46 lines
No EOL
1.2 KiB
Bash
46 lines
No EOL
1.2 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
set -e
|
|
set -u
|
|
set -o pipefail
|
|
|
|
# Variables
|
|
PROXY_SERVER="root@10.64.0.5"
|
|
REMOTE_CERT_PATH="/etc/letsencrypt/live/lainlounge.xyz/"
|
|
LOCAL_CERT_PATH="/etc/prosody/certs"
|
|
DOMAIN="lainlounge.xyz"
|
|
|
|
# Functions
|
|
backup() {
|
|
echo "** Creating a backup from the current certificates..."
|
|
mkdir -p "$LOCAL_CERT_PATH/backup"
|
|
cp "$LOCAL_CERT_PATH/$DOMAIN.crt" "$LOCAL_CERT_PATH/backup/" || true
|
|
cp "$LOCAL_CERT_PATH/$DOMAIN.key" "$LOCAL_CERT_PATH/backup/" || true
|
|
}
|
|
|
|
fetch_wildcard_certificate() {
|
|
echo "** Getting wildcard certificates from the core proxy (nginx)..."
|
|
scp "$PROXY_SERVER:$REMOTE_CERT_PATH/fullchain.pem" "$LOCAL_CERT_PATH/$DOMAIN.crt"
|
|
scp "$PROXY_SERVER:$REMOTE_CERT_PATH/privkey.pem" "$LOCAL_CERT_PATH/$DOMAIN.key"
|
|
}
|
|
|
|
verify_certificates() {
|
|
echo "** Check if all certificate files has been transfered..."
|
|
if [[ ! -f "$LOCAL_CERT_PATH/$DOMAIN.crt" || ! -f "$LOCAL_CERT_PATH/$DOMAIN.key" ]]; then
|
|
echo "ERROR: Zertificat files missing!"
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
reload_prosody() {
|
|
echo "** Restarting prosody..."
|
|
systemctl reload prosody
|
|
}
|
|
|
|
# Main
|
|
backup
|
|
fetch_wildcard_certificate
|
|
verify_certificates
|
|
reload_prosody
|
|
|
|
echo "Wildcard certificates has been installed and prosody has been restarted." |