diff options
| author | Erich Eckner <git@eckner.net> | 2019-08-27 09:21:55 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2019-08-27 09:21:55 +0200 |
| commit | 0826e8bd55481533d64a04919957d8f3e738d0e8 (patch) | |
| tree | c430694f167f79016a27ca9a0306ec5836711d6d | |
| parent | acac3dbaf000fd4c07920bd7d3e2637a0a8402a3 (diff) | |
| download | simple-pki-0826e8bd55481533d64a04919957d8f3e738d0e8.tar.xz | |
generate-and-upload-self-signed-keys.in: do not overwrite with too new files
| -rwxr-xr-x | generate-and-upload-self-signed-keys.in | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/generate-and-upload-self-signed-keys.in b/generate-and-upload-self-signed-keys.in index 20423b3..951bf72 100755 --- a/generate-and-upload-self-signed-keys.in +++ b/generate-and-upload-self-signed-keys.in @@ -46,6 +46,12 @@ if [ "$(whoami)" = 'root' ]; then for host_key_file in ${host_key_files}; do if [ -f "${key_dir}/${host_key_file}.key.pem.new" ] \ && [ -f "${key_dir}/${host_key_file}.cert.pem.new" ]; then + if [ "$(stat -c%Y "${key_dir}/${host_key_file}.key.pem.new")" -ge "$(($(date +%s)-60*60*24*30))" ] \ + && [ -f "${key_dir}/${host_key_file}.key.pem" ] \ + && [ "$(stat -c%Y "${key_dir}/${host_key_file}.cert.pem.new")" -ge "$(($(date +%s)-60*60*24*30))" ] \ + && [ -f "${key_dir}/${host_key_file}.cert.pem" ]; then + continue + fi mv "${key_dir}/${host_key_file}.key.pem"{.new,} mv "${key_dir}/${host_key_file}.cert.pem"{.new,} updated_something=true @@ -64,6 +70,10 @@ fi printf '%s\n' "${hosts}" \ | while read -r host other_hosts; do + if [ -f "${key_dir}/${host}.key.pem.new" ] \ + && [ -f "${key_dir}/${host}.cert.pem.new" ]; then + continue + fi openssl req -x509 -newkey rsa:4096 \ -keyout "${key_dir}/${host}.key.pem.new" \ -out "${key_dir}/${host}.cert.pem.new" \ |