38 lines
1 KiB
Bash
38 lines
1 KiB
Bash
|
deploy_cert() {<%text>
|
||
|
|
local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}"</%text>
|
||
|
|
% for service, config in node.metadata.get('letsencrypt', {}).get('concat_and_deploy', {}).items():
|
||
|
|
<%text>
|
||
|
|
### concat_and_deploy ${service}</%text>
|
||
|
|
if [ "$DOMAIN" = "${config['match_domain']}" ]; then
|
||
|
|
cat $KEYFILE > ${config['target']}
|
||
|
|
cat $FULLCHAINFILE >> ${config['target']}
|
||
|
|
% if 'chown' in config:
|
||
|
|
chown ${config['chown']} ${config['target']}
|
||
|
|
% endif
|
||
|
|
% if 'chmod' in config:
|
||
|
|
chmod ${config['chmod']} ${config['target']}
|
||
|
|
% endif
|
||
|
|
% if 'commands' in config:
|
||
|
|
% for command in config['commands']:
|
||
|
|
${command}
|
||
|
|
% endfor
|
||
|
|
% endif
|
||
|
|
fi
|
||
|
|
% endfor
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
exit_hook() {<%text>
|
||
|
|
local ERROR="${1:-}"</%text>
|
||
|
|
|
||
|
|
% for service in sorted(node.metadata.get('letsencrypt', {}).get('reload_after', set())):
|
||
|
|
systemctl reload-or-restart ${service}
|
||
|
|
% endfor
|
||
|
|
}
|
||
|
|
|
||
|
|
<%text>
|
||
|
|
HANDLER="$1"; shift
|
||
|
|
if [[ "${HANDLER}" =~ ^(deploy_cert|exit_hook)$ ]]; then
|
||
|
|
"$HANDLER" "$@"
|
||
|
|
fi</%text>
|