mirror of
https://github.com/myvesta/vesta.git
synced 2025-01-07 19:49:51 -08:00
93 lines
2.7 KiB
Bash
Executable File
93 lines
2.7 KiB
Bash
Executable File
#!/bin/bash
|
|
# info: update hosts certificates for exim, dovecot & vesta-nginx
|
|
# options: user
|
|
# options: hostname
|
|
#
|
|
# Function updates certificates for vesta
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Variable&Function #
|
|
#----------------------------------------------------------#
|
|
|
|
whoami=$(whoami)
|
|
if [ "$whoami" != "root" ]; then
|
|
echo "You must be root to execute this script"
|
|
exit 1
|
|
fi
|
|
|
|
# Argument definition
|
|
user=$1
|
|
hostname=$2
|
|
|
|
# Includes
|
|
source $VESTA/func/main.sh
|
|
source $VESTA/func/ip.sh
|
|
source $VESTA/conf/vesta.conf
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
# Verifications #
|
|
#----------------------------------------------------------#
|
|
|
|
check_args '1' "$#" '[USER] [HOSTNAME]'
|
|
is_format_valid 'user'
|
|
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
|
|
is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
|
|
is_object_valid 'user' 'USER' "$user"
|
|
is_object_unsuspended 'user' 'USER' "$user"
|
|
is_object_valid 'web' 'DOMAIN' "$hostname"
|
|
is_object_unsuspended 'web' 'DOMAIN' "$hostname"
|
|
|
|
if [ ! -f "/home/$user/conf/web/ssl.$hostname.pem" ]; then
|
|
echo "This domain does not have certificate";
|
|
exit 1;
|
|
fi
|
|
|
|
#----------------------------------------------------------#
|
|
# Action #
|
|
#----------------------------------------------------------#
|
|
|
|
# Get current datetime for backup of old files
|
|
backup_datetime=`date '+%Y-%m-%d_%H-%M-%S'`
|
|
|
|
# Keep a backup of the old certificate - todo: remove in production
|
|
#mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt_backup_$backup_datetime
|
|
#mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key_backup_$backup_datetime
|
|
|
|
# Copy hostnames certificates from user dir
|
|
cp /home/$user/conf/web/ssl.$hostname.pem $VESTA/ssl/certificate.crt
|
|
cp /home/$user/conf/web/ssl.$hostname.key $VESTA/ssl/certificate.key
|
|
|
|
# Checking exim username for later chowning
|
|
exim_user="exim";
|
|
check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
|
|
if [ "$check_exim_username" -eq 1 ]; then
|
|
exim_user="Debian-exim"
|
|
fi
|
|
|
|
# Assign exim permissions
|
|
chown $exim_user:mail $VESTA/ssl/certificate.crt
|
|
chown $exim_user:mail $VESTA/ssl/certificate.key
|
|
|
|
# Restart exim, dovecot & vesta
|
|
$BIN/v-restart-mail
|
|
if [ ! -z "$IMAP_SYSTEM" ]; then
|
|
$BIN/v-restart-service "$IMAP_SYSTEM"
|
|
fi
|
|
if [ ! -z "$FTP_SYSTEM" ]; then
|
|
$BIN/v-restart-service "$FTP_SYSTEM"
|
|
fi
|
|
if [ -f "/var/run/vesta-nginx.pid" ]; then
|
|
kill -HUP $(cat /var/run/vesta-nginx.pid)
|
|
fi
|
|
|
|
#----------------------------------------------------------#
|
|
# Vesta #
|
|
#----------------------------------------------------------#
|
|
|
|
# Logging
|
|
log_event "$OK" "$ARGUMENTS"
|
|
|
|
exit 0;
|