39 lines
922 B
Bash
Executable File
39 lines
922 B
Bash
Executable File
#!/bin/sh
|
|
|
|
cat << EOF
|
|
#!/bin/sh
|
|
|
|
set -x
|
|
|
|
CERT_SOURCE=$CONFDIR/$MAIN_DOMAIN/cert.pem
|
|
KEY_SOURCE=$CONFDIR/private/$MAIN_DOMAIN/key.pem
|
|
|
|
export UACME_CHALLENGE_PATH=$CHALLENGEDIR
|
|
|
|
# Issue certificate.
|
|
uacme issue -c $CONFDIR -h $HOOKSCRIPT $DISABLE_OCSP $MUST_STABLE $KEYTYPE \
|
|
$DOMAIN
|
|
if [ $? -eq 2 ]; then
|
|
# Note: exit code 0 means that certificate was issued.
|
|
# Note: exit code 1 means that certificate was still valid, hence not renewed.
|
|
# Note: exit code 2 means that something went wrong.
|
|
echo "Failed to renew certificate - exiting." >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Re-deploy, if needed.
|
|
if [ -n "$KEY_TARGET" ] && [ -n "$CERT_TARGET" ]; then
|
|
set -e
|
|
|
|
mkdir -p $(dirname "$CERT_TARGET") $(dirname "$KEY_TARGET")
|
|
|
|
if ! cmp \$CERT_SOURCE $CERT_TARGET >/dev/null 2>&1; then
|
|
install -m 0640 \$KEY_SOURCE $KEY_TARGET
|
|
install -m 0644 \$CERT_SOURCE $CERT_TARGET
|
|
chown $OWNER $KEY_TARGET $CERT_TARGET
|
|
|
|
$RENEW_HOOK
|
|
fi
|
|
fi
|
|
EOF
|