diff --git a/runcerts.old b/runcerts.old new file mode 100644 index 00000000..1512dce3 --- /dev/null +++ b/runcerts.old @@ -0,0 +1,226 @@ +#!/bin/bash +# My Cert Processes for LetsEncrypt + +Color_Off='\033[0m' +Blue='\033[0;34m' +BBlue='\033[1;34m' +Green='\033[0;32m' +LGreen='\033[1;32m' +BOrange='\033[0;33m' +DGray='\033[1;30m' +Red='\033[10;31m' +LRed='\033[1;31m' + +DAEMON='/usr/bin/certbot' + +redirect_artica-ssl_files () { + MYDIR="/etc/nginx/certificates" + DIRS=`ls -l $MYDIR | egrep '^d' | awk '{print $9}'` + for DIR in $DIRS; do + if [ $DIR != 'new' ] && [ $DIR != 'default' ] + then + echo -e "${LGreen}Checking cetificate redirections for \"${LRed}${DIR}${Green}\"...${Color_Off}" + +#rm -f /etc/nginx/certificates/${DIR}/CAkey.pem +#rm -f /etc/nginx/certificates/${DIR}/certificate.pem +#rm -f /etc/nginx/certificates/${DIR}/private_key.key +#mv /etc/nginx/certificates/${DIR}/CAkey.pem.bak /etc/nginx/certificates/${DIR}/CAkey.pem +#mv /etc/nginx/certificates/${DIR}/certificate.pem.bak /etc/nginx/certificates/${DIR}/certificate.pem +#mv /etc/nginx/certificates/${DIR}/private_key.key.bak /etc/nginx/certificates/${DIR}/private_key.key + + if [ ! -f /etc/nginx/certificates/${DIR}/CAkey.pem.bak ] + then + certs_array=('certs1=(CAkey.pem private_key.key certificate.pem)' 'certs2=(chain.pem privkey.pem fullchain.pem)') + for elt in "${certs_array[@]}";do eval $elt;done + for ((i=0;i<=2;i++)); + do + mv /etc/nginx/certificates/${DIR}/${certs1[${i}]} /etc/nginx/certificates/${DIR}/${certs1[${i}]}.bak + ln -s /etc/letsencrypt/live/${DIR}/${certs2[${i}]} /etc/nginx/certificates/${DIR}/${certs1[${i}]} + echo -e "${Green}Certificate redirected for \"${DGray}.../${DIR}/${BOrange}${certs1[${i}]}${Green}\"${Color_Off}" + done + else + echo -e "${Green}No changes needed to be made at this time.${Color_Off}" + fi + echo + fi + done +} + +case "$1" in + + start) + sleep 15 + echo -e "${BBlue}HAProxy Starting...${Color_Off}" + service haproxy start + ssh root@10.5.10.52 service haproxy start + ssh root@10.5.10.53 service haproxy start + echo -e "${BBlue}NGINX Reload...${Color_Off}" + service nginx reload + ssh root@10.5.10.52 service nginx reload + ssh root@10.5.10.53 service nginx reload + + exit 0 + ;; + + stop) + echo -e "${BBlue}HAProxy Stopping...${Color_Off}" + service haproxy stop + ssh root@10.5.10.52 service haproxy stop + ssh root@10.5.10.53 service haproxy stop + exit 0;; + + gogs-start) + echo -e "${BBlue}Gogs Starting...${Color_Off}" + service gogs start + ssh root@10.5.10.52 service gogs start + ssh root@10.5.10.53 service gogs start + exit 0;; + + gogs-stop) + echo -e "${BBlue}Gogs Stopping...${Color_Off}" + service gogs stop + ssh root@10.5.10.52 service gogs stop + ssh root@10.5.10.53 service gogs stop + exit 0;; + + gogs-restart) + echo -e "${BBlue}Gogs Restarting...${Color_Off}" + service gogs restart + ssh root@10.5.10.52 service gogs restart + ssh root@10.5.10.53 service gogs restart + exit 0;; + + nginx-start) + echo -e "${BBlue}NGINX Starting...${Color_Off}" + service nginx start + ssh root@10.5.10.52 service nginx start + ssh root@10.5.10.53 service nginx start + exit 0;; + + nginx-stop) + echo -e "${BBlue}NGINX Stopping...${Color_Off}" + service nginx stop + ssh root@10.5.10.52 service nginx stop + ssh root@10.5.10.53 service nginx stop + exit 0;; + + nginx-restart) + echo -e "${BBlue}NGINX Restarting...${Color_Off}" + service nginx restart + ssh root@10.5.10.52 service nginx restart + ssh root@10.5.10.53 service nginx restart + exit 0;; + + reload) + service nginx reload + ssh root@10.5.10.52 service nginx reload + ssh root@10.5.10.53 service nginx reload + exit 0 + ;; + + new) + # "$0" stop + echo -e "${Green}Requesting Certificate for '${BBlue}$2${Green}'...${Color_Off}" + # $DAEMON certonly --standalone -d $2 + $DAEMON certonly --webroot -w /var/www/html -d $2 + # chown -R root:letsencrypt /etc/letsencrypt + # chmod -R 6775 /etc/letsencrypt + # "$0" start + # redirect_artica-ssl_files + exit 0 + ;; + + new-mass) + echo -e "${Green}Requesting Certificate for '${BBlue}$2${Green}'...${Color_Off}" + # $DAEMON certonly --standalone -d $2 + $DAEMON certonly --webroot -w /var/www/html -d $2 + # chown -R root:letsencrypt /etc/letsencrypt + # chmod -R 6775 /etc/letsencrypt + # redirect_artica-ssl_files + exit 0 + ;; + + renew) + "$0" stop + echo -e "${Green}Renewing Certificates...${Color_Off}" + # $DAEMON renew + $DAEMON renew certonly --webroot -w /var/www/html -d $2 + chown -R root:letsencrypt /etc/letsencrypt + chmod -R 6775 /etc/letsencrypt + "$0" start + # redirect_artica-ssl_files + exit 0 + ;; + + nightlyrenew) + rm -f /opt/runcerts/cert-renewal-run-$(hostname) + "$0" stop >> /opt/runcerts/cert-renewal-run-$(hostname) + # $DAEMON renew >> /opt/runcerts/cert-renewal-run-$(hostname) + $DAEMON renew certonly --webroot -w /var/www/html -d $2 >> /opt/runcerts/cert-renewal-run-$(hostname) + chown -R root:letsencrypt /etc/letsencrypt + chmod -R 6775 /etc/letsencrypt + "$0" start >> /opt/runcerts/cert-renewal-run-$(hostname) + exit 0 + ;; + + + redirect-ssl) + redirect_artica-ssl_files + service nginx restart + + read -n 1 -t 10 -p "Are you sure you wish to reboot (y/N)?" redirect_choice + case "$redirect_choice" in + [Yy]) if [ "$EUID" -ne 0 ] + then + service artica-webservices restart + fi + exit 0;; + esac + exit 0 + ;; + + *) + echo + echo + echo "Usage: $0 {new|new-mass|renew|redirect-ssl|stop|start}" + echo + echo "'new' - Creates a new certificate." + echo "---------------------------------------------------------------------------------------" + echo "examples:" + echo " single-domain = 'runcerts new www.example.com'" + echo " multiple-domains = 'runcerts new www.example.com,dev.example.com,...'" + echo + echo "'new-mass' - Creates a new certificate, but doesnt go through the" + echo " process of stopping and restarting nginx each time" + echo "---------------------------------------------------------------------------------------" + echo "examples (same as 'new'):" + echo " single-domain = 'runcerts new-mass www.example.com'" + echo " multiple-domains = 'runcerts new-mass www.example.com,dev.example.com,...'" + echo + echo "'renew' - Renews all certificates. This command could be run routinly by adding this" + echo " line into crontab: \"0 4 * * 0 /usr/local/bin/runcerts renew\"" + echo "---------------------------------------------------------------------------------------" + echo "examples:" + echo " 'runcerts renew'" + echo + echo "'redirect-ssl' - Redirects the configured Artica certificates to use the LetsEncrypt certificates" + echo "---------------------------------------------------------------------------------------" + echo "examples:" + echo " 'runcerts redirect-ssl'" + echo + echo "'stop' - Stops any process that interfere with creating a standalone server" + echo "---------------------------------------------------------------------------------------" + echo "examples:" + echo " 'runcerts stop'" + echo + echo "'start' - Starts any process that had interfered with creating a standalone server" + echo "---------------------------------------------------------------------------------------" + echo "examples:" + echo " 'runcerts start'" + echo + + exit 1 + ;; + +esac +exit 0