Skip to content

Commit

Permalink
Add letsencrypt-ejabberd-post-renewal-hook
Browse files Browse the repository at this point in the history
  • Loading branch information
Nicolas North committed Jun 3, 2018
1 parent 2abd45b commit 14da108
Show file tree
Hide file tree
Showing 2 changed files with 69 additions and 22 deletions.
38 changes: 38 additions & 0 deletions conf/nginx/letsencrypt-ejabberd-post-renewal-hook
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
#!/usr/bin/env bash

set -e
set -u

echo "Now creating all-in-one TLS files for all LetsEncrypt provisioned certs for ejabberd..."
echo

#chgrp -R ssl-cert /etc/letsencrypt
#chmod -R g=rX /etc/letsencrypt
#chmod 750 /etc/letsencrypt/live/
#chmod 750 /etc/letsencrypt/archive/

le_dir=/etc/letsencrypt/live
tls_dir=/etc/ssl/aenigma

for le_cert_domain_full in "$le_dir"/*
do

le_cert_domain="$(echo $le_cert_domain_full | sed 's:.*/::')"

echo "Now creating all-in-one TLS file for $le_cert_domain for ejabberd..."
echo

touch "$tls_dir/$le_cert_domain.pem"
cat "$le_dir/$le_cert_domain/privkey.pem" > "$tls_dir/$le_cert_domain.pem"
cat "$le_dir/$le_cert_domain/fullchain.pem" >> "$tls_dir/$le_cert_domain.pem"

echo "Finished creating all-in-one TLS file for $le_cert_domain for ejabberd."
echo

done

chown -R ejabberd:ejabberd $tls_dir
chmod -R 700 $tls_dir

echo "Finished creating all-in-one TLS files."
echo
53 changes: 31 additions & 22 deletions functions
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1174,13 +1174,13 @@ perform_installation() {
echo "${b}Finished updating easyengine site $hostname to TLS encrypted with LetsEncrypt...${x}"
echo

echo "${b}Now creating all-in-one TLS file for $hostname for ejabberd...${x}"
echo
touch $tls_dir/hostname.pem
cat /etc/letsencrypt/live/"$hostname"/privkey.pem > "$tls_dir"/hostname.pem
cat /etc/letsencrypt/live/"$hostname"/fullchain.pem >> "$tls_dir"/hostname.pem
echo "${b}Finished creating all-in-one TLS file for $hostname for ejabberd.${x}"
echo
#echo "${b}Now creating all-in-one TLS file for $hostname for ejabberd...${x}"
#echo
#touch $tls_dir/hostname.pem
#cat /etc/letsencrypt/live/"$hostname"/privkey.pem > "$tls_dir"/hostname.pem
#cat /etc/letsencrypt/live/"$hostname"/fullchain.pem >> "$tls_dir"/hostname.pem
#echo "${b}Finished creating all-in-one TLS file for $hostname for ejabberd.${x}"
#echo

echo "${b}Now setting index.html in docroot for $hostname...${x}"
echo
Expand Down Expand Up @@ -1235,13 +1235,13 @@ perform_installation() {
echo "${b}Finished updating easyengine site ${ee_array[$i]}$domain to TLS encrypted with LetsEncrypt...${x}"
echo

echo "${b}Now creating all-in-one TLS file for ${ee_array[$i]}$domain for ejabberd...${x}"
echo
touch $tls_dir/${ee_array[$i]}pem
cat /etc/letsencrypt/live/${ee_array[$i]}"$domain"/privkey.pem > "$tls_dir"/${ee_array[$i]}pem
cat /etc/letsencrypt/live/${ee_array[$i]}"$domain"/fullchain.pem >> "$tls_dir"/${ee_array[$i]}pem
echo "${b}Finished creating all-in-one TLS file for ${ee_array[$i]}$domain for ejabberd.${x}"
echo
#echo "${b}Now creating all-in-one TLS file for ${ee_array[$i]}$domain for ejabberd...${x}"
#echo
#touch $tls_dir/${ee_array[$i]}pem
#cat /etc/letsencrypt/live/${ee_array[$i]}"$domain"/privkey.pem > "$tls_dir"/${ee_array[$i]}pem
#cat /etc/letsencrypt/live/${ee_array[$i]}"$domain"/fullchain.pem >> "$tls_dir"/${ee_array[$i]}pem
#echo "${b}Finished creating all-in-one TLS file for ${ee_array[$i]}$domain for ejabberd.${x}"
#echo

done

Expand Down Expand Up @@ -1287,14 +1287,14 @@ perform_installation() {
echo "${b}Finished updating easyengine site $domain to TLS encrypted with LetsEncrypt...${x}"
echo

echo "${b}Now creating all-in-one TLS file for $domain for ejabberd...${x}"
echo
touch $tls_dir/domain.pem
cat /etc/letsencrypt/live/"$domain"/privkey.pem > "$tls_dir"/domain.pem
cat /etc/letsencrypt/live/"$domain"/fullchain.pem >> "$tls_dir"/domain.pem
domain_tls_cert_location=$tls_dir/domain.pem
echo "${b}Finished creating all-in-one TLS file for $domain for ejabberd...${x}"
echo
#echo "${b}Now creating all-in-one TLS file for $domain for ejabberd...${x}"
#echo
#touch $tls_dir/domain.pem
#cat /etc/letsencrypt/live/"$domain"/privkey.pem > "$tls_dir"/domain.pem
#cat /etc/letsencrypt/live/"$domain"/fullchain.pem >> "$tls_dir"/domain.pem
#domain_tls_cert_location=$tls_dir/domain.pem
#echo "${b}Finished creating all-in-one TLS file for $domain for ejabberd...${x}"
#echo

echo "${b}Now setting index.html in docroot for $domain...${x}"
echo
Expand Down Expand Up @@ -1357,6 +1357,15 @@ perform_installation() {

############################################################################

### Copy the LetsEncrypt post-renewal script to its location and actually run it now to be ready for the installation

cp "$source_dir/conf/nginx/letsencrypt-ejabberd-post-renewal-hook" "/etc/letsencrypt/renewal-hooks/post"

echo
bash "/etc/letsencrypt/renewal-hooks/post/letsencrypt-ejabberd-post-renewal-hook"

### Restart nginx

service nginx restart || true

### Prepare APT for ejabberd installation
Expand Down

0 comments on commit 14da108

Please sign in to comment.