diff options
author | Thomas Lange <code@nerdmind.de> | 2021-05-14 01:28:07 +0200 |
---|---|---|
committer | Thomas Lange <code@nerdmind.de> | 2021-05-14 01:28:07 +0200 |
commit | 2f66b284bdccce47f0e459c1a1cc8133651cf435 (patch) | |
tree | d10c3aadb9ddd8a8b4db9aee874db6a1b604f219 /certdeploy | |
parent | ac03eb98003e91c7e2a551d1cc26f6ec19bb48da (diff) | |
download | certdeploy-2f66b284bdccce47f0e459c1a1cc8133651cf435.tar.gz certdeploy-2f66b284bdccce47f0e459c1a1cc8133651cf435.tar.xz certdeploy-2f66b284bdccce47f0e459c1a1cc8133651cf435.zip |
Move script to package/sbin directory
Move the CertDeploy script to the package/sbin directory. This makes it
possible to manage the "package" directory with tools like GNU Stow.
See: https://www.gnu.org/software/stow/
Diffstat (limited to 'certdeploy')
-rwxr-xr-x | certdeploy | 162 |
1 files changed, 0 insertions, 162 deletions
diff --git a/certdeploy b/certdeploy deleted file mode 100755 index 24eb79f..0000000 --- a/certdeploy +++ /dev/null @@ -1,162 +0,0 @@ -#!/bin/bash -#%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%# -# certdeploy – A deploy hook script for Certbot [by Thomas Lange] # -#%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%# -# # -# =================================== USAGE ================================== # -# # -# certdeploy [OPTIONS] source_directory target_directory # -# # -# =========================== COMMAND-LINE OPTIONS =========================== # -# # -# [-m mode] Mode for target certificate files (octal notation, 3-4 digits) # -# [-o owner] User ownership for certificate files in target directory # -# [-g group] Group ownership for certificate files in target directory # -# # -# [-M mode] Mode for target directory (octal notation, 3-4 digits) # -# [-O owner] User ownership for target directory # -# [-G group] Group ownership for target directory # -# # -# [-K] Filename for private key in target directory # -# [-I] Filename for intermediate in target directory # -# [-C] Filename for certificate in target directory # -# [-F] Filename for certificate chain in target directory # -# # -# ========================== COMMAND-LINE ARGUMENTS ========================== # -# # -# [$1]: Source directory of the certificate files # -# [$2]: Target directory in which the certificate files shall be copied # -# # -#%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%# - -#=============================================================================== -# Parse command-line options -#=============================================================================== -while getopts :m:o:g:M:O:G:K:I:C:F: option -do - case $option in - m) OPTION_FMODE="$OPTARG" ;; - o) OPTION_FOWNER="$OPTARG" ;; - g) OPTION_FGROUP="$OPTARG" ;; - M) OPTION_DMODE="$OPTARG" ;; - O) OPTION_DOWNER="$OPTARG" ;; - G) OPTION_DGROUP="$OPTARG" ;; - K) OPTION_TARGET_FILENAME_K="$OPTARG" ;; - I) OPTION_TARGET_FILENAME_I="$OPTARG" ;; - C) OPTION_TARGET_FILENAME_C="$OPTARG" ;; - F) OPTION_TARGET_FILENAME_F="$OPTARG" ;; - esac -done; shift $((OPTIND-1)) - -#=============================================================================== -# Check presence of required non-option arguments -#=============================================================================== -if [ -z "$1" ] -then - echo "$0: Missing argument #1: Path to source directory" >&2 - argument_errors_occurred=x -fi - -if [ -z "$2" ] -then - echo "$0: Missing argument #2: Path to target directory" >&2 - argument_errors_occurred=x -fi - -#=============================================================================== -# Check if argument presence-validation errors occurred -#=============================================================================== -[ ! -z "$argument_errors_occurred" ] && echo "Aborting ..." >&2 && exit 1 - -#=============================================================================== -# Define {source|target} directory path variable -#=============================================================================== -SOURCE_PATH="$1" -TARGET_PATH="$2" - -#=============================================================================== -# Define default {owner|group} variable -#=============================================================================== -DEFAULT_OWNER=$(id -u) -DEFAULT_GROUP=$(id -g) - -#=============================================================================== -# Define {file|directory} mode, owner and group variables -#=============================================================================== -FMODE="${OPTION_FMODE:-0600}" -FOWNER="${OPTION_FOWNER:-$DEFAULT_OWNER}" -FGROUP="${OPTION_FGROUP:-$DEFAULT_GROUP}" - -DMODE="${OPTION_DMODE:-0755}" -DOWNER="${OPTION_DOWNER:-$DEFAULT_OWNER}" -DGROUP="${OPTION_DGROUP:-$DEFAULT_GROUP}" - -# Allow only four digits (octal notation) for modes -DMODE="$(echo "$DMODE" | tr -dc '0-7' | cut -c 1-4)" -FMODE="$(echo "$FMODE" | tr -dc '0-7' | cut -c 1-4)" - -#=============================================================================== -# Define {source|target} filename variables -#=============================================================================== -SOURCE_FILENAME_K="privkey.pem" -SOURCE_FILENAME_I="chain.pem" -SOURCE_FILENAME_C="cert.pem" -SOURCE_FILENAME_F="fullchain.pem" - -TARGET_FILENAME_K="${OPTION_TARGET_FILENAME_K:-confidential.pem}" -TARGET_FILENAME_I="${OPTION_TARGET_FILENAME_I:-intermediate.pem}" -TARGET_FILENAME_C="${OPTION_TARGET_FILENAME_C:-certificate_only.pem}" -TARGET_FILENAME_F="${OPTION_TARGET_FILENAME_F:-certificate_full.pem}" - -#=============================================================================== -# Define {source|target} full path variables -#=============================================================================== -SOURCE_PATH_K="${SOURCE_PATH%/}/${SOURCE_FILENAME_K}" -SOURCE_PATH_I="${SOURCE_PATH%/}/${SOURCE_FILENAME_I}" -SOURCE_PATH_C="${SOURCE_PATH%/}/${SOURCE_FILENAME_C}" -SOURCE_PATH_F="${SOURCE_PATH%/}/${SOURCE_FILENAME_F}" - -TARGET_PATH_K="${TARGET_PATH%/}/${TARGET_FILENAME_K}" -TARGET_PATH_I="${TARGET_PATH%/}/${TARGET_FILENAME_I}" -TARGET_PATH_C="${TARGET_PATH%/}/${TARGET_FILENAME_C}" -TARGET_PATH_F="${TARGET_PATH%/}/${TARGET_FILENAME_F}" - -#=============================================================================== -# Check if source directory exists and is readable -#=============================================================================== -if [ ! -d "$SOURCE_PATH" ] || [ ! -r "$SOURCE_PATH" ] -then - echo "Directory »$SOURCE_PATH« doesn't exists or isn't readable." >&2 - echo "Aborting ..." >&2 && exit 1 -fi - -#=============================================================================== -# Check if certificate files exist and are readable -#=============================================================================== -for file in "$SOURCE_PATH_K" "$SOURCE_PATH_I" "$SOURCE_PATH_C" "$SOURCE_PATH_F" -do - if [ ! -f "$file" ] || [ ! -r "$file" ] - then - echo "File »$file« doesn't exists or isn't readable." >&2 - echo "Aborting ..." >&2 && exit 1 - fi -done - -#=============================================================================== -# Create target directory (with parents) for certificate files -#=============================================================================== -install -m "$DMODE" -o "$DOWNER" -g "$DGROUP" -d "$TARGET_PATH" - -#=============================================================================== -# Copy certificate files from source to the target destination -#=============================================================================== -install -m "$FMODE" -o "$FOWNER" -g "$FGROUP" "$SOURCE_PATH_K" "$TARGET_PATH_K" -install -m "$FMODE" -o "$FOWNER" -g "$FGROUP" "$SOURCE_PATH_I" "$TARGET_PATH_I" -install -m "$FMODE" -o "$FOWNER" -g "$FGROUP" "$SOURCE_PATH_C" "$TARGET_PATH_C" -install -m "$FMODE" -o "$FOWNER" -g "$FGROUP" "$SOURCE_PATH_F" "$TARGET_PATH_F" - -#=============================================================================== -# Print stats for target directory and certificate files -#=============================================================================== -stat -c "[%a:%A] [%U:%G] => %n" ${TARGET_PATH%/} -stat -c "[%a:%A] [%U:%G] => %n" ${TARGET_PATH%/}/* |