myvesta/bin/v-update-host-certificate

94 lines
2.8 KiB
Bash
Executable File

#!/bin/bash
# info: update hosts certificates for exim, dovecot & vesta-nginx
# options: user
# options: hostname
#
# Function updates certificates for vesta
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
whoami=$(whoami)
if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
echo "You must be root or admin to execute this script";
exit 1;
fi
# Argument definition
user=$1
hostname=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" '[USER] [HOSTNAME]'
is_format_valid 'user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$hostname"
is_object_unsuspended 'web' 'DOMAIN' "$hostname"
if [ ! -f "/home/$user/conf/web/ssl.$hostname.pem" ]; then
echo "This domain does not have certificate";
exit 1;
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get current datetime for backup of old files
backup_datetime=`date '+%Y-%m-%d_%H-%M-%S'`
# Keep a backup of the old certificate - todo: remove in production
#mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt_backup_$backup_datetime
#mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key_backup_$backup_datetime
# Copy hostnames certificates from user dir
cp /home/$user/conf/web/ssl.$hostname.pem $VESTA/ssl/certificate.crt
cp /home/$user/conf/web/ssl.$hostname.key $VESTA/ssl/certificate.key
# Checking exim username for later chowning
exim_user="exim";
check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
if [ "$check_exim_username" -eq 1 ]; then
exim_user="Debian-exim"
fi
# Assign exim permissions
chown $exim_user:mail $VESTA/ssl/certificate.crt
chown $exim_user:mail $VESTA/ssl/certificate.key
# Restart exim, dovecot & vesta
$BIN/v-restart-mail
if [ ! -z "$IMAP_SYSTEM" ]; then
$BIN/v-restart-service "$IMAP_SYSTEM"
fi
if [ ! -z "$FTP_SYSTEM" ]; then
$BIN/v-restart-service "$FTP_SYSTEM"
fi
if [ -f "/var/run/vesta-nginx.pid" ]; then
kill -HUP $(cat /var/run/vesta-nginx.pid)
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit 0;