summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG.txt9
-rw-r--r--VERSION.txt2
-rwxr-xr-xdehydrated/share/hooks/deploy_cert.extra29
3 files changed, 28 insertions, 12 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index a9f029c..2bca1d1 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,3 +1,12 @@
+2022-12-25 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+
+ * Releasing version 20221225.
+
+ [ Daniel Baumann ]
+ * Updating chain coments in deploy_cert.extra dehydrated hook.
+ * Stripping empty lines from partial files when using short chain in deploy_cert.extra dehydrated hook.
+ * Generalizing extra file generation for any number of components as needed by redis in deploy_cert.extra dehydrated hook.
+
2022-12-24 Daniel Baumann <daniel.baumann@open-infrastructure.net>
* Releasing version 20221224.
diff --git a/VERSION.txt b/VERSION.txt
index 84446d7..afa39b2 100644
--- a/VERSION.txt
+++ b/VERSION.txt
@@ -1 +1 @@
-20221224
+20221225
diff --git a/dehydrated/share/hooks/deploy_cert.extra b/dehydrated/share/hooks/deploy_cert.extra
index fd93fad..b0d8737 100755
--- a/dehydrated/share/hooks/deploy_cert.extra
+++ b/dehydrated/share/hooks/deploy_cert.extra
@@ -27,12 +27,14 @@ DIRECTORY="$(dirname "${CERTFILE}")"
if [ "$(grep -c 'BEGIN CERTIFICATE' ${FULLCHAINFILE})" -ge 3 ]
then
- # - chain.pem: R3 | ISRG Root X1
- # - fullchain.pem: Certificate | R3 | ISRG Root X1
+ # long chain:
+ # * chain.pem: (R3 | ISRG Root X1)
+ # * fullchain.pem: (Certificate | R3 | ISRG Root X1)
CHAIN="long"
else
- # - chain.pem: R3
- # - fullchain.pem: Certificate | R3
+ # short chain:
+ # * chain.pem: (R3)
+ # * fullchain.pem (Certificate | R3)
CHAIN="short"
fi
@@ -53,7 +55,7 @@ case "${CHAIN}" in
short)
# intermediate (R3)
- cp "${DIRECTORY}/chain-${TIMESTAMP}.pem" "${DIRECTORY}/intermediate-${TIMESTAMP}.pem"
+ grep -Ev '^$' "${DIRECTORY}/chain-${TIMESTAMP}.pem" > "${DIRECTORY}/intermediate-${TIMESTAMP}.pem"
ln -sf "${DIRECTORY}/intermediate-${TIMESTAMP}.pem" "${DIRECTORY}/intermediate.pem"
# root (ISRG Root X1)
@@ -68,14 +70,19 @@ case "${CHAIN}" in
esac
# extra certificate permutations:
-# * privkey_fullchain.pem: postfix
-for EXTRA in fullchain_privkey privkey_fullchain
+# * privkey_fullchain.pem: postfix
+# * root_intermediate_cert.pem: redis
+
+for EXTRA in fullchain_privkey privkey_fullchain root_intermediate_cert
do
- EXTRA1="$(echo ${EXTRA} | awk -F_ '{ print $1 }')"
- EXTRA2="$(echo ${EXTRA} | awk -F_ '{ print $2 }')"
+ rm -f "${DIRECTORY}/${EXTRA}-${TIMESTAMP}.pem"
+
+ for FILE in $(echo ${EXTRA} | sed -e 's|_| |g')
+ do
+ cat "${DIRECTORY}/${FILE}-${TIMESTAMP}.pem" >> "${DIRECTORY}/${EXTRA}-${TIMESTAMP}.pem"
+ done
- cat "${DIRECTORY}/${EXTRA1}-${TIMESTAMP}.pem" "${DIRECTORY}/${EXTRA2}-${TIMESTAMP}.pem" > "${DIRECTORY}/${EXTRA1}_${EXTRA2}-${TIMESTAMP}.pem"
- ln -sf "${EXTRA1}_${EXTRA2}-${TIMESTAMP}.pem" "${DIRECTORY}/${EXTRA1}_${EXTRA2}.pem"
+ ln -sf "${EXTRA}-${TIMESTAMP}.pem" "${DIRECTORY}/${EXTRA}.pem"
done
echo " done."