2019-10-14 22:08:03 +00:00
|
|
|
#!/bin/sh
|
2020-03-30 16:40:03 +00:00
|
|
|
# DO NOT TOUCH IT HERE SEE GIT REPO 'envs/ops'
|
2019-10-14 22:08:03 +00:00
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
for domain in $RENEWED_DOMAINS; do
|
|
|
|
case $domain in
|
|
|
|
envs.net)
|
|
|
|
daemon_cert_root=/opt/lxc_ssl/envs.net
|
|
|
|
umask 077
|
|
|
|
cat "$RENEWED_LINEAGE/privkey.pem" > "$daemon_cert_root/privkey.pem"
|
|
|
|
cat "$RENEWED_LINEAGE/chain.pem" > "$daemon_cert_root/chain.pem"
|
|
|
|
cat "$RENEWED_LINEAGE/fullchain.pem" > "$daemon_cert_root/fullchain.pem"
|
|
|
|
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
|
2020-01-05 14:03:14 +00:00
|
|
|
|
2020-11-03 11:24:10 +00:00
|
|
|
# rsync -av "$daemon_cert_root" root@srv01.envs.net:/opt/ssl_certs/
|
|
|
|
# ssh root@srv01.envs.net bash -c "/opt/sync_certs.sh"
|
2020-03-30 16:40:03 +00:00
|
|
|
|
2021-02-13 16:17:27 +00:00
|
|
|
# jetforce
|
|
|
|
systemctl restart jetforce
|
|
|
|
|
|
|
|
# pubdns
|
|
|
|
lxc-attach -n pubdns -- bash -c "systemctl reload nginx"
|
|
|
|
|
2020-01-05 14:03:14 +00:00
|
|
|
# mail
|
2020-01-29 10:01:52 +00:00
|
|
|
# has a own letencrypt cert in container!
|
|
|
|
|
2020-01-05 14:03:14 +00:00
|
|
|
# mailinglists
|
|
|
|
lxc-attach -n lists -- bash -c "systemctl reload nginx postfix"
|
|
|
|
|
|
|
|
# gitea
|
|
|
|
lxc-attach -n gitea -- bash -c "systemctl reload nginx"
|
|
|
|
|
2020-05-27 08:27:41 +00:00
|
|
|
# drone-ci
|
|
|
|
lxc-attach -n drone -- bash -c "systemctl reload nginx"
|
|
|
|
|
2020-11-03 11:24:10 +00:00
|
|
|
# codimd
|
|
|
|
lxc-attach -n codimd -- bash -c "systemctl reload nginx"
|
|
|
|
|
2020-01-05 14:03:14 +00:00
|
|
|
# searx
|
|
|
|
lxc-attach -n searx -- bash -c "systemctl reload nginx"
|
|
|
|
|
|
|
|
# cryptad
|
|
|
|
lxc-attach -n pad -- bash -c "systemctl reload nginx"
|
|
|
|
|
|
|
|
# tt-rss
|
|
|
|
lxc-attach -n rss -- bash -c "systemctl restart apache2"
|
|
|
|
|
|
|
|
# privatebin
|
|
|
|
lxc-attach -n pb -- bash -c "systemctl restart apache2"
|
2020-02-12 20:44:01 +00:00
|
|
|
;;
|
2019-10-14 22:08:03 +00:00
|
|
|
|
|
|
|
envs.sh)
|
|
|
|
daemon_cert_root=/opt/lxc_ssl/envs.sh
|
|
|
|
umask 077
|
|
|
|
cat "$RENEWED_LINEAGE/privkey.pem" > "$daemon_cert_root/privkey.pem"
|
|
|
|
cat "$RENEWED_LINEAGE/chain.pem" > "$daemon_cert_root/chain.pem"
|
|
|
|
cat "$RENEWED_LINEAGE/fullchain.pem" > "$daemon_cert_root/fullchain.pem"
|
|
|
|
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
|
2020-10-08 18:16:52 +00:00
|
|
|
|
2020-11-03 11:24:10 +00:00
|
|
|
# 0x0
|
2021-07-27 19:48:15 +00:00
|
|
|
lxc-attach -n 0x0 -- bash -c "systemctl reload nginx"
|
2020-02-12 20:44:01 +00:00
|
|
|
;;
|
2019-10-14 22:08:03 +00:00
|
|
|
|
|
|
|
znc.envs.net)
|
|
|
|
daemon_cert_root=/srv/znc/.znc
|
|
|
|
umask 077
|
|
|
|
cat "$RENEWED_LINEAGE/privkey.pem" > "$daemon_cert_root/znc.pem"
|
|
|
|
cat "$RENEWED_LINEAGE/fullchain.pem" >> "$daemon_cert_root/znc.pem"
|
|
|
|
cat /etc/ssl/certs/envs_dhparam.pem >> "$daemon_cert_root/znc.pem"
|
|
|
|
chown znc "$daemon_cert_root/znc.pem"
|
|
|
|
chmod 600 "$daemon_cert_root/znc.pem"
|
2020-01-05 14:03:14 +00:00
|
|
|
systemctl restart znc
|
2020-02-12 20:44:01 +00:00
|
|
|
;;
|
2019-10-14 22:08:03 +00:00
|
|
|
|
|
|
|
esac
|
|
|
|
done
|