39 lines
1.2 KiB
Bash
Executable File
39 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
. driglibash-base
|
|
. /etc/jeancloud.env
|
|
|
|
if [ "$#" -ne 2 ] || [ -z "$1" ] || [ -z "$2" ] ; then
|
|
die "Usage: $0 <service-name> <action>"
|
|
fi
|
|
|
|
service="$1"
|
|
action="$2"
|
|
|
|
# Create dummy cert if needed
|
|
#TODO check if expired
|
|
if [ ! -f "$dummy_cert_path/privkey.pem" ] ; then
|
|
echo "Dummy cert generation"
|
|
run mkdir -p "$dummy_cert_path"
|
|
run openssl req -x509 -newkey rsa:2048 -keyout /etc/letsencrypt/live/dummy/privkey.pem -out /etc/letsencrypt/live/dummy/fullchain.pem -days 365 -nodes -subj "/C=FR/ST=France/O=IT/CN=jean-cloud.net"
|
|
fi
|
|
|
|
if [ "$action" = add ] ; then
|
|
# Link letsencrypt dir to dummy cert dir if there is no cert
|
|
if [ ! -e "$certs_path/$service/fullchain.pem" ] ; then
|
|
section "Create cert dir"
|
|
run mkdir -p "$certs_path/$service"
|
|
|
|
section "Link dummy to cert"
|
|
run ln -s "$dummy_cert_path/fullchain.pem" "$certs_path/$service"
|
|
run ln -s "$dummy_cert_path/privkey.pem" "$certs_path/$service"
|
|
fi
|
|
elif [ "$action" = remove ] ; then
|
|
# UNlink letsencrypt dir to dummy cert dir IF it is the dummy cert
|
|
if [ "$(readlink "$certs_path/$service_name/fullchain.pem")" = "$dummy_cert_path/fullchain.pem" ] ; then
|
|
rm -r "$certs_path/$service_name"
|
|
fi
|
|
else
|
|
die "$0: Unknown action '$action'"
|
|
fi
|