Fix certbot bug.
This commit is contained in:
parent
00607f96bf
commit
97ba0265a8
25
move_site.sh
25
move_site.sh
|
@ -93,6 +93,7 @@ else
|
||||||
org_ssl_dir=`dirname $ssl_certificate_file`
|
org_ssl_dir=`dirname $ssl_certificate_file`
|
||||||
new_ssl_dir="ssl_files/$(basename $org_ssl_dir)"
|
new_ssl_dir="ssl_files/$(basename $org_ssl_dir)"
|
||||||
$ssh_command "$remote_sudo_command cp -r -f -L $org_ssl_dir $root_path/ssl_files/."
|
$ssh_command "$remote_sudo_command cp -r -f -L $org_ssl_dir $root_path/ssl_files/."
|
||||||
|
certbot_file_idx=`$ssh_command "basename $($remote_sudo_command readlink /etc/letsencrypt/live/$real_domain/cert.pem)|sed -E 's/cert([^.]+)\.pem/\1/g'|xargs"`
|
||||||
else
|
else
|
||||||
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_file $root_path/ssl_files/."
|
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_file $root_path/ssl_files/."
|
||||||
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_key_file $root_path/ssl_files/."
|
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_key_file $root_path/ssl_files/."
|
||||||
|
@ -116,13 +117,35 @@ else
|
||||||
sed "s/\(database:\s\+\).\+/\1${new_db_name}/g" -i "$local_store_path/config/mongoid.yml"
|
sed "s/\(database:\s\+\).\+/\1${new_db_name}/g" -i "$local_store_path/config/mongoid.yml"
|
||||||
if [[ -z "$use_local_command" ]] && [[ ! -z "$match_ssl" ]]; then
|
if [[ -z "$use_local_command" ]] && [[ ! -z "$match_ssl" ]]; then
|
||||||
if [[ ! -z $org_ssl_dir ]]; then
|
if [[ ! -z $org_ssl_dir ]]; then
|
||||||
sudo_command mkdir -p $org_ssl_dir
|
|
||||||
if [ -z "$(which certbot)" ]; then
|
if [ -z "$(which certbot)" ]; then
|
||||||
wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/install_certbot.sh
|
wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/install_certbot.sh
|
||||||
sudo_command bash ./install_certbot.sh
|
sudo_command bash ./install_certbot.sh
|
||||||
fi
|
fi
|
||||||
|
sudo_command mkdir -p $org_ssl_dir
|
||||||
|
sudo_command mkdir -p /etc/letsencrypt/renewal
|
||||||
sudo_command cp -r $new_ssl_dir/* $org_ssl_dir/.
|
sudo_command cp -r $new_ssl_dir/* $org_ssl_dir/.
|
||||||
|
if [[ "$(dirname $org_ssl_dir)" == "/etc/letsencrypt/live" ]] && [[ ! -z "$(ls $org_ssl_dir/*.pem 2>>/dev/null || echo '')" ]]; then
|
||||||
|
sudo_command mkdir -p /etc/letsencrypt/archive/$real_domain
|
||||||
|
sudo_command rm -f /etc/letsencrypt/archive/$real_domain/*.pem
|
||||||
|
sudo_command mv $org_ssl_dir/*.pem /etc/letsencrypt/archive/$real_domain/.
|
||||||
|
if [[ ! -z "$certbot_file_idx" ]]; then
|
||||||
|
sudo_command bash -l -c "find '/etc/letsencrypt/archive/$real_domain' -regex '[^0-9]+\.pem' -printf '%p\0'| perl -0 -l0 -pe 'print \$_; s/($(echo /etc/letsencrypt/archive/$real_domain/|sed 's/[\.\/]/\\\0/g')[^\d]+)\.pem/\${1}'$certbot_file_idx'\.pem/'| xargs -0 -n 2 mv"
|
||||||
|
sudo_command bash -l -c "cd $org_ssl_dir && find '../../archive/$real_domain/' -regex '[^0-9]+$certbot_file_idx\.pem' -printf '%p\0'| perl -0 -l0 -pe 'print \$_; s/$(echo ../../archive/$real_domain/|sed 's/[\.\/]/\\\0/g')([^\d]+)$certbot_file_idx\.pem/\${1}\.pem/'| xargs -0 -n 2 ln -s"
|
||||||
|
else
|
||||||
|
sudo_command bash -l -c "cd $org_ssl_dir && ln -s ../../archive/$real_domain/*.pem ."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
sudo_command cp -r $new_ssl_dir/renewal/* /etc/letsencrypt/renewal/.
|
sudo_command cp -r $new_ssl_dir/renewal/* /etc/letsencrypt/renewal/.
|
||||||
|
if [[ -e /etc/letsencrypt/renewal/$real_domain.conf ]]; then #Fix certbot account
|
||||||
|
letsencrypt_server_name=`sudo_command ls /etc/letsencrypt/accounts/|xargs|awk '{print $1}'`
|
||||||
|
if [[ ! -z "$letsencrypt_server_name" ]]; then
|
||||||
|
sudo_command sed -E 's/server\s*=.*/server = https:\/\/'$letsencrypt_server_name'\/directory/g' -i /etc/letsencrypt/renewal/$real_domain.conf
|
||||||
|
letsencrypt_account_id=`sudo_command ls /etc/letsencrypt/accounts/$letsencrypt_server_name/directory|xargs|awk '{print $1}'`
|
||||||
|
if [[ ! -z "$letsencrypt_account_id" ]]; then
|
||||||
|
sudo_command sed -E 's/account\s*=.*/account = '$letsencrypt_account_id'/g' -i /etc/letsencrypt/renewal/$real_domain.conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
sed "s/$(escape_slash $ssl_certificate_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_file)/g" -i $new_nginx_file
|
sed "s/$(escape_slash $ssl_certificate_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_file)/g" -i $new_nginx_file
|
||||||
sed "s/$(escape_slash $ssl_certificate_key_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_key_file)/g" -i $new_nginx_file
|
sed "s/$(escape_slash $ssl_certificate_key_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_key_file)/g" -i $new_nginx_file
|
||||||
|
|
|
@ -97,6 +97,7 @@ else
|
||||||
org_ssl_dir=`dirname $ssl_certificate_file`
|
org_ssl_dir=`dirname $ssl_certificate_file`
|
||||||
new_ssl_dir="ssl_files/$(basename $org_ssl_dir)"
|
new_ssl_dir="ssl_files/$(basename $org_ssl_dir)"
|
||||||
$ssh_command "$remote_sudo_command cp -r -f -L $org_ssl_dir $root_path/ssl_files/."
|
$ssh_command "$remote_sudo_command cp -r -f -L $org_ssl_dir $root_path/ssl_files/."
|
||||||
|
certbot_file_idx=`$ssh_command "basename $($remote_sudo_command readlink /etc/letsencrypt/live/$real_domain/cert.pem)|sed -E 's/cert([^.]+)\.pem/\1/g'|xargs"`
|
||||||
else
|
else
|
||||||
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_file $root_path/ssl_files/."
|
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_file $root_path/ssl_files/."
|
||||||
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_key_file $root_path/ssl_files/."
|
$ssh_command "$remote_sudo_command cp -f $ssl_certificate_key_file $root_path/ssl_files/."
|
||||||
|
@ -120,13 +121,35 @@ else
|
||||||
sed "s/\(database:\s\+\).\+/\1${new_db_name}/g" -i "$local_store_path/config/mongoid.yml"
|
sed "s/\(database:\s\+\).\+/\1${new_db_name}/g" -i "$local_store_path/config/mongoid.yml"
|
||||||
if [[ -z "$use_local_command" ]] && [[ ! -z "$match_ssl" ]]; then
|
if [[ -z "$use_local_command" ]] && [[ ! -z "$match_ssl" ]]; then
|
||||||
if [[ ! -z $org_ssl_dir ]]; then
|
if [[ ! -z $org_ssl_dir ]]; then
|
||||||
sudo_command mkdir -p $org_ssl_dir
|
|
||||||
if [ -z "$(which certbot)" ]; then
|
if [ -z "$(which certbot)" ]; then
|
||||||
wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/install_certbot.sh
|
wget http://gitlab.tp.rulingcom.com/erictyl/install_r45_on_ubuntu_1804lts_doc/-/raw/master/install_certbot.sh
|
||||||
sudo_command bash ./install_certbot.sh
|
sudo_command bash ./install_certbot.sh
|
||||||
fi
|
fi
|
||||||
|
sudo_command mkdir -p $org_ssl_dir
|
||||||
|
sudo_command mkdir -p /etc/letsencrypt/renewal
|
||||||
sudo_command cp -r $new_ssl_dir/* $org_ssl_dir/.
|
sudo_command cp -r $new_ssl_dir/* $org_ssl_dir/.
|
||||||
|
if [[ "$(dirname $org_ssl_dir)" == "/etc/letsencrypt/live" ]] && [[ ! -z "$(ls $org_ssl_dir/*.pem 2>>/dev/null || echo '')" ]]; then
|
||||||
|
sudo_command mkdir -p /etc/letsencrypt/archive/$real_domain
|
||||||
|
sudo_command rm -f /etc/letsencrypt/archive/$real_domain/*.pem
|
||||||
|
sudo_command mv $org_ssl_dir/*.pem /etc/letsencrypt/archive/$real_domain/.
|
||||||
|
if [[ ! -z "$certbot_file_idx" ]]; then
|
||||||
|
sudo_command bash -l -c "find '/etc/letsencrypt/archive/$real_domain' -regex '[^0-9]+\.pem' -printf '%p\0'| perl -0 -l0 -pe 'print \$_; s/($(echo /etc/letsencrypt/archive/$real_domain/|sed 's/[\.\/]/\\\0/g')[^\d]+)\.pem/\${1}'$certbot_file_idx'\.pem/'| xargs -0 -n 2 mv"
|
||||||
|
sudo_command bash -l -c "cd $org_ssl_dir && find '../../archive/$real_domain/' -regex '[^0-9]+$certbot_file_idx\.pem' -printf '%p\0'| perl -0 -l0 -pe 'print \$_; s/$(echo ../../archive/$real_domain/|sed 's/[\.\/]/\\\0/g')([^\d]+)$certbot_file_idx\.pem/\${1}\.pem/'| xargs -0 -n 2 ln -s"
|
||||||
|
else
|
||||||
|
sudo_command bash -l -c "cd $org_ssl_dir && ln -s ../../archive/$real_domain/*.pem ."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
sudo_command cp -r $new_ssl_dir/renewal/* /etc/letsencrypt/renewal/.
|
sudo_command cp -r $new_ssl_dir/renewal/* /etc/letsencrypt/renewal/.
|
||||||
|
if [[ -e /etc/letsencrypt/renewal/$real_domain.conf ]]; then #Fix certbot account
|
||||||
|
letsencrypt_server_name=`sudo_command ls /etc/letsencrypt/accounts/|xargs|awk '{print $1}'`
|
||||||
|
if [[ ! -z "$letsencrypt_server_name" ]]; then
|
||||||
|
sudo_command sed -E 's/server\s*=.*/server = https:\/\/'$letsencrypt_server_name'\/directory/g' -i /etc/letsencrypt/renewal/$real_domain.conf
|
||||||
|
letsencrypt_account_id=`sudo_command ls /etc/letsencrypt/accounts/$letsencrypt_server_name/directory|xargs|awk '{print $1}'`
|
||||||
|
if [[ ! -z "$letsencrypt_account_id" ]]; then
|
||||||
|
sudo_command sed -E 's/account\s*=.*/account = '$letsencrypt_account_id'/g' -i /etc/letsencrypt/renewal/$real_domain.conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
sed "s/$(escape_slash $ssl_certificate_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_file)/g" -i $new_nginx_file
|
sed "s/$(escape_slash $ssl_certificate_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_file)/g" -i $new_nginx_file
|
||||||
sed "s/$(escape_slash $ssl_certificate_key_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_key_file)/g" -i $new_nginx_file
|
sed "s/$(escape_slash $ssl_certificate_key_file)/$(escape_slash $root_path)\/ssl_files\/$(basename $ssl_certificate_key_file)/g" -i $new_nginx_file
|
||||||
|
|
Loading…
Reference in New Issue