cemea
/
monit-sympa
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

certbot authenticator nginx

main
pvincent 2 weeks ago
parent
39e6d4a4fc
commit
af76368710
3 changed files with 45 additions and 35 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      sympa/recipe/sympa.recipe
  2. 2
      sympa/resources/tools/sympa_export.bash
  3. 12
      sympa/resources/tools/sympa_import.bash

8
sympa/recipe/sympa.recipe
View File

@ -8,12 +8,12 @@ FORCE=${FORCE:-false}
function install_postfix { function install_postfix {
if $FORCE || ! systemctl is-active postfix.service --quiet; then if $FORCE || ! systemctl is-active postfix.service --quiet; then
debconf-set-selections <<EOF
debconf-set-selections << EOF
postfix postfix/mailname string $(hostname -f) postfix postfix/mailname string $(hostname -f)
postfix postfix/main_mailer_type string 'Internet Site' postfix postfix/main_mailer_type string 'Internet Site'
postfix postfix/mynetworks string '127.0.0.0/8' postfix postfix/mynetworks string '127.0.0.0/8'
EOF EOF
DEBIAN_FRONTEND=noninteractive apt-get install -y postfix postgresql nginx fcgiwrap perl-doc micro debconf-utils
DEBIAN_FRONTEND=noninteractive apt-get install -y postfix postgresql nginx fcgiwrap perl-doc micro debconf-utils certbot python3-certbot-nginx
postconf -e "inet_protocols = ipv4" postconf -e "inet_protocols = ipv4"
systemctl restart postfix systemctl restart postfix
echo postfix installed successfully! echo postfix installed successfully!
@ -33,7 +33,7 @@ function install_sympa {
if $FORCE || ! systemctl is-active wwsympa.service --quiet; then if $FORCE || ! systemctl is-active wwsympa.service --quiet; then
listmasters="pvincent@artcode.re,jnoel@mithril.re" listmasters="pvincent@artcode.re,jnoel@mithril.re"
[[ $(hostname -d) == *.* ]] && listmasters+=",listmaster@$(hostname -d)" || true [[ $(hostname -d) == *.* ]] && listmasters+=",listmaster@$(hostname -d)" || true
debconf-set-selections <<EOF
debconf-set-selections << EOF
sympa wwsympa/webserver_type select 'Other' sympa wwsympa/webserver_type select 'Other'
sympa sympa/database-type string pgsql sympa sympa/database-type string pgsql
sympa sympa/db_host string localhost sympa sympa/db_host string localhost
@ -55,7 +55,7 @@ EOF
function install_nginx_host { function install_nginx_host {
if $FORCE || [[ ! -f /etc/nginx/sites-available/sympa.conf ]]; then if $FORCE || [[ ! -f /etc/nginx/sites-available/sympa.conf ]]; then
cat <<EOF >/etc/nginx/sites-available/sympa.conf
cat << EOF > /etc/nginx/sites-available/sympa.conf
server { server {
listen 80; listen 80;
server_name _; server_name _;

2
sympa/resources/tools/sympa_export.bash
View File

@ -36,7 +36,7 @@ function export_files {
function export_certbot { function export_certbot {
if [[ -d /etc/letsencrypt/live/$SYMPA_DOMAIN ]]; then if [[ -d /etc/letsencrypt/live/$SYMPA_DOMAIN ]]; then
tar -C / -cf "$temp_dir/certbot.tar" etc/letsencrypt
tar -C / --exclude etc/letsencrypt/cli.ini -cf "$temp_dir/certbot.tar" etc/letsencrypt
fi fi
} }

12
sympa/resources/tools/sympa_import.bash
View File

@ -111,10 +111,20 @@ function import_certbot {
SYMPA_DOMAIN=$(grep '^domain' /etc/sympa/sympa/sympa.conf | cut -f2) SYMPA_DOMAIN=$(grep '^domain' /etc/sympa/sympa/sympa.conf | cut -f2)
if [[ -f "$export_tmp/certbot.tar" ]]; then if [[ -f "$export_tmp/certbot.tar" ]]; then
echo -n "import certbot..."
echo "certbot save previous cli.ini"
cp /etc/letsencrypt/cli.ini "$export_tmp/
echo "import certbot..."
rm -rf /etc/letsencrypt rm -rf /etc/letsencrypt
tar -xf "$export_tmp/certbot.tar" -C / tar -xf "$export_tmp/certbot.tar" -C /
echo OK echo OK
echo "certbot restore previous cli.ini"
mv "$export_tmp/cli.ini /etc/letsencrypt/
echo "convert certbot apache2 authenticator to certbotx nginx authenticator"
/opt/miaou-bash/tools/append_or_replace '^authenticator =.*$' "authenticator = nginx" /etc/letsencrypt/renewal/$SYMPA_DOMAIN.conf
/opt/miaou-bash/tools/append_or_replace '^installer =.*$' "installer = nginx" /etc/letsencrypt/renewal/$SYMPA_DOMAIN.conf
fi fi
# add options-ssl-nginx.conf # add options-ssl-nginx.conf

Write Preview
Loading…
Cancel
Save