Release 10.2.0 #114
|
|
@ -5,7 +5,7 @@ evoacme_dhparam_size: 2048
|
|||
evoacme_acme_dir: /var/lib/letsencrypt
|
||||
evoacme_csr_dir: /etc/ssl/requests
|
||||
evoacme_crt_dir: /etc/letsencrypt
|
||||
evoacme_hooks_dir: "{{ evoacme_crt_dir }}/hooks"
|
||||
evoacme_hooks_dir: "{{ evoacme_crt_dir }}/renewal-hooks/deploy"
|
||||
evoacme_log_dir: /var/log/evoacme
|
||||
evoacme_ssl_minday: 30
|
||||
evoacme_ssl_ct: 'FR'
|
||||
|
|
|
|||
|
|
@ -1,18 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
git_bin=$(command -v git)
|
||||
letsencrypt_dir=/etc/letsencrypt
|
||||
export GIT_DIR="/etc/.git"
|
||||
export GIT_WORK_TREE="/etc"
|
||||
|
||||
if test -x "${git_bin}" && test -d "${GIT_DIR}" && test -d "${GIT_WORK_TREE}"; then
|
||||
changed_lines=$(${git_bin} status --porcelain -- ${letsencrypt_dir} | wc -l | tr -d ' ')
|
||||
|
||||
if [ "${changed_lines}" != "0" ]; then
|
||||
${git_bin} add --all ${letsencrypt_dir}
|
||||
message="[letsencrypt] certificates renewal (${RENEWED_DOMAINS})"
|
||||
${git_bin} commit --message "${message}" --quiet
|
||||
else
|
||||
echo "Weird, nothing has changed but the hook has been executed for '${RENEWED_DOMAINS}'"
|
||||
fi
|
||||
fi
|
||||
|
|
@ -1,30 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
readonly PROGNAME=$(basename "$0")
|
||||
# shellcheck disable=SC2124,SC2034
|
||||
readonly ARGS=$@
|
||||
|
||||
readonly VERBOSE=${VERBOSE:-"0"}
|
||||
readonly QUIET=${QUIET:-"0"}
|
||||
|
||||
error() {
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
exit 1
|
||||
}
|
||||
debug() {
|
||||
if [ "${VERBOSE}" = "1" ] && [ "${QUIET}" != "1" ]; then
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
fi
|
||||
}
|
||||
|
||||
if [ -n "$(pidof apache2)" ]; then
|
||||
# shellcheck disable=SC2091
|
||||
if $($(command -v apache2ctl) -t 2> /dev/null); then
|
||||
debug "Apache detected... reloading"
|
||||
service apache2 reload
|
||||
else
|
||||
error " Apache config is broken, you must fix it !"
|
||||
fi
|
||||
else
|
||||
debug "Apache is not running. Skip."
|
||||
fi
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
readonly PROGNAME=$(basename "$0")
|
||||
# shellcheck disable=SC2124,SC2034
|
||||
readonly ARGS=$@
|
||||
|
||||
readonly VERBOSE=${VERBOSE:-"0"}
|
||||
readonly QUIET=${QUIET:-"0"}
|
||||
|
||||
error() {
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
exit 1
|
||||
}
|
||||
debug() {
|
||||
if [ "${VERBOSE}" = "1" ] && [ "${QUIET}" != "1" ]; then
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
fi
|
||||
}
|
||||
|
||||
if [ -n "$(pidof dovecot)" ]; then
|
||||
# shellcheck disable=SC2091
|
||||
if $($(command -v doveconf) > /dev/null); then
|
||||
# shellcheck disable=SC2091
|
||||
if $($(command -v doveconf)|grep -E "^ssl_cert[^_]"|grep -q "letsencrypt"); then
|
||||
debug "Dovecot detected... reloading"
|
||||
service dovecot reload
|
||||
else
|
||||
debug "Dovecot doesn't use Let's Encrypt certificate. Skip."
|
||||
fi
|
||||
else
|
||||
error "Dovecot config is broken, you must fix it !"
|
||||
fi
|
||||
else
|
||||
debug "Dovecot is not running. Skip."
|
||||
fi
|
||||
|
|
@ -1,30 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
readonly PROGNAME=$(basename "$0")
|
||||
# shellcheck disable=SC2124,SC2034
|
||||
readonly ARGS=$@
|
||||
|
||||
readonly VERBOSE=${VERBOSE:-"0"}
|
||||
readonly QUIET=${QUIET:-"0"}
|
||||
|
||||
error() {
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
exit 1
|
||||
}
|
||||
debug() {
|
||||
if [ "${VERBOSE}" = "1" ] && [ "${QUIET}" != "1" ]; then
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
fi
|
||||
}
|
||||
|
||||
if [ -n "$(pidof nginx)" ]; then
|
||||
# shellcheck disable=SC2091
|
||||
if $($(command -v nginx) -t 2> /dev/null); then
|
||||
debug "Nginx detected... reloading"
|
||||
service nginx reload
|
||||
else
|
||||
error "Nginx config is broken, you must fix it !"
|
||||
fi
|
||||
else
|
||||
debug "Nginx is not running. Skip."
|
||||
fi
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
readonly PROGNAME=$(basename "$0")
|
||||
# shellcheck disable=SC2124,SC2034
|
||||
readonly ARGS=$@
|
||||
|
||||
readonly VERBOSE=${VERBOSE:-"0"}
|
||||
readonly QUIET=${QUIET:-"0"}
|
||||
|
||||
error() {
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
exit 1
|
||||
}
|
||||
debug() {
|
||||
if [ "${VERBOSE}" = "1" ] && [ "${QUIET}" != "1" ]; then
|
||||
>&2 echo "${PROGNAME}: $1"
|
||||
fi
|
||||
}
|
||||
|
||||
if [ -n "$(pidof master)" ]; then
|
||||
# shellcheck disable=SC2091
|
||||
if $($(command -v postconf) > /dev/null); then
|
||||
# shellcheck disable=SC2091
|
||||
if $($(command -v postconf)|grep -E "^smtpd_tls_cert_file"|grep -q "letsencrypt"); then
|
||||
debug "Postfix detected... reloading"
|
||||
service postfix reload
|
||||
else
|
||||
debug "Postfix doesn't use Let's Encrypt certificate. Skip."
|
||||
fi
|
||||
else
|
||||
error "Postfix config is broken, you must fix it !"
|
||||
fi
|
||||
else
|
||||
debug "Postfix is not running. Skip."
|
||||
fi
|
||||
|
|
@ -12,12 +12,7 @@
|
|||
- include: evoacme_hook.yml
|
||||
vars:
|
||||
hook_name: "{{ item }}"
|
||||
with_items:
|
||||
- reload_apache
|
||||
- reload_nginx
|
||||
- reload_dovecot
|
||||
- reload_postfix
|
||||
- commit
|
||||
loop: []
|
||||
|
||||
- include: conf.yml
|
||||
|
||||
|
|
|
|||
|
|
@ -4,5 +4,6 @@ SSL_KEY_DIR=${SSL_KEY_DIR:-{{ evoacme_ssl_key_dir }}}
|
|||
ACME_DIR=${ACME_DIR:-{{ evoacme_acme_dir }}}
|
||||
CSR_DIR=${CSR_DIR:-{{ evoacme_csr_dir }}}
|
||||
CRT_DIR=${CRT_DIR:-{{ evoacme_crt_dir }}}
|
||||
HOOKS_DIR=${HOOKS_DIR:-"{{ evoacme_hooks_dir }}"}
|
||||
LOG_DIR=${LOG_DIR:-{{ evoacme_log_dir }}}
|
||||
SSL_MINDAY=${SSL_MINDAY:-{{ evoacme_ssl_minday }}}
|
||||
|
|
|
|||
Loading…
Reference in a new issue