#!/bin/sh # Open Infrastructure: service-tools # Copyright (C) 2014-2022 Daniel Baumann # # SPDX-License-Identifier: GPL-3.0+ # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . set -e echo -n " + Cleanup extra certificate files..." for EXTRA in root intermediate fullchain_privkey privkey_fullchain do for CERTIFICATE in "${CERTDIR}"/*/ do if ! ls "${CERTIFICATE}"/${EXTRA}*.pem > /dev/null 2>&1 then continue fi SYMLINK="${CERTIFICATE}/${EXTRA}.pem" ORIGINAL="$(readlink -f "${SYMLINK}")" if [ -e "${SYMLINK}" ] && [ ! -e "${ORIGINAL}" ] then # remove dangling symlink rm -f "${SYMLINK}" fi if [ -e "${SYMLINK}.ocsp" ] && [ ! -e "${ORIGINAL}.ocsp" ] then # remove dangling symlink rm -f "${SYMLINK}.ocsp" fi if [ -e "${SYMLINK}" ] then for FILE in "${CERTIFICATE}/${EXTRA}"-[0-9]*.pem do case "$(basename "${FILE}")" in "$(basename "${ORIGINAL}")") continue ;; *) # archive unused files ARCHIVE="${BASEDIR}/archive/$(basename "${CERTIFICATE}")" mkdir -p "${ARCHIVE}" mv "${FILE}" "${ARCHIVE}" if [ -e "${FILE}.ocsp" ] then mv "${FILE}.ocsp" "${ARCHIVE}" fi ;; esac done fi done done echo " done."