]>
Commit | Line | Data |
---|---|---|
5765eca7 ER |
1 | #!/bin/sh |
2 | ||
623687d0 ER |
3 | # concat file atomic way |
4 | atomic_concat() { | |
5 | local file=$1; shift | |
6 | > $file.new | |
7 | chmod 600 $file.new | |
8 | cat "$@" > $file.new | |
9 | cp -f $file $file.dehydrated~ | |
10 | mv -f $file.new $file | |
11 | } | |
12 | ||
13 | lighttpd_reload() { | |
14 | if [ ! -x /usr/sbin/lighttpd ] || [ ! -f /etc/lighttpd/server.pem ]; then | |
15 | return | |
16 | fi | |
17 | ||
18 | echo " + Hook: Overwritting /etc/lighttpd/server.pem and reloading lighttpd..." | |
19 | atomic_concat /etc/lighttpd/server.pem "$FULLCHAINCERT" "$PRIVKEY" | |
20 | /sbin/service lighttpd reload | |
21 | } | |
22 | ||
23 | haproxy_reload() { | |
24 | if [ ! -x /usr/sbin/haproxy ] || [ ! -f /etc/haproxy/server.pem ]; then | |
25 | return | |
26 | fi | |
27 | ||
28 | echo " + Hook: Overwritting /etc/haproxy/server.pem and restarting haproxy..." | |
29 | atomic_concat /etc/haproxy/server.pem "$FULLCHAINCERT" "$PRIVKEY" | |
30 | /sbin/service haproxy reload | |
31 | } | |
32 | ||
33 | nginx_reload() { | |
34 | if [ ! -f /etc/nginx/server.crt ] || [ ! -f /etc/nginx/server.key ]; then | |
35 | return | |
36 | fi | |
37 | ||
38 | echo " + Hook: Overwritting /etc/nginx/server.{crt,key} and reloading nginx..." | |
39 | atomic_concat /etc/nginx/server.crt "$FULLCHAINCERT" | |
40 | atomic_concat /etc/nginx/server.key "$PRIVKEY" | |
41 | /sbin/service nginx reload | |
42 | } | |
43 | ||
44 | httpd_reload() { | |
45 | if [ ! -x /etc/rc.d/init.d/httpd ]; then | |
46 | return | |
47 | fi | |
48 | ||
30b951d8 ER |
49 | echo " + Hook: Reloading Apache 2..." |
50 | atomic_concat /etc/httpd/ssl/server.crt "$FULLCHAINCERT" | |
51 | atomic_concat /etc/httpd/ssl/server.key "$PRIVKEY" | |
623687d0 ER |
52 | /sbin/service httpd graceful |
53 | } | |
54 | ||
5765eca7 ER |
55 | case "$1" in |
56 | deploy_cert) | |
62eb8e9f AM |
57 | DOMAIN="$2" |
58 | PRIVKEY="$3" | |
59 | CERT="$4" | |
60 | FULLCHAINCERT="$5" | |
61 | CHAINCERT="$6" | |
62 | TIMESTAMP="$7" | |
623687d0 ER |
63 | |
64 | lighttpd_reload | |
65 | nginx_reload | |
66 | httpd_reload | |
67 | haproxy_reload | |
62eb8e9f AM |
68 | ;; |
69 | clean_challenge) | |
70 | CHALLENGE_TOKEN="$2" | |
71 | KEYAUTH="$3" | |
72 | echo " + Hook: $1: Nothing to do..." | |
73 | ;; | |
74 | deploy_challenge) | |
75 | echo " + Hook: $1: Nothing to do..." | |
76 | ;; | |
77 | unchanged_cert) | |
78 | echo " + Hook: $1: Nothing to do..." | |
5765eca7 ER |
79 | ;; |
80 | *) | |
81 | echo " + Hook: $1: Nothing to do..." | |
82 | ;; | |
83 | esac |