Browse Source

recreate function scanCerts & scanSsl 28.02.25:01.42

root 1 month ago
parent
commit
fa79cceff9
2 changed files with 23 additions and 16 deletions
  1. 1 1
      README.md
  2. 22 15
      src/avto4certbot.sh

+ 1 - 1
README.md

@@ -1,6 +1,6 @@
1 1
 #### Package scripts for auto update all certs.
2 2
 #### Uses apache2 or nginx and the certbot package.
3
-#### avto4certbot version:0.5.0
3
+#### avto4certbot version:0.5.1
4 4
 
5 5
 * If the error “Peer's Certificate issuer is not recognized” occurs, use the following parameter: 
6 6
 

+ 22 - 15
src/avto4certbot.sh

@@ -204,7 +204,6 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
204 204
 done
205 205
 }
206 206
 
207
-
208 207
 ##--@F exec task
209 208
 function scanSSL(){
210 209
 ## if event - yes
@@ -219,11 +218,6 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
219 218
     keytime=$(ls -l --time-style=long-iso $path_cert/$site_name/cert.pem |awk {'print$7'});
220 219
     if [[ "$keydate" = "$rdate" ]] && [[ "$keytime" = "$rtime" ]]; then
221 220
       ((event_sw++));
222
-        cat $path_cert/$site_name/privkey.pem > $path_ssl/private/privkey_$site_name.pem;
223
-        cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/fullchain_$site_name.pem;
224
-        cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/$site_name.pem;
225
-        cat $path_cert/$site_name/privkey.pem >> $path_ssl/private/$site_name.pem;
226
-      #
227 221
         cp -f $path_ssl/private/$site_name.pem $path_ssl/certs/$site_name.pem
228 222
         cd $path_ssl/certs
229 223
         chmod 600 $site_name.pem
@@ -234,11 +228,25 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
234 228
   fi
235 229
 done
236 230
 
237
-  :> /etc/ssl/crt-list.txt
238
-  for ((xd=0; xd != ${#domains[@]}; xd++)); do
239
-    local site_data=( $(echo -e ${domains[$xd]}|sed 's/ /\n /g') );
240
-    echo "$path_ssl/private/${site_data[0]}.pem">>/etc/ssl/crt-list.txt
241
-  done
231
+if [ $event_sw != 0 ];then
232
+  flistCerts;
233
+fi
234
+}
235
+
236
+##--@F create from ssl
237
+function flistCerts(){
238
+echo>/etc/ssl/crt-list.txt
239
+for ((xd=0; xd != ${#domains[@]}; xd++)); do
240
+  local site_data=( $(echo -e ${domains[$xd]}|sed 's/ /\n /g') );
241
+  site_name="${site_data[0]}";
242
+  if [ -d $path_cert/$site_name ]; then
243
+    cat $path_cert/$site_name/privkey.pem > $path_ssl/private/privkey_$site_name.pem;
244
+    cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/fullchain_$site_name.pem;
245
+    cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/$site_name.pem;
246
+    cat $path_cert/$site_name/privkey.pem >> $path_ssl/private/$site_name.pem;
247
+    echo "$path_ssl/$site_name.pem">>/etc/ssl/crt-list.txt
248
+  fi
249
+done
242 250
 }
243 251
 
244 252
 ##--@F create configs
@@ -250,6 +258,7 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
250 258
   site_port="${site_data[2]}";
251 259
   ## apache2 config
252 260
   if [[ "$opt" != "" ]] && [[ $opt != "nginx" ]] && [[ "$opt" == "apache" ]]; then
261
+    ## добавить проверку режима apache2 и путь для активации конфигурации
253 262
     echo >$conf_dir/$site_name.conf;
254 263
     echo -e '<VirtualHost *:'"$site_port"'>' >>$conf_dir/$site_name.conf;
255 264
     echo -e '  ServerName '"$site_name"'' >>$conf_dir/$site_name.conf;
@@ -418,9 +427,8 @@ if [ "$opt" != "" ]; then
418 427
   checkDep;
419 428
   if [ "$sw_proxy" == "proxy" ]; then
420 429
     if [[ "$http_proxy" != "" ]] && [[ "$(systemctl list-units|grep "$http_proxy"|wc -m)" != "0" ]]; then
421
-      scanSSL;
430
+      flistCerts;
422 431
       systemctl restart $http_proxy
423
-      sleep 2;
424 432
       updateScs;
425 433
     else
426 434
         reports=()
@@ -429,9 +437,8 @@ if [ "$opt" != "" ]; then
429 437
         exit
430 438
     fi
431 439
   else
432
-      scanSSL;
440
+      flistCerts;
433 441
       systemctl restart $web_service;
434
-      sleep 2;
435 442
       updateScs;
436 443
   fi
437 444
 else