#!/bin/sh # Open Infrastructure: service-tools # Copyright (C) 2014-2024 Daniel Baumann # # SPDX-License-Identifier: GPL-3.0+ # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . set -e Run_apache2 () { if grep -Eqrs '^ *SSLCertificateFile' /etc/apache2/sites-enabled then service apache2 stop service apache2 start fi } Run_chrony () { if grep -Eqrs '^ *ntsservercert' /etc/chrony/chrony.conf /etc/chrony/conf.d/* then service chrony restart fi } Run_dovecot () { if grep -Eqrs '^ *ssl_cert' /etc/dovecot/*.conf /etc/dovecot/conf.d/*.conf then service dovecot reload fi } Run_freeradius () { if grep -Eqrs 'certificate_file = /var/lib/dehydrated' /etc/freeradius/*/* then service freeradius reload fi } Run_haproxy () { if grep 'ssl crt' /etc/haproxy/haproxy.cfg | grep -qsv '^#' then service haproxy reload fi } Run_knot_resolver () { if grep -Eqrs '^ *net.tls' /etc/knot-resolver/* then INSTANCES="$(systemctl | grep -c 'kresd@*.service')" if [ "${INSTANCES}" -gt 0 ] then for INSTANCE in $(seq 1 "${INSTANCES}") do service kresd@"${INSTANCE}" restart done fi fi } Run_postfix () { if grep -Eqrs '^ *smtpd_tls' /etc/postfix/main.cf then service postfix restart fi } Run_postgresql () { if grep -Eqrs '^ *ssl_cert_file' /etc/postgresql/* then service postgresql reload fi } Run_redis_sentinel () { if grep -Eqrs '^ *tls-cert-file' /etc/redis/sentinel.conf then service redis-sentinel restart fi } Run_redis_server () { if grep -Eqrs '^ *tls-cert-file' /etc/redis/redis.conf then service redis-server restart fi } echo " + Reloading services:" SERVICES=" apache2 chrony dovecot freeradius haproxy knot-resolver postfix postgresql redis-sentinel redis-server " for SERVICE in ${SERVICES} do if service "${SERVICE}" status > /dev/null 2>&1 then echo -n " + ${SERVICE}:" RELOAD="Run_$(echo "${SERVICE}" | sed -e 's|-|_|g')" ${RELOAD} echo " done." fi done