|
@@ -204,7 +204,6 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
|
204
|
204
|
done
|
205
|
205
|
}
|
206
|
206
|
|
207
|
|
-
|
208
|
207
|
##--@F exec task
|
209
|
208
|
function scanSSL(){
|
210
|
209
|
## if event - yes
|
|
@@ -219,11 +218,6 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
|
219
|
218
|
keytime=$(ls -l --time-style=long-iso $path_cert/$site_name/cert.pem |awk {'print$7'});
|
220
|
219
|
if [[ "$keydate" = "$rdate" ]] && [[ "$keytime" = "$rtime" ]]; then
|
221
|
220
|
((event_sw++));
|
222
|
|
- cat $path_cert/$site_name/privkey.pem > $path_ssl/private/privkey_$site_name.pem;
|
223
|
|
- cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/fullchain_$site_name.pem;
|
224
|
|
- cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/$site_name.pem;
|
225
|
|
- cat $path_cert/$site_name/privkey.pem >> $path_ssl/private/$site_name.pem;
|
226
|
|
- #
|
227
|
221
|
cp -f $path_ssl/private/$site_name.pem $path_ssl/certs/$site_name.pem
|
228
|
222
|
cd $path_ssl/certs
|
229
|
223
|
chmod 600 $site_name.pem
|
|
@@ -234,11 +228,25 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
|
234
|
228
|
fi
|
235
|
229
|
done
|
236
|
230
|
|
237
|
|
- :> /etc/ssl/crt-list.txt
|
238
|
|
- for ((xd=0; xd != ${#domains[@]}; xd++)); do
|
239
|
|
- local site_data=( $(echo -e ${domains[$xd]}|sed 's/ /\n /g') );
|
240
|
|
- echo "$path_ssl/private/${site_data[0]}.pem">>/etc/ssl/crt-list.txt
|
241
|
|
- done
|
|
231
|
+if [ $event_sw != 0 ];then
|
|
232
|
+ flistCerts;
|
|
233
|
+fi
|
|
234
|
+}
|
|
235
|
+
|
|
236
|
+##--@F create from ssl
|
|
237
|
+function flistCerts(){
|
|
238
|
+echo>/etc/ssl/crt-list.txt
|
|
239
|
+for ((xd=0; xd != ${#domains[@]}; xd++)); do
|
|
240
|
+ local site_data=( $(echo -e ${domains[$xd]}|sed 's/ /\n /g') );
|
|
241
|
+ site_name="${site_data[0]}";
|
|
242
|
+ if [ -d $path_cert/$site_name ]; then
|
|
243
|
+ cat $path_cert/$site_name/privkey.pem > $path_ssl/private/privkey_$site_name.pem;
|
|
244
|
+ cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/fullchain_$site_name.pem;
|
|
245
|
+ cat $path_cert/$site_name/fullchain.pem > $path_ssl/private/$site_name.pem;
|
|
246
|
+ cat $path_cert/$site_name/privkey.pem >> $path_ssl/private/$site_name.pem;
|
|
247
|
+ echo "$path_ssl/$site_name.pem">>/etc/ssl/crt-list.txt
|
|
248
|
+ fi
|
|
249
|
+done
|
242
|
250
|
}
|
243
|
251
|
|
244
|
252
|
##--@F create configs
|
|
@@ -250,6 +258,7 @@ for ((xd=0; xd != ${#domains[@]}; xd++)); do
|
250
|
258
|
site_port="${site_data[2]}";
|
251
|
259
|
## apache2 config
|
252
|
260
|
if [[ "$opt" != "" ]] && [[ $opt != "nginx" ]] && [[ "$opt" == "apache" ]]; then
|
|
261
|
+ ## добавить проверку режима apache2 и путь для активации конфигурации
|
253
|
262
|
echo >$conf_dir/$site_name.conf;
|
254
|
263
|
echo -e '<VirtualHost *:'"$site_port"'>' >>$conf_dir/$site_name.conf;
|
255
|
264
|
echo -e ' ServerName '"$site_name"'' >>$conf_dir/$site_name.conf;
|
|
@@ -418,9 +427,8 @@ if [ "$opt" != "" ]; then
|
418
|
427
|
checkDep;
|
419
|
428
|
if [ "$sw_proxy" == "proxy" ]; then
|
420
|
429
|
if [[ "$http_proxy" != "" ]] && [[ "$(systemctl list-units|grep "$http_proxy"|wc -m)" != "0" ]]; then
|
421
|
|
- scanSSL;
|
|
430
|
+ flistCerts;
|
422
|
431
|
systemctl restart $http_proxy
|
423
|
|
- sleep 2;
|
424
|
432
|
updateScs;
|
425
|
433
|
else
|
426
|
434
|
reports=()
|
|
@@ -429,9 +437,8 @@ if [ "$opt" != "" ]; then
|
429
|
437
|
exit
|
430
|
438
|
fi
|
431
|
439
|
else
|
432
|
|
- scanSSL;
|
|
440
|
+ flistCerts;
|
433
|
441
|
systemctl restart $web_service;
|
434
|
|
- sleep 2;
|
435
|
442
|
updateScs;
|
436
|
443
|
fi
|
437
|
444
|
else
|