From ec919803f6b6fc7302cc2b77e9bd600e0bb8d416 Mon Sep 17 00:00:00 2001 From: Christoph Date: Tue, 14 May 2019 16:23:12 +0200 Subject: [PATCH] Some minor changes in case of gitlab-ce. --- install_dehydrated.sh | 124 ++++++++++++++++++++++++------------------ 1 file changed, 71 insertions(+), 53 deletions(-) diff --git a/install_dehydrated.sh b/install_dehydrated.sh index 9fe8b3a..dd7f8e8 100755 --- a/install_dehydrated.sh +++ b/install_dehydrated.sh @@ -484,49 +484,6 @@ fi if [[ -n "$GITLAB_CONF_FILE" ]]; then - echononl " Adjust ${GITLAB_CONF_FILE} - letsencrypt['enable']" - - if ! grep -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "false" 2> /dev/null ; then - - if grep -q -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then - - perl -i -n -p -e "s#^(\s*(letsencrypt\['enable'\]).*)#\#\# \1\n\2 = false#" $GITLAB_CONF_FILE - if [[ $? -eq 0 ]] ; then - echo_ok - gitlab_reconfigure=true - else - echo_failed - fi - - elif ! grep -q -E "^\s*#\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then - cat <> ${GITLAB_CONF_FILE} - -################################################################################ -## Added by dehydrated install script $(basename $0) -################################################################################ - -letsencrypt['enable'] = false - -EOF - if [[ $? -eq 0 ]] ; then - echo_ok - gitlab_reconfigure=true - else - echo_failed - fi - else - perl -i -n -p -e "s#^(\s*\#\s*(letsencrypt\['enable'\]).*)#\1\n\2 = false#" $GITLAB_CONF_FILE - if [[ $? -eq 0 ]] ; then - echo_ok - gitlab_reconfigure=true - else - echo_failed - fi - fi - else - echo_skipped - fi - if [[ ! -d "/var/lib/dehydrated/certs/${HOST_NAME}" ]]; then URL_SCHEMA="http" else @@ -535,7 +492,7 @@ EOF echononl " Adjust ${GITLAB_CONF_FILE} - external_url" - if ! grep -E "^\s*external_url" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "${HOST_NAME}" 2> /dev/null ; then + if ! grep -E "^\s*external_url" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "${URL_SCHEMA}://${HOST_NAME}" 2> /dev/null ; then if grep -q -E "^\s*external_url" $GITLAB_CONF_FILE 2> /dev/null ; then @@ -642,6 +599,49 @@ EOF fi if [[ -d "/var/lib/dehydrated/certs/${HOST_NAME}" ]]; then + + echononl " Adjust ${GITLAB_CONF_FILE} - letsencrypt['enable']" + + if ! grep -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "false" 2> /dev/null ; then + + if grep -q -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then + + perl -i -n -p -e "s#^(\s*(letsencrypt\['enable'\]).*)#\#\# \1\n\2 = false#" $GITLAB_CONF_FILE + if [[ $? -eq 0 ]] ; then + echo_ok + gitlab_reconfigure=true + else + echo_failed + fi + + elif ! grep -q -E "^\s*#\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then + cat <> ${GITLAB_CONF_FILE} + +################################################################################ +## Added by dehydrated install script $(basename $0) +################################################################################ + +letsencrypt['enable'] = false + +EOF + if [[ $? -eq 0 ]] ; then + echo_ok + gitlab_reconfigure=true + else + echo_failed + fi + else + perl -i -n -p -e "s#^(\s*\#\s*(letsencrypt\['enable'\]).*)#\1\n\2 = false#" $GITLAB_CONF_FILE + if [[ $? -eq 0 ]] ; then + echo_ok + gitlab_reconfigure=true + else + echo_failed + fi + fi + else + echo_skipped + fi echononl " Adjust ${GITLAB_CONF_FILE} - nginx['redirect_http_to_https']" @@ -991,11 +991,29 @@ else ## - Adapt configuration file ## - + ## - comment out line + ## - CA="https://.." + ## - + ## - Change/Set Values + ## - ## - CHALLENGETYPE="http-01" ## - BASEDIR="$DH_BASE_DIR" ## - WELLKNOWN="$DH_WELL_KNOWN_DIR" ## - HOOK="${BASEDIR}/hook.sh" ## - + + echononl " Adjust configuration: comment out line 'CA=\"https://..'.." + if $(grep -q -E "^\s*CA\s*=\s*\"http" "$DH_CONF_DIR/config" 2> /dev/null) ; then + perl -i -n -p -e 's/^(\s*)(CA=.*)/## - \1\2\n/' $DH_CONF_DIR/config + if [[ $? -eq 0 ]] ; then + echo_ok + else + echo_failed + fi + else + echo_skipped + fi + echononl " Adjust configuration: CHALLENGETYPE=\"http-01\".." perl -i -n -p -e 's/^(\s*#*\s*)(CHALLENGETYPE=.*)/## - \1\2\nCHALLENGETYPE="http-01"/' $DH_CONF_DIR/config if [[ $? -eq 0 ]] ; then @@ -1037,15 +1055,15 @@ else ## - To avoid this, please set the CA property to the Let’s Encrypt staging ## - server URL in your config file: ## - - echononl " Set CA property to the Let’s Encrypt staging server (for testing).." - perl -i -n -p -e 's#^(\s*\#*\s*)(CA=.*)#\#\# - \1\2\nCA="https://acme-staging.api.letsencrypt.org/directory"#' \ - $DH_CONF_DIR/config - if [[ $? -eq 0 ]] ; then - echo_ok - warn "Configuration is only for testing\n\t For production mode comment out line \"CA=..\"" - else - echo_failed - fi + #echononl " Set CA property to the Let’s Encrypt staging server (for testing).." + #perl -i -n -p -e 's#^(\s*\#*\s*)(CA=.*)#\#\# - \1\2\nCA="https://acme-staging.api.letsencrypt.org/directory"#' \ + # $DH_CONF_DIR/config + #if [[ $? -eq 0 ]] ; then + # echo_ok + # warn "Configuration is only for testing\n\t For production mode comment out line \"CA=..\"" + #else + # echo_failed + #fi fi