certificates/dehydrated-cron
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

install_dehydrated.sh: remove gtrailling blanks.

Browse Source
This commit is contained in:
Christoph 2025-02-02 11:18:50 +01:00
parent cebd8b1db1
commit 729dbfe5f8
1 changed files with 46 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
install_dehydrated.sh
View File

@ -154,15 +154,15 @@ done
DH_CRON_TYPE="" DH_CRON_TYPE=""
echo "" echo ""
echo -e "\033[32m--\033[m" echo -e "\033[32m--\033[m"
echo "" echo ""
echo "How to activate the dehydrated cronjob" echo "How to activate the dehydrated cronjob"
echo "" echo ""
echo "[1] System defined as cronjob file in /etc/cron.d" echo "[1] System defined as cronjob file in /etc/cron.d"
echo "[2] User defined - added to root cronjobs" echo "[2] User defined - added to root cronjobs"
echo "[3] Skip Cronjob Activation" echo "[3] Skip Cronjob Activation"
echo "" echo ""
echononl "Eingabe: " echononl "Eingabe: "
@ -180,9 +180,9 @@ while [ "$DH_CRON_TYPE" != "system" -a "$DH_CRON_TYPE" != "user" -a "$DH_CRON_TY
;; ;;
*) *)
echo "" echo ""
echo -e "\tFalsche Eingabe ! [ 1 = System defined ; 2 = User defined , 3 = Skip]" echo -e "\tFalsche Eingabe ! [ 1 = System defined ; 2 = User defined , 3 = Skip]"
echo "" echo ""
echononl "Eingabe:" echononl "Eingabe:"
;; ;;
esac esac
@ -221,7 +221,7 @@ while [ "$WEBSERVER_INSTALLATION" != "Apache2_Debian" \
;; ;;
5) WEBSERVER_INSTALLATION="Other_Webserver_Installation" 5) WEBSERVER_INSTALLATION="Other_Webserver_Installation"
;; ;;
*) echo "" *) echo ""
echo -e "\tFalsche Eingabe ! [ 1 = Apache2 Debian ; 2 = Apache2 Sources ; 3 = Nginx Debian ; 4 = Other ; 5 = GitLab]" echo -e "\tFalsche Eingabe ! [ 1 = Apache2 Debian ; 2 = Apache2 Sources ; 3 = Nginx Debian ; 4 = Other ; 5 = GitLab]"
echo "" echo ""
echononl "Eingabe:" echononl "Eingabe:"
@ -450,7 +450,7 @@ if [[ -n "$NGINX_BASE_DIR" ]]; then
echo_ok echo_ok
else else
echo_failed echo_failed
fi fi
fi fi
echononl " Configure Nginx Webserver: Create alias for WLLKNOWN Directory.." echononl " Configure Nginx Webserver: Create alias for WLLKNOWN Directory.."
@ -473,7 +473,7 @@ EOF
warn "In your appropriate server definitions (or in the global one is exists) add line:\n\n\t\033[37m\033[1minclude /etc/nginx/snippets/letsencrypt-acme-challenge.conf;\033[m" warn "In your appropriate server definitions (or in the global one is exists) add line:\n\n\t\033[37m\033[1minclude /etc/nginx/snippets/letsencrypt-acme-challenge.conf;\033[m"
else else
echo_failed echo_failed
fi fi
else else
echo_skipped echo_skipped
fi fi
@ -611,7 +611,7 @@ EOF
else else
echo_failed echo_failed
fi fi
elif ! grep -q -E "^\s*#\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then elif ! grep -q -E "^\s*#\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then
cat <<EOF >> ${GITLAB_CONF_FILE} cat <<EOF >> ${GITLAB_CONF_FILE}
@ -640,7 +640,7 @@ EOF
else else
echo_skipped echo_skipped
fi fi
echononl " Adjust ${GITLAB_CONF_FILE} - nginx['redirect_http_to_https']" echononl " Adjust ${GITLAB_CONF_FILE} - nginx['redirect_http_to_https']"
if ! grep -E "^\s*nginx\['redirect_http_to_https'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "true" 2> /dev/null ; then if ! grep -E "^\s*nginx\['redirect_http_to_https'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "true" 2> /dev/null ; then
@ -654,7 +654,7 @@ EOF
else else
echo_failed echo_failed
fi fi
elif ! grep -q -E "^\s*#\s*nginx\['redirect_http_to_https'\]" $GITLAB_CONF_FILE 2> /dev/null ; then elif ! grep -q -E "^\s*#\s*nginx\['redirect_http_to_https'\]" $GITLAB_CONF_FILE 2> /dev/null ; then
cat <<EOF >> ${GITLAB_CONF_FILE} cat <<EOF >> ${GITLAB_CONF_FILE}
@ -740,7 +740,7 @@ if [[ -d "$DH_WELL_KNOWN_DIR" ]]; then
echo_ok echo_ok
else else
echo_failed echo_failed
fi fi
fi fi
echononl " Create directory \"$DH_WELL_KNOWN_DIR\" .." echononl " Create directory \"$DH_WELL_KNOWN_DIR\" .."
mkdir -p $DH_WELL_KNOWN_DIR mkdir -p $DH_WELL_KNOWN_DIR
@ -930,9 +930,9 @@ else
fi fi
## - Create needed directories ## - Create needed directories
## - ## -
## - Configuration directory ## - Configuration directory
## - Base directory (for let's encrypt asccounts, generated certificates, ## - Base directory (for let's encrypt asccounts, generated certificates,
## - ## -
echononl " Create Directory $DH_CONF_DIR if not exists.." echononl " Create Directory $DH_CONF_DIR if not exists.."
if [[ -d "$DH_CONF_DIR" ]]; then if [[ -d "$DH_CONF_DIR" ]]; then
@ -943,7 +943,7 @@ if [[ -d "$DH_CONF_DIR" ]]; then
# echo_ok # echo_ok
#else #else
# echo_failed # echo_failed
#fi #fi
else else
mkdir -p $DH_CONF_DIR mkdir -p $DH_CONF_DIR
if [[ $? -eq 0 ]] ; then if [[ $? -eq 0 ]] ; then
@ -1208,7 +1208,7 @@ if [[ -f "${DH_CONF_DIR}/dehydrated_cron.conf" ]]; then
# - will be set to "0" # - will be set to "0"
# - # -
# - Defaults to "0" # - Defaults to "0"
# - # -
log_level=1 log_level=1
# - Where to find dehydrated script # - Where to find dehydrated script
@ -1222,7 +1222,7 @@ domains_txt=${DH_BASE_DIR}/domains.txt
# - Define hostnames from services other than webservices # - Define hostnames from services other than webservices
# - Only one hostname is allowed, but you can define alternative # - Only one hostname is allowed, but you can define alternative
# - names (until to 99) for the certificate. this cab be done # - names (until to 99) for the certificate. this cab be done
# - by defining the concerning *_server_alt_names variable as a # - by defining the concerning *_server_alt_names variable as a
# - space seperated list of hostnames # - space seperated list of hostnames
# - # -
# - example: # - example:
@ -1276,7 +1276,7 @@ dane_nameserver=""
# - # -
# - Note: # - Note:
# - Take care to provies an entry for nameservers dane_ssh_user in his # - Take care to provies an entry for nameservers dane_ssh_user in his
# - authorized_keys file. # - authorized_keys file.
# - # -
# - The ssh-key must not have a password! Otherwise this script will # - The ssh-key must not have a password! Otherwise this script will
# - not work! # - not work!
@ -1346,7 +1346,7 @@ else
# - will be set to "0" # - will be set to "0"
# - # -
# - Defaults to "0" # - Defaults to "0"
# - # -
log_level=1 log_level=1
# - Where to find dehydrated script # - Where to find dehydrated script
@ -1360,7 +1360,7 @@ domains_txt=${DH_BASE_DIR}/domains.txt
# - Define hostnames from services other than webservices # - Define hostnames from services other than webservices
# - Only one hostname is allowed, but you can define alternative # - Only one hostname is allowed, but you can define alternative
# - names (until to 99) for the certificate. this cab be done # - names (until to 99) for the certificate. this cab be done
# - by defining the concerning *_server_alt_names variable as a # - by defining the concerning *_server_alt_names variable as a
# - space seperated list of hostnames # - space seperated list of hostnames
# - # -
# - example: # - example:
@ -1409,7 +1409,7 @@ dane_nameserver=""
# - # -
# - Note: # - Note:
# - Take care to provies an entry for nameservers dane_ssh_user in his # - Take care to provies an entry for nameservers dane_ssh_user in his
# - authorized_keys file. # - authorized_keys file.
# - # -
# - The ssh-key must not have a password! Otherwise this script will # - The ssh-key must not have a password! Otherwise this script will
# - not work! # - not work!
@ -1576,13 +1576,13 @@ containsElement () {
# - Set log_level # - Set log_level
# - # -
# - Test whether stdout (file descriptor 1) is a terminal or not (e.g. cron # - Test whether stdout (file descriptor 1) is a terminal or not (e.g. cron
# - or if you pipe the output to some other program) # - or if you pipe the output to some other program)
# #
if [[ -t 1 ]] ; then if [[ -t 1 ]] ; then
case "\$log_level" in case "\$log_level" in
1) 1)
verbose=true verbose=true
;; ;;
*) *)
@ -1648,7 +1648,7 @@ if [[ ! -x "\$dehydrated_script" ]] ; then
fi fi
exit 99 exit 99
fi fi
if [[ ! -f "\$domains_txt" ]] ; then if [[ ! -f "\$domains_txt" ]] ; then
if [[ ! -d \`dirname \$domains_txt\` ]] ; then if [[ ! -d \`dirname \$domains_txt\` ]] ; then
if \$verbose ; then if \$verbose ; then
@ -1697,7 +1697,7 @@ if [[ -n "\$dane_records" ]] ; then
-o BatchMode=yes \\ -o BatchMode=yes \\
-o StrictHostKeyChecking=no \\ -o StrictHostKeyChecking=no \\
-i \$dane_ssh_key \\ -i \$dane_ssh_key \\
\$dane_ssh_user@\$dane_nameserver "sudo \$set_new_serial_script check > /dev/null 2>&1" \$dane_ssh_user@\$dane_nameserver "sudo \$set_new_serial_script check > /dev/null 2>&1"
if [[ \$? -gt 0 ]]; then if [[ \$? -gt 0 ]]; then
if \$verbose ; then if \$verbose ; then
error "Failed to acces script \"\$set_new_serial_script\" on host \"\$dane_nameserver\"!" error "Failed to acces script \"\$set_new_serial_script\" on host \"\$dane_nameserver\"!"
@ -1710,7 +1710,7 @@ if [[ -n "\$dane_records" ]] ; then
-o BatchMode=yes \\ -o BatchMode=yes \\
-o StrictHostKeyChecking=no \\ -o StrictHostKeyChecking=no \\
-i \$dane_ssh_key \\ -i \$dane_ssh_key \\
\$dane_ssh_user@\$dane_nameserver "sudo \$renew_tlsa_record check > /dev/null 2>&1" \$dane_ssh_user@\$dane_nameserver "sudo \$renew_tlsa_record check > /dev/null 2>&1"
if [[ \$? -gt 0 ]]; then if [[ \$? -gt 0 ]]; then
if \$verbose ; then if \$verbose ; then
error "Failed to acces script \"\$renew_tlsa_record\" on host \"\$dane_nameserver\"!" error "Failed to acces script \"\$renew_tlsa_record\" on host \"\$dane_nameserver\"!"
@ -1810,7 +1810,7 @@ fi
# - Invoke the dehydrated script to generate th let's encrypt certificates if # - Invoke the dehydrated script to generate th let's encrypt certificates if
# - needed. # - needed.
# - # -
\$verbose && echononl " Register account and agree to their terms of service .." \$verbose && echononl " Register account and agree to their terms of service .."
\$dehydrated_script --config ${DH_CONF_DIR}/config --register --accept-terms > \$_logfile 2>&1 \$dehydrated_script --config ${DH_CONF_DIR}/config --register --accept-terms > \$_logfile 2>&1
@ -1940,7 +1940,7 @@ if [[ -n "\$_successfully_created_hosts" ]] ; then
CUR_IFS=\$IFS CUR_IFS=\$IFS
for _entry in \$dane_records ; do for _entry in \$dane_records ; do
unset _tmp_arr unset _tmp_arr
IFS=':' IFS=':'
_tmp_arr=(\$_entry) _tmp_arr=(\$_entry)
IFS=\$CUR_IFS IFS=\$CUR_IFS
if [[ "\$hostname" = "\${_tmp_arr[0]}" ]];then if [[ "\$hostname" = "\${_tmp_arr[0]}" ]];then
@ -1962,7 +1962,7 @@ if [[ -n "\$_successfully_created_hosts" ]] ; then
fi fi
continue continue
fi fi
# - Generate TLSA 3 1 1 record # - Generate TLSA 3 1 1 record
# - # -
@ -2197,7 +2197,7 @@ if [[ -n "\$_successfully_created_hosts" ]] ; then
esac esac
fi # if ! \${generate_tlsa_301} fi # if ! \${generate_tlsa_301}
# - Generate TLSA 2 1 1 record # - Generate TLSA 2 1 1 record
# - # -
@ -2556,7 +2556,7 @@ if [[ -n "\$_successfully_created_hosts" ]] ; then
fi # if ! \${generate_tlsa_202} ; then fi # if ! \${generate_tlsa_202} ; then
# - To avoid multiple reloading og one and the same zone, we only # - To avoid multiple reloading og one and the same zone, we only
# - collect the zones, having to reload, at this time and do the # - collect the zones, having to reload, at this time and do the
# - reloading later. # - reloading later.
if ! containsElement \$domain \${zone_to_reload_arr[@]} ; then if ! containsElement \$domain \${zone_to_reload_arr[@]} ; then
zone_to_reload_arr+=("\$domain") zone_to_reload_arr+=("\$domain")
@ -2574,7 +2574,7 @@ fi
# - # -
#if ! \$certs_updated && ! grep -q -i "error:" \$_logfile 2> /dev/null ; then #if ! \$certs_updated && ! grep -q -i "error:" \$_logfile 2> /dev/null ; then
if ! \$certs_updated && ! \$certs_processed && \$_successfully_finished_script ; then if ! \$certs_updated && ! \$certs_processed && \$_successfully_finished_script ; then
if \$verbose ; then if \$verbose ; then
info "All Certificates are up to date." info "All Certificates are up to date."
echo "" echo ""
@ -3133,7 +3133,7 @@ fi
# - Sript create_domains_file.sh # - Sript create_domains_file.sh
# #
if [[ -f "${DH_BASE_DIR}/tools/create_domains_file.sh" ]]; then if [[ -f "${DH_BASE_DIR}/tools/create_domains_file.sh" ]]; then
# - Backup existing script create_domains_file.sh # - Backup existing script create_domains_file.sh
@ -3391,7 +3391,7 @@ for file in \${vhost_file_arr[@]} ; do
number_errors=0 number_errors=0
more_aliases=false more_aliases=false
echo "" echo ""
echononl " Get ServerName/ServerAlias from file \"\`basename \$file\`\"" echononl " Get ServerName/ServerAlias from file \"\`basename \$file\`\""
while read line ; do while read line ; do
@ -3567,7 +3567,7 @@ if [[ -f "${DH_BASE_DIR}/tools/create_domains_file.sh.$_date" ]]; then
fi fi
# - Backup outdated sript change_ssl_directives.sh # - Backup outdated sript change_ssl_directives.sh
# #
echononl " Backup outdated script '$(basename "${DH_CHANGE_SSL_DIRECTIVES_SCRIPT}")'.." echononl " Backup outdated script '$(basename "${DH_CHANGE_SSL_DIRECTIVES_SCRIPT}")'.."
if [[ -f "${DH_CHANGE_SSL_DIRECTIVES_SCRIPT}" ]]; then if [[ -f "${DH_CHANGE_SSL_DIRECTIVES_SCRIPT}" ]]; then
@ -3583,7 +3583,7 @@ fi
# - Backup Sript update_ssl_directives.sh # - Backup Sript update_ssl_directives.sh
# #
if [[ -f "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}" ]]; then if [[ -f "${DH_UPDATE_SSL_DIRECTIVES_SCRIPT}" ]]; then
# - Backup existing script change_ssl_directives.sh # - Backup existing script change_ssl_directives.sh
@ -4046,7 +4046,7 @@ fi
# - Sript dh_tlsgen.sh # - Sript dh_tlsgen.sh
# #
if [[ -f "${DH_BASE_DIR}/tools/dh_tlsgen.sh" ]]; then if [[ -f "${DH_BASE_DIR}/tools/dh_tlsgen.sh" ]]; then
# - Backup existing script dh_tlsgen.sh # - Backup existing script dh_tlsgen.sh
@ -4078,7 +4078,7 @@ else
fi fi
if [[ \$# -ne 1 ]] ; then if [[ \$# -ne 1 ]] ; then
echo -e "\n usage: \$(basename "\$0") <hostname:port>\n" echo -e "\n usage: \$(basename "\$0") <hostname:port>\n"
exit exit
fi fi