forked from evolix/ansible-roles
evoacme:
- check apache conf dirs - look for vhost file with or without .conf extension
This commit is contained in:
parent
9ba7c66f5f
commit
63565d0f01
|
@ -37,13 +37,19 @@ service nginx reload
|
||||||
4 - Create a CSR for a vhost with make-csr
|
4 - Create a CSR for a vhost with make-csr
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
# vhostname is vhostfile without .conf ext
|
# make-csr look for this file :
|
||||||
|
# /etc/nginx/sites-enabled/vhostname
|
||||||
|
# /etc/nginx/sites-enabled/vhostname.conf
|
||||||
|
# /etc/apache2/sites-enabled/vhostname
|
||||||
|
# /etc/apache2/sites-enabled/vhostname.conf
|
||||||
make-csr vhostname
|
make-csr vhostname
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
8 - Generate the certificate with evoacme
|
8 - Generate the certificate with evoacme
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
|
# evoacme look for /etc/ssl/requests/vhostname
|
||||||
|
# vhostname was the same used by make-csr
|
||||||
evoacme vhostname
|
evoacme vhostname
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
|
|
|
@ -1,15 +1,19 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
source /etc/default/evoacme
|
source /etc/default/evoacme
|
||||||
|
|
||||||
vhost=$1
|
shopt -s extglob
|
||||||
|
|
||||||
if [ ! -f /etc/nginx/sites-enabled/$vhost ]; then
|
vhost=$1
|
||||||
if [ ! -f /etc/apache2/sites-enabled/${vhost}.conf ]; then
|
vhostfiles=$(ls -1 /etc/{nginx,apache2}/sites-enabled/${vhost}?(.conf) 2>/dev/null)
|
||||||
|
|
||||||
|
if [ $(echo "${vhostfiles}"|wc -l) -lt 1 ]; then
|
||||||
echo "$vhost doesn't exist !"
|
echo "$vhost doesn't exist !"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
fi
|
|
||||||
|
for vhostfile in "${vhostfiles}"; do
|
||||||
|
break;
|
||||||
|
done
|
||||||
|
|
||||||
if [ -f $SSL_KEY_DIR/${vhost}.key ]; then
|
if [ -f $SSL_KEY_DIR/${vhost}.key ]; then
|
||||||
read -p "$vhost key already exist, overwrite it ? (y)" -n 1 -r
|
read -p "$vhost key already exist, overwrite it ? (y)" -n 1 -r
|
||||||
|
@ -26,12 +30,14 @@ chmod 640 $SSL_KEY_DIR/${vhost}.key
|
||||||
|
|
||||||
nb=0
|
nb=0
|
||||||
|
|
||||||
if [ -f /etc/nginx/sites-enabled/$vhost ]; then
|
echo $vhostfile |grep -q nginx
|
||||||
domains=`grep -oE "^( )*[^#]+" /etc/nginx/sites-enabled/$vhost|grep -oE "[^\$]server_name.*;$"|sed 's/server_name//'|tr -d ';'|sed 's/\s\{1,\}//'|sed 's/\s\{1,\}/\n/g'|sort|uniq`
|
if [ $? -eq 0 ]; then
|
||||||
|
domains=`grep -oE "^( )*[^#]+" $vhostfile |grep -oE "[^\$]server_name.*;$"|sed 's/server_name//'|tr -d ';'|sed 's/\s\{1,\}//'|sed 's/\s\{1,\}/\n/g'|sort|uniq`
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -f /etc/apache2/sites-enabled/${vhost}.conf ]; then
|
echo $vhostfile |grep -q apache2
|
||||||
domains=`grep -oE "^( )*[^#]+" /etc/apache2/sites-enabled/${vhost}.conf|grep -oE "(ServerName|ServerAlias).*"|sed 's/ServerName//'|sed 's/ServerAlias//'|sed 's/\s\{1,\}//'|sort|uniq`
|
if [ $? -eq 0 ]; then
|
||||||
|
domains=`grep -oE "^( )*[^#]+" $vhostfile |grep -oE "(ServerName|ServerAlias).*"|sed 's/ServerName//'|sed 's/ServerAlias//'|sed 's/\s\{1,\}//'|sort|uniq`
|
||||||
fi
|
fi
|
||||||
|
|
||||||
valid_domains=''
|
valid_domains=''
|
||||||
|
|
|
@ -1,3 +1,11 @@
|
||||||
|
- name: Create conf dirs
|
||||||
|
file:
|
||||||
|
path: "/etc/apache2/{{ item }}"
|
||||||
|
state: directory
|
||||||
|
with_items:
|
||||||
|
- 'conf-available'
|
||||||
|
- 'conf-enabled'
|
||||||
|
|
||||||
- name: Copy acme challenge conf
|
- name: Copy acme challenge conf
|
||||||
template:
|
template:
|
||||||
src: templates/apache.conf.j2
|
src: templates/apache.conf.j2
|
||||||
|
|
Loading…
Reference in a new issue