
echo "\$tlsa_record_211_root"
echo ""
fi