summaryrefslogtreecommitdiffstats
path: root/dehydrated/share/hooks/exit_hook.service-reload
diff options
context:
space:
mode:
Diffstat (limited to 'dehydrated/share/hooks/exit_hook.service-reload')
-rwxr-xr-xdehydrated/share/hooks/exit_hook.service-reload120
1 files changed, 120 insertions, 0 deletions
diff --git a/dehydrated/share/hooks/exit_hook.service-reload b/dehydrated/share/hooks/exit_hook.service-reload
new file mode 100755
index 0000000..dcbbb58
--- /dev/null
+++ b/dehydrated/share/hooks/exit_hook.service-reload
@@ -0,0 +1,120 @@
+#!/bin/sh
+
+# Open Infrastructure: service-tools
+
+# Copyright (C) 2014-2023 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+set -e
+
+Run_apache2 ()
+{
+ if grep -Eqrs '^ *SSLCertificateFile' /etc/apache2/sites-enabled
+ then
+ service apache2 stop
+ service apache2 start
+ fi
+}
+
+Run_chrony ()
+{
+ if grep -Eqrs '^ *ntsservercert' /etc/chrony/chrony.conf /etc/chrony/conf.d/*
+ then
+ service chrony restart
+ fi
+}
+
+Run_freeradius ()
+{
+ if grep -Eqrs 'certificate_file = /var/lib/dehydrated' /etc/freeradius/*/*
+ then
+ service freeradius reload
+ fi
+}
+
+Run_haproxy ()
+{
+ if grep 'ssl crt' /etc/haproxy/haproxy.cfg | grep -qsv '^#'
+ then
+ service haproxy reload
+ fi
+}
+
+Run_knot_resolver ()
+{
+ if grep -Eqrs '^ *net.tls' /etc/knot-resolver/*
+ then
+ INSTANCES="$(systemctl | grep -c 'kresd@*.service')"
+
+ if [ "${INSTANCES}" -gt 0 ]
+ then
+ for INSTANCE in $(seq 1 "${INSTANCES}")
+ do
+ service kresd@"${INSTANCE}" restart
+ done
+ fi
+ fi
+}
+
+Run_postfix ()
+{
+ if grep -Eqrs '^ *smtpd_tls' /etc/postfix/main.cf
+ then
+ service postfix restart
+ fi
+}
+
+Run_postgresql ()
+{
+ if grep -Eqrs '^ *ssl_cert_file' /etc/postgresql/*
+ then
+ service postgresql reload
+ fi
+}
+
+Run_redis_sentinel ()
+{
+ if grep -Eqrs '^ *tls-cert-file' /etc/redis/sentinel.conf
+ then
+ service redis-sentinel restart
+ fi
+}
+
+Run_redis_server ()
+{
+ if grep -Eqrs '^ *tls-cert-file' /etc/redis/redis.conf
+ then
+ service redis-server restart
+ fi
+}
+
+echo " + Reloading services:"
+
+SERVICES="apache2 chrony freeradius haproxy knot-resolver postfix postgresql redis-sentinel redis-server"
+
+for SERVICE in ${SERVICES}
+do
+ if service "${SERVICE}" status > /dev/null 2>&1
+ then
+ echo -n " + ${SERVICE}:"
+
+ RELOAD="Run_$(echo "${SERVICE}" | sed -e 's|-|_|g')"
+ ${RELOAD}
+
+ echo " done."
+ fi
+done