Some minor changes in case of gitlab-ce.

2019-05-14 16:23:12 +02:00 · 2019-05-14 16:23:12 +02:00 · ec919803f6
commit ec919803f6
parent d5f0da87ca
1 changed files with 71 additions and 53 deletions
--- a/install_dehydrated.sh
+++ b/install_dehydrated.sh
@ -484,49 +484,6 @@ fi

 if [[ -n "$GITLAB_CONF_FILE" ]]; then

-   echononl "   Adjust ${GITLAB_CONF_FILE} - letsencrypt['enable']"
-
-   if ! grep -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "false" 2> /dev/null ; then
-
-      if grep -q -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then
-
-         perl -i -n -p -e "s#^(\s*(letsencrypt\['enable'\]).*)#\#\# \1\n\2 = false#" $GITLAB_CONF_FILE
-         if [[ $? -eq 0 ]] ; then
-            echo_ok
-            gitlab_reconfigure=true
-         else
-            echo_failed
-         fi
-      
-      elif ! grep -q -E "^\s*#\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then
-         cat <<EOF >> ${GITLAB_CONF_FILE}
-
-################################################################################
-## Added by dehydrated install script $(basename $0)
-################################################################################
-
-letsencrypt['enable'] = false
-
-EOF
-         if [[ $? -eq 0 ]] ; then
-            echo_ok
-            gitlab_reconfigure=true
-         else
-            echo_failed
-         fi
-      else
-         perl -i -n -p -e "s#^(\s*\#\s*(letsencrypt\['enable'\]).*)#\1\n\2 = false#" $GITLAB_CONF_FILE
-         if [[ $? -eq 0 ]] ; then
-            echo_ok
-            gitlab_reconfigure=true
-         else
-            echo_failed
-         fi
-      fi
-   else
-      echo_skipped
-   fi
-
   if [[ ! -d "/var/lib/dehydrated/certs/${HOST_NAME}" ]]; then
      URL_SCHEMA="http"
   else
@ -535,7 +492,7 @@ EOF

   echononl "   Adjust ${GITLAB_CONF_FILE} - external_url"

-   if ! grep -E "^\s*external_url" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "${HOST_NAME}" 2> /dev/null ; then
+   if ! grep -E "^\s*external_url" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "${URL_SCHEMA}://${HOST_NAME}" 2> /dev/null ; then

      if grep -q -E "^\s*external_url" $GITLAB_CONF_FILE 2> /dev/null ; then

@ -643,6 +600,49 @@ EOF

   if [[ -d "/var/lib/dehydrated/certs/${HOST_NAME}" ]]; then

+      echononl "   Adjust ${GITLAB_CONF_FILE} - letsencrypt['enable']"
+
+      if ! grep -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "false" 2> /dev/null ; then
+
+         if grep -q -E "^\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then
+
+            perl -i -n -p -e "s#^(\s*(letsencrypt\['enable'\]).*)#\#\# \1\n\2 = false#" $GITLAB_CONF_FILE
+            if [[ $? -eq 0 ]] ; then
+               echo_ok
+               gitlab_reconfigure=true
+            else
+               echo_failed
+            fi
+         
+         elif ! grep -q -E "^\s*#\s*letsencrypt\['enable'\]" $GITLAB_CONF_FILE 2> /dev/null ; then
+            cat <<EOF >> ${GITLAB_CONF_FILE}
+
+################################################################################
+## Added by dehydrated install script $(basename $0)
+################################################################################
+
+letsencrypt['enable'] = false
+
+EOF
+            if [[ $? -eq 0 ]] ; then
+               echo_ok
+               gitlab_reconfigure=true
+            else
+               echo_failed
+            fi
+         else
+            perl -i -n -p -e "s#^(\s*\#\s*(letsencrypt\['enable'\]).*)#\1\n\2 = false#" $GITLAB_CONF_FILE
+            if [[ $? -eq 0 ]] ; then
+               echo_ok
+               gitlab_reconfigure=true
+            else
+               echo_failed
+            fi
+         fi
+      else
+         echo_skipped
+      fi
+   
      echononl "   Adjust ${GITLAB_CONF_FILE} - nginx['redirect_http_to_https']"

      if ! grep -E "^\s*nginx\['redirect_http_to_https'\]" $GITLAB_CONF_FILE 2> /dev/null | grep -q -E "true" 2> /dev/null ; then
@ -991,11 +991,29 @@ else

   ## - Adapt configuration file
   ## -
+   ## -    comment out line
+   ## -       CA="https://.."
+   ## -
+   ## -    Change/Set Values
+   ## -
   ## -    CHALLENGETYPE="http-01"
   ## -    BASEDIR="$DH_BASE_DIR"
   ## -    WELLKNOWN="$DH_WELL_KNOWN_DIR"
   ## -    HOOK="${BASEDIR}/hook.sh"
   ## -
+
+   echononl "   Adjust configuration: comment out line 'CA=\"https://..'.."
+   if $(grep -q -E "^\s*CA\s*=\s*\"http" "$DH_CONF_DIR/config" 2> /dev/null) ; then
+      perl -i -n -p -e 's/^(\s*)(CA=.*)/## - \1\2\n/' $DH_CONF_DIR/config
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+      fi
+   else
+      echo_skipped
+   fi
+
   echononl "   Adjust configuration: CHALLENGETYPE=\"http-01\".."
   perl -i -n -p -e 's/^(\s*#*\s*)(CHALLENGETYPE=.*)/## - \1\2\nCHALLENGETYPE="http-01"/' $DH_CONF_DIR/config
   if [[ $? -eq 0 ]] ; then
@ -1037,15 +1055,15 @@ else
   ## - To avoid this, please set the CA property to the Let’s Encrypt staging
   ## - server URL in your config file:
   ## -
-   echononl "   Set CA property to the Let’s Encrypt staging server (for testing).."
-   perl -i -n -p -e 's#^(\s*\#*\s*)(CA=.*)#\#\# - \1\2\nCA="https://acme-staging.api.letsencrypt.org/directory"#' \
-      $DH_CONF_DIR/config
-   if [[ $? -eq 0 ]] ; then
-      echo_ok
-      warn "Configuration is only for testing\n\t             For production mode comment out line \"CA=..\""
-   else
-      echo_failed
-   fi
+   #echononl "   Set CA property to the Let’s Encrypt staging server (for testing).."
+   #perl -i -n -p -e 's#^(\s*\#*\s*)(CA=.*)#\#\# - \1\2\nCA="https://acme-staging.api.letsencrypt.org/directory"#' \
+   #   $DH_CONF_DIR/config
+   #if [[ $? -eq 0 ]] ; then
+   #   echo_ok
+   #   warn "Configuration is only for testing\n\t             For production mode comment out line \"CA=..\""
+   #else
+   #   echo_failed
+   #fi
 fi