summaryrefslogtreecommitdiffstats
path: root/dehydrated/share/hooks
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xdehydrated/share/hooks/deploy_cert.fullchain-privkey9
-rwxr-xr-xdehydrated/share/hooks/deploy_ocsp.fullchain-privkey8
-rwxr-xr-xdehydrated/share/hooks/exit_hook.fix-permissions18
-rwxr-xr-xdehydrated/share/hooks/exit_hook.service-reload17
4 files changed, 52 insertions, 0 deletions
diff --git a/dehydrated/share/hooks/deploy_cert.fullchain-privkey b/dehydrated/share/hooks/deploy_cert.fullchain-privkey
new file mode 100755
index 0000000..5457036
--- /dev/null
+++ b/dehydrated/share/hooks/deploy_cert.fullchain-privkey
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+set -e
+
+DIRECTORY="$(dirname "${FULLCHAINFILE}")"
+FILE="cert.fullchain-privkey-${TIMESTAMP}.pem"
+
+cat "${FULLCHAINFILE}" "${KEYFILE}" > "${DIRECTORY}/${FILE}"
+ln -sf "${FILE}" "${DIRECTORY}/cert.fullchain-privkey.pem"
diff --git a/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey b/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey
new file mode 100755
index 0000000..e68716b
--- /dev/null
+++ b/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -e
+
+FILE="$(readlink "${OCSPFILE}")"
+DIRECTORY="$(dirname "${OCSPFILE}")"
+
+ln -sf "${FILE}" "${DIRECTORY}/cert.fullchain-privkey.pem.ocsp"
diff --git a/dehydrated/share/hooks/exit_hook.fix-permissions b/dehydrated/share/hooks/exit_hook.fix-permissions
new file mode 100755
index 0000000..c5bb646
--- /dev/null
+++ b/dehydrated/share/hooks/exit_hook.fix-permissions
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -e
+
+echo " + Fixing permissions..."
+
+if getent group ssl-cert > /dev/null 2>&1
+then
+ echo -n " + /var/lib/dehydrated/certs:"
+
+ find /var/lib/dehydrated/certs -type d -exec chmod 0750 {} \;
+ find /var/lib/dehydrated/certs -type f -exec chmod 0640 {} \;
+
+ # https://bugs.debian.org/854431
+ chown -R root:ssl-cert /var/lib/dehydrated/certs
+
+ echo " done."
+fi
diff --git a/dehydrated/share/hooks/exit_hook.service-reload b/dehydrated/share/hooks/exit_hook.service-reload
new file mode 100755
index 0000000..2da8c1b
--- /dev/null
+++ b/dehydrated/share/hooks/exit_hook.service-reload
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+set -e
+
+echo " + Reloading services..."
+
+for SERVICE in apache2 haproxy postgresql redis-server
+do
+ if service ${SERVICE} status > /dev/null 2>&1
+ then
+ echo -n " + ${SERVICE}:"
+
+ service ${SERVICE} reload || service ${SERVICE} restart
+
+ echo " done."
+ fi
+done
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-05 08:36:35 +0000