From fab9b7a030eb1b638e40f59515da5fd771fcb0b1 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@open-infrastructure.net>
Date: Thu, 7 Jul 2022 12:02:08 +0200
Subject: Merging the different extra certificate files into one dehydrated
 hook handling all extra copies.

Signed-off-by: Daniel Baumann <daniel.baumann@open-infrastructure.net>
---
 dehydrated/share/hooks/deploy_cert.extra           | 37 ++++++++++++++++++++++
 .../share/hooks/deploy_cert.fullchain-privkey      | 28 ----------------
 .../share/hooks/deploy_cert.privkey-fullchain      | 28 ----------------
 dehydrated/share/hooks/deploy_ocsp.extra           | 37 ++++++++++++++++++++++
 .../share/hooks/deploy_ocsp.fullchain-privkey      | 27 ----------------
 .../share/hooks/deploy_ocsp.privkey-fullchain      | 27 ----------------
 6 files changed, 74 insertions(+), 110 deletions(-)
 create mode 100755 dehydrated/share/hooks/deploy_cert.extra
 delete mode 100755 dehydrated/share/hooks/deploy_cert.fullchain-privkey
 delete mode 100755 dehydrated/share/hooks/deploy_cert.privkey-fullchain
 create mode 100755 dehydrated/share/hooks/deploy_ocsp.extra
 delete mode 100755 dehydrated/share/hooks/deploy_ocsp.fullchain-privkey
 delete mode 100755 dehydrated/share/hooks/deploy_ocsp.privkey-fullchain

(limited to 'dehydrated')

diff --git a/dehydrated/share/hooks/deploy_cert.extra b/dehydrated/share/hooks/deploy_cert.extra
new file mode 100755
index 0000000..ec61676
--- /dev/null
+++ b/dehydrated/share/hooks/deploy_cert.extra
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+# Open Infrastructure: service-tools
+
+# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+set -e
+
+echo " + Creating extra certificate files..."
+
+DIRECTORY="$(dirname "${CERTFILE}")"
+
+for EXTRA in fullchain-privkey privkey-fullchain
+do
+	EXTRA1="$(echo ${EXTRA} | awk -F- '{ print $1 }')"
+	EXTRA2="$(echo ${EXTRA} | awk -F- '{ print $2 }')"
+
+	cat "${EXTRA1}-${TIMESTAMP}.pem" "${EXTRA2}-${TIMESTAMP}.pem" > "${DIRECTORY}/${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem"
+	ln -sf "${EXTRA1}-${EXTRA2}-${TIMESTAMP}.pem" "${DIRECTORY}/cert.${EXTRA1}-${EXTRA2}.pem"
+done
+
+echo " done."
diff --git a/dehydrated/share/hooks/deploy_cert.fullchain-privkey b/dehydrated/share/hooks/deploy_cert.fullchain-privkey
deleted file mode 100755
index 57d735b..0000000
--- a/dehydrated/share/hooks/deploy_cert.fullchain-privkey
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/sh
-
-# Open Infrastructure: service-tools
-
-# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
-#
-# SPDX-License-Identifier: GPL-3.0+
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-set -e
-
-DIRECTORY="$(dirname "${FULLCHAINFILE}")"
-FILE="cert.fullchain-privkey-${TIMESTAMP}.pem"
-
-cat "${FULLCHAINFILE}" "${KEYFILE}" > "${DIRECTORY}/${FILE}"
-ln -sf "${FILE}" "${DIRECTORY}/cert.fullchain-privkey.pem"
diff --git a/dehydrated/share/hooks/deploy_cert.privkey-fullchain b/dehydrated/share/hooks/deploy_cert.privkey-fullchain
deleted file mode 100755
index bd2c4a0..0000000
--- a/dehydrated/share/hooks/deploy_cert.privkey-fullchain
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/sh
-
-# Open Infrastructure: service-tools
-
-# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
-#
-# SPDX-License-Identifier: GPL-3.0+
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-set -e
-
-DIRECTORY="$(dirname "${FULLCHAINFILE}")"
-FILE="cert.privkey-fullchain-${TIMESTAMP}.pem"
-
-cat "${KEYFILE}" "${FULLCHAINFILE}" > "${DIRECTORY}/${FILE}"
-ln -sf "${FILE}" "${DIRECTORY}/cert.privkey-fullchain.pem"
diff --git a/dehydrated/share/hooks/deploy_ocsp.extra b/dehydrated/share/hooks/deploy_ocsp.extra
new file mode 100755
index 0000000..36d0302
--- /dev/null
+++ b/dehydrated/share/hooks/deploy_ocsp.extra
@@ -0,0 +1,37 @@
+#!/bin/sh
+
+# Open Infrastructure: service-tools
+
+# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
+#
+# SPDX-License-Identifier: GPL-3.0+
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+set -e
+
+echo " + Creating extra ocsp links..."
+
+DIRECTORY="$(dirname "${OCSPFILE}")"
+OCSP="$(readlink "${OCSPFILE}")"
+
+for EXTRA in fullchain-privkey privkey-fullchain
+do
+	EXTRA1="$(echo ${EXTRA} | awk -F- '{ print $1 }')"
+	EXTRA2="$(echo ${EXTRA} | awk -F- '{ print $2 }')"
+
+	ln -sf "${OCSP}" "${DIRECTORY}/cert.${EXTRA1}-${EXTRA2}.pem.ocsp"
+done
+
+echo " done."
diff --git a/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey b/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey
deleted file mode 100755
index b408f03..0000000
--- a/dehydrated/share/hooks/deploy_ocsp.fullchain-privkey
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-# Open Infrastructure: service-tools
-
-# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
-#
-# SPDX-License-Identifier: GPL-3.0+
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-set -e
-
-FILE="$(readlink "${OCSPFILE}")"
-DIRECTORY="$(dirname "${OCSPFILE}")"
-
-ln -sf "${FILE}" "${DIRECTORY}/cert.fullchain-privkey.pem.ocsp"
diff --git a/dehydrated/share/hooks/deploy_ocsp.privkey-fullchain b/dehydrated/share/hooks/deploy_ocsp.privkey-fullchain
deleted file mode 100755
index d0dacf1..0000000
--- a/dehydrated/share/hooks/deploy_ocsp.privkey-fullchain
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-# Open Infrastructure: service-tools
-
-# Copyright (C) 2014-2022 Daniel Baumann <daniel.baumann@open-infrastructure.net>
-#
-# SPDX-License-Identifier: GPL-3.0+
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
-set -e
-
-FILE="$(readlink "${OCSPFILE}")"
-DIRECTORY="$(dirname "${OCSPFILE}")"
-
-ln -sf "${FILE}" "${DIRECTORY}/cert.privkey-fullchain.pem.ocsp"
-- 
cgit v1.2.3