diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-08-28 05:54:01 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-08-28 09:21:38 +0000 |
commit | 164ba68e506c5a23583e29c29a217d212b62f543 (patch) | |
tree | b63a129aee145384e1f69f36ddb7995081bddaaf /dehydrated/share/hooks | |
parent | Adding upstream version 20190301-lts1. (diff) | |
download | open-infrastructure-service-tools-164ba68e506c5a23583e29c29a217d212b62f543.tar.xz open-infrastructure-service-tools-164ba68e506c5a23583e29c29a217d212b62f543.zip |
Adding upstream version 20210828.upstream/20210828
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dehydrated/share/hooks')
4 files changed, 52 insertions, 0 deletions
diff --git a/dehydrated/share/hooks/deploy_cert.fullchain-privkey b/dehydrated/share/hooks/deploy_cert.fullchain-privkey new file mode 100755 index 0000000..5457036 --- /dev/null +++ b/dehydrated/share/hooks/deploy_cert.fullchain-privkey @@ -0,0 +1,9 @@ +#!/bin/sh + +set -e + +DIRECTORY="$(dirname "${FULLCHAINFILE}")" +FILE="cert.fullchain-privkey-${TIMESTAMP}.pem" + +cat "${FULLCHAINFILE}" "${KEYFILE}" > "${DIRECTORY}/${FILE}" +ln -sf "${FILE}" "${DIRECTORY}/cert.fullchain-privkey.pem" diff --git a/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey b/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey new file mode 100755 index 0000000..e68716b --- /dev/null +++ b/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey @@ -0,0 +1,8 @@ +#!/bin/sh + +set -e + +FILE="$(readlink "${OCSPFILE}")" +DIRECTORY="$(dirname "${OCSPFILE}")" + +ln -sf "${FILE}" "${DIRECTORY}/cert.fullchain-privkey.pem.ocsp" diff --git a/dehydrated/share/hooks/exit_hook.fix-permissions b/dehydrated/share/hooks/exit_hook.fix-permissions new file mode 100755 index 0000000..c5bb646 --- /dev/null +++ b/dehydrated/share/hooks/exit_hook.fix-permissions @@ -0,0 +1,18 @@ +#!/bin/sh + +set -e + +echo " + Fixing permissions..." + +if getent group ssl-cert > /dev/null 2>&1 +then + echo -n " + /var/lib/dehydrated/certs:" + + find /var/lib/dehydrated/certs -type d -exec chmod 0750 {} \; + find /var/lib/dehydrated/certs -type f -exec chmod 0640 {} \; + + # https://bugs.debian.org/854431 + chown -R root:ssl-cert /var/lib/dehydrated/certs + + echo " done." +fi diff --git a/dehydrated/share/hooks/exit_hook.service-reload b/dehydrated/share/hooks/exit_hook.service-reload new file mode 100755 index 0000000..2da8c1b --- /dev/null +++ b/dehydrated/share/hooks/exit_hook.service-reload @@ -0,0 +1,17 @@ +#!/bin/sh + +set -e + +echo " + Reloading services..." + +for SERVICE in apache2 haproxy postgresql redis-server +do + if service ${SERVICE} status > /dev/null 2>&1 + then + echo -n " + ${SERVICE}:" + + service ${SERVICE} reload || service ${SERVICE} restart + + echo " done." + fi +done |