|
|
@@ -4,7 +4,7 @@
|
|
4
|
4
|
#
|
|
5
|
5
|
path_ssl="/etc/ssl/private";
|
|
6
|
6
|
path_certbot="/var/lib/dehydrated/certs";
|
|
7
|
|
-domains=( "mydomain.ru" "webmail.mydomain.ru" "dev.mydomain.ru" );
|
|
|
7
|
+src="/etc/scripts/autocertbot/certbot.conf"
|
|
8
|
8
|
|
|
9
|
9
|
function makeSslPem() {
|
|
10
|
10
|
for ((dmn=0; dmn != ${#domains[@]}; dmn++))
|
|
|
@@ -14,6 +14,7 @@ for ((dmn=0; dmn != ${#domains[@]}; dmn++))
|
|
14
|
14
|
cat $path_certbot/${domains[$dmn]}/fullchain.pem >> $path_ssl/${domains[$dmn]}.pem;
|
|
15
|
15
|
cat $path_certbot/${domains[$dmn]}/privkey.pem >> $path_ssl/${domains[$dmn]}.pem;
|
|
16
|
16
|
done
|
|
|
17
|
+makePemList;
|
|
17
|
18
|
}
|
|
18
|
19
|
|
|
19
|
20
|
function makePemList() {
|
|
|
@@ -24,8 +25,21 @@ for ((icrt=0; icrt != ${#domains[@]}; icrt++))
|
|
24
|
25
|
done
|
|
25
|
26
|
}
|
|
26
|
27
|
|
|
|
28
|
+function checkCert() {
|
|
|
29
|
+if [ $(dehydrated -c -4|grep 'Certificate will not expire'|wc -l) != 0 ];
|
|
|
30
|
+ then
|
|
|
31
|
+ echo "$(date +%c) certbot(dehydrated): no certificates to upgrade...">>$logfile;
|
|
|
32
|
+ exit;
|
|
|
33
|
+ else
|
|
|
34
|
+ makeSslPem;
|
|
|
35
|
+ /etc/init.d/haproxy restart;
|
|
|
36
|
+ echo "$(date +%c) certbot(dehydrated): updating sertificate">>$logfile;
|
|
|
37
|
+fi
|
|
|
38
|
+}
|
|
|
39
|
+
|
|
|
40
|
+
|
|
|
41
|
+
|
|
27
|
42
|
## create sets.pem
|
|
28
|
|
-makeSslPem;
|
|
29
|
|
-makePemList;
|
|
|
43
|
+checkCert;
|
|
30
|
44
|
|
|
31
|
45
|
|
root