[packages/dehydrated.git] / hook.sh

#!/bin/sh

# concat file atomic way
atomic_concat() {
	local file=$1; shift
	> $file.new
	chmod 600 $file.new
	cat "$@" > $file.new
	cp -f $file $file.dehydrated~
	mv -f $file.new $file
}

lighttpd_reload() {
	if [ ! -x /usr/sbin/lighttpd ] || [ ! -f /etc/lighttpd/server.pem ]; then
		return
	fi

	echo " + Hook: Overwritting /etc/lighttpd/server.pem and reloading lighttpd..."
	atomic_concat /etc/lighttpd/server.pem "$FULLCHAINCERT" "$PRIVKEY"
	/sbin/service lighttpd reload
}

haproxy_reload() {
	if [ ! -x /usr/sbin/haproxy ] || [ ! -f /etc/haproxy/server.pem ]; then
		return
	fi

	echo " + Hook: Overwritting /etc/haproxy/server.pem and restarting haproxy..."
	atomic_concat /etc/haproxy/server.pem "$FULLCHAINCERT" "$PRIVKEY"
	/sbin/service haproxy reload
}

nginx_reload() {
	if [ ! -f /etc/nginx/server.crt ] || [ ! -f /etc/nginx/server.key ]; then
		return
	fi

	echo " + Hook: Overwritting /etc/nginx/server.{crt,key} and reloading nginx..."
	atomic_concat /etc/nginx/server.crt "$FULLCHAINCERT"
	atomic_concat /etc/nginx/server.key "$PRIVKEY"
	/sbin/service nginx reload
}

httpd_reload() {
	if [ ! -x /etc/rc.d/init.d/httpd ]; then
		return
	fi

	echo " + Hook: Reloading Apache..."
	/sbin/service httpd graceful
}


case "$1" in
deploy_cert)
	DOMAIN="$2"
	PRIVKEY="$3"
	CERT="$4"
	FULLCHAINCERT="$5"
	CHAINCERT="$6"
	TIMESTAMP="$7"

	lighttpd_reload
	nginx_reload
	httpd_reload
	haproxy_reload
	;;
clean_challenge)
	CHALLENGE_TOKEN="$2"
	KEYAUTH="$3"
	echo " + Hook: $1: Nothing to do..."
	;;
deploy_challenge)
	echo " + Hook: $1: Nothing to do..."
	;;
unchanged_cert)
	echo " + Hook: $1: Nothing to do..."
	;;
*)
	echo " + Hook: $1: Nothing to do..."
	;;
esac
Commit	Line	Data
5765eca7 ER	1	#!/bin/sh
5765eca7 ER	2
623687d0 ER	3	# concat file atomic way
	4	atomic_concat() {
	5	local file=$1; shift
	6	> $file.new
	7	chmod 600 $file.new
	8	cat "$@" > $file.new
	9	cp -f $file $file.dehydrated~
	10	mv -f $file.new $file
	11	}
	12
	13	lighttpd_reload() {
	14	if [ ! -x /usr/sbin/lighttpd ] \|\| [ ! -f /etc/lighttpd/server.pem ]; then
	15	return
	16	fi
	17
	18	echo " + Hook: Overwritting /etc/lighttpd/server.pem and reloading lighttpd..."
	19	atomic_concat /etc/lighttpd/server.pem "$FULLCHAINCERT" "$PRIVKEY"
	20	/sbin/service lighttpd reload
	21	}
	22
	23	haproxy_reload() {
	24	if [ ! -x /usr/sbin/haproxy ] \|\| [ ! -f /etc/haproxy/server.pem ]; then
	25	return
	26	fi
	27
	28	echo " + Hook: Overwritting /etc/haproxy/server.pem and restarting haproxy..."
	29	atomic_concat /etc/haproxy/server.pem "$FULLCHAINCERT" "$PRIVKEY"
	30	/sbin/service haproxy reload
	31	}
	32
	33	nginx_reload() {
	34	if [ ! -f /etc/nginx/server.crt ] \|\| [ ! -f /etc/nginx/server.key ]; then
	35	return
	36	fi
	37
	38	echo " + Hook: Overwritting /etc/nginx/server.{crt,key} and reloading nginx..."
	39	atomic_concat /etc/nginx/server.crt "$FULLCHAINCERT"
	40	atomic_concat /etc/nginx/server.key "$PRIVKEY"
	41	/sbin/service nginx reload
	42	}
	43
	44	httpd_reload() {
	45	if [ ! -x /etc/rc.d/init.d/httpd ]; then
	46	return
	47	fi
	48
	49	echo " + Hook: Reloading Apache..."
	50	/sbin/service httpd graceful
	51	}
	52
	53
5765eca7 ER	54	case "$1" in
5765eca7 ER	55	deploy_cert)
62eb8e9f AM	56	DOMAIN="$2"
	57	PRIVKEY="$3"
	58	CERT="$4"
	59	FULLCHAINCERT="$5"
	60	CHAINCERT="$6"
	61	TIMESTAMP="$7"
623687d0 ER	62
	63	lighttpd_reload
	64	nginx_reload
	65	httpd_reload
	66	haproxy_reload
62eb8e9f AM	67	;;
	68	clean_challenge)
	69	CHALLENGE_TOKEN="$2"
	70	KEYAUTH="$3"
	71	echo " + Hook: $1: Nothing to do..."
	72	;;
	73	deploy_challenge)
	74	echo " + Hook: $1: Nothing to do..."
	75	;;
	76	unchanged_cert)
	77	echo " + Hook: $1: Nothing to do..."
5765eca7 ER	78	;;
	79	*)
	80	echo " + Hook: $1: Nothing to do..."
	81	;;
	82	esac