Skrypt Bash – update_cert.sh

Opis skryptu

Skrypt pochodzi ze strony https://github.com/ryecoaaron/scripts/blob/main/update_cert.sh i służy do automatycznej podmiany certyfikatu SSL np. Let’s encrypt w openmediavault na nowszą wersję.

Uruchomienie

Pobrane pliki certyfikatów powinny być dostępne na serwerze openmediavault np. w katalogu /etc/letsencrypt/

# pobranie uuid
omv-confdbadm read "conf.system.certificate.ssl" | jq -r '.[] | "\(.uuid)"'

chmod +x /usr/local/sbin/update_cert.sh
sudo /usr/local/sbin/update_cert.sh d9e56d83-386c-4a74-a828-13d8816e1a53 /etc/letsencrypt/fullchain.pem /etc/letsencrypt/privkey.pem

Zawartość update_cert.sh

#!/bin/bash

. /usr/share/openmediavault/scripts/helper-functions
. /etc/default/openmediavault

if [[ $(id -u) -ne 0 ]]; then
  echo "This script must be executed as root or using sudo."
  exit 99
fi

uuid="${1}"
cert="${2}"
key="${3}"

if ! omv_isuuid "${uuid}"; then
  echo "Invalid uuid"
  exit 1
fi

if [ ! -f "${cert}" ]; then
  echo "Cert not found"
  exit 2
fi

if [ ! -f "${key}" ]; then
  echo "Key not found"
  exit 3
fi

echo "Cert file :: ${cert}"
echo "Key file :: ${key}"

xpath="/config/system/certificates/sslcertificate[uuid='${uuid}']"
echo "xpath :: ${xpath}"
echo

if ! omv_config_exists "${xpath}"; then
  echo "Config for ${uuid} does not exist"
  exit 4
fi

echo "Updating certificate in database ..."
omv_config_update "${xpath}/certificate" "$(cat ${cert})"

echo "Updating private key in database ..."
omv_config_update "${xpath}/privatekey" "$(cat ${key})"

if [ -n "${4}" ]; then
  echo "Updating comment in database ..."
  omv_config_update "${xpath}/comment" "${4}"
fi

echo "Updating certs and nginx..."
omv-salt deploy run certificates nginx

systemctl restart nginx

exit 0

 

Skrypty Bash
Tags ,