certificates/dehydrated-cron
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename script 'change_ssl_directives.sh' to 'update_ssl_directives.sh'. Add cronjob for script 'update_ssl_directives.sh'.

Browse Source
This commit is contained in:
Christoph 2022-07-31 11:59:31 +02:00
parent db826c6c63
commit 707e62ee02
1 changed files with 122 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

137
install_dehydrated.sh
View File

@ -131,6 +131,8 @@ while [[ "X$DH_BASE_DIR" = "X" ]]; do
done
HOOK_OUT_FILE="${DH_BASE_DIR}/hook.sh"
DH_CRON_SCRIPT="${DH_BASE_DIR}/cron/dehydrated_cron.sh"
DH_CHANGE_SSL_DIRECTIVES_SCRIPT="${DH_BASE_DIR}/tools/change_ssl_directives.sh"
DH_UPDATE_SSL_DIRECTIVES_SCRIPT="${DH_BASE_DIR}/tools/update_ssl_directives.sh"
echo ""
@ -2751,7 +2753,10 @@ fi
if [[ "$DH_CRON_TYPE" = "user" ]]; then
echononl " Activate dehydrated cronjob for root user .."
# Cronjob for dehydrated main script (ordering certificates)
#
echononl " Activate dehydrated cronjob for $(basename "$DH_CRON_SCRIPT") for root user .."
_success=true
_cur_cron=`mktemp`
[[ $? -ne 0 ]] && _success=false
@ -2762,7 +2767,7 @@ if [[ "$DH_CRON_TYPE" = "user" ]]; then
else
if grep `basename $DH_CRON_SCRIPT` $_cur_cron > /dev/null 2>&1 ; then
echo_skipped
info "Cronjob already activated."
info "Cronjob for $(basename "$DH_CRON_SCRIPT") already activated."
else
_success=true
cat <<EOF >> $_cur_cron
@ -2798,10 +2803,86 @@ EOF
else
echo_failed
fi
fi # if grep `basename $DH_CRON_SCRIPT` /etc/cron.d/*
fi # if grep `basename $DH_CRON_SCRIPT` /etc/cron.d/*
# Cronjob for dehydrated update vhosts script (change ssl directives)
#
echononl " Activate dehydrated cronjob for $(basename "$DH_UPDATE_SSL_DIRECTIVES_SCRIPT") for root user .."
_success=true
_cur_cron=`mktemp`
[[ $? -ne 0 ]] && _success=false
crontab -u root -l > $_cur_cron
[[ $? -ne 0 ]] && _success=false
if ! $success ; then
echo_failed
else
if grep `basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT` $_cur_cron > /dev/null 2>&1 ; then
echo_skipped
info "Cronjob for $(basename "$DH_UPDATE_SSL_DIRECTIVES_SCRIPT") already activated."
else
_success=true
cat <<EOF >> $_cur_cron
# - Check whether all certificates are included in the VHOST configurations
# -
33 05 * * * $DH_UPDATE_SSL_DIRECTIVES_SCRIPT
EOF
[[ $? -ne 0 ]] && _success=false
crontab -u root $_cur_cron
[[ $? -ne 0 ]] && _success=false
if $success ; then
echo_ok
else
echo_failed
fi
fi # if grep `basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT`
fi # if ! $success ; then
rm -f $_cur_cron
# - Check, whether a system based update vhosts script exists in /etc/cron.d
# -
if grep -l `basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT` /etc/cron.d/* > /dev/null 2>&1 ; then
warn "A system based update vhost cronjob already exists in /etc/cron.d/\n\t Deleteing this one now.."
_success=true
echononl " Delete update vhost cronjob in /etc/cron.d/.."
for _file in $(grep -l `basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT` /etc/cron.d/*) ; do
rm -f $_file > /dev/null 2>&1
[[ $? -ne 0 ]] && _success=false
done
if $success ; then
echo_ok
else
echo_failed
fi
fi # if grep `basename $DH_CHANGE_SSL_DIRECTIVES_SCRIPT` /etc/cron.d/*
# - Remove crontjob's for old (and noe renamed) script $DH_CHANGE_SSL_DIRECTIVES_SCRIPT
# -
if crontab -l | grep `basename $DH_CHANGE_SSL_DIRECTIVES_SCRIPT` > /dev/null 2>&1 ; then
warn "Dehydrated's update vhost cronjob is also activated for root user.\n\t Deleting now.."
echononl " Delete dehydrated's update vhost cronjob for user root.."
_success=true
_cur_cron=`mktemp`
[[ $? -ne 0 ]] && _success=false
crontab -u root -l > $_cur_cron
[[ $? -ne 0 ]] && _success=false
sed -i "/`basename $DH_CHANGE_SSL_DIRECTIVES_SCRIPT`/d" $_cur_cron > /dev/null 2>&1
[[ $? -ne 0 ]] && _success=false
crontab -u root $_cur_cron
[[ $? -ne 0 ]] && _success=false
if $success ; then
echo_ok
else
echo_failed
fi
fi # if crontab -l | grep `basename $DH_CHANGE_SSL_DIRECTIVES_SCRIPT`
elif [[ "$DH_CRON_TYPE" = "system" ]]; then
echononl " Activate dehydrated cronjob in /etc/cron.d/"
if grep `basename $DH_CRON_SCRIPT` /etc/cron.d/* > /dev/null 2>&1 ; then
echo_skipped
@ -2812,6 +2893,10 @@ elif [[ "$DH_CRON_TYPE" = "system" ]]; then
# - Generate/Renew Let's Encrypt Certificates if needed (using dehydrated script)
# -
21 05 * * * root $DH_CRON_SCRIPT
# - Check whether all certificates are included in the VHOST configurations
# -
31 05 * * * root $DH_UPDATE_SSL_DIRECTIVES_SCRIPT
EOF
if [[ $? -eq 0 ]]; then
echo_ok
@ -2842,6 +2927,28 @@ EOF
fi # if crontab -l | grep `basename $DH_CRON_SCRIPT`
# - Check, whether a dehydrated's update vhost cron job exists for user root
# -
if crontab -l | grep `basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT` > /dev/null 2>&1 ; then
warn "Dehydrated's update vhost cronjob is also activated for root user.\n\t Deleting now.."
echononl " Delete dehydrated's update vhost cronjob for user root.."
_success=true
_cur_cron=`mktemp`
[[ $? -ne 0 ]] && _success=false
crontab -u root -l > $_cur_cron
[[ $? -ne 0 ]] && _success=false
sed -i "/`basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT`/d" $_cur_cron > /dev/null 2>&1
[[ $? -ne 0 ]] && _success=false
crontab -u root $_cur_cron
[[ $? -ne 0 ]] && _success=false
if $success ; then
echo_ok
else
echo_failed
fi
fi # if crontab -l | grep `basename $DH_UPDATE_SSL_DIRECTIVES_SCRIPT`
fi
@ -3295,12 +3402,12 @@ fi
# - Sript change_ssl_directives.sh
#
if [[ -f "${DH_BASE_DIR}/tools/change_ssl_directives.sh" ]]; then
if [[ -f "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}" ]]; then
# - Backup existing script change_ssl_directives.sh
# -
echononl " Backup ${DH_BASE_DIR}/tools/change_ssl_directives.sh.."
cp -a ${DH_BASE_DIR}/tools/change_ssl_directives.sh ${DH_BASE_DIR}/tools/change_ssl_directives.sh.$_date > /dev/null 2>&1
echononl " Backup ${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}.."
cp -a "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}" "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}.$_date" > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
echo_ok
else
@ -3309,8 +3416,8 @@ if [[ -f "${DH_BASE_DIR}/tools/change_ssl_directives.sh" ]]; then
fi
echononl " Install script \"change_ssl_directives.sh\" into ${DH_BASE_DIR}/tools/"
cat <<EOF > ${DH_BASE_DIR}/tools/change_ssl_directives.sh
echononl " Install script \"$(basename "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}")\" into ${DH_BASE_DIR}/tools/"
cat <<EOF > ${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}
#!/usr/bin/env bash
# - Changes "SSLCertificate.."-lines in vhost configuration
@ -3729,20 +3836,20 @@ else
echo_failed
fi
echononl " Make \"${DH_BASE_DIR}/tools/change_ssl_directives.sh\" executable.."
chmod 755 ${DH_BASE_DIR}/tools/change_ssl_directives.sh
echononl " Make \"${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}\" executable.."
chmod 755 "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}"
if [[ $? -eq 0 ]]; then
echo_ok
else
echo_failed
fi
if [[ -f "${DH_BASE_DIR}/tools/change_ssl_directives.sh.$_date" ]]; then
diff ${DH_BASE_DIR}/tools/change_ssl_directives.sh ${DH_BASE_DIR}/tools/change_ssl_directives.sh.$_date > /dev/null 2>&1
if [[ -f "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}.$_date" ]]; then
diff "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}" "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}.$_date" > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
info "Script change_ssl_directives.sh has not change.\n\t Removing previously created backup.."
echononl " Remove ${DH_BASE_DIR}/tools/change_ssl_directives.sh.$_date.."
rm -f ${DH_BASE_DIR}/tools/change_ssl_directives.sh.$_date
info "Script $(basename "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}") has not change.\n\t Removing previously created backup.."
echononl " Remove ${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}.$_date.."
rm -f "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}.$_date"
if [[ $? -eq 0 ]]; then
echo_ok
else