summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xgenerate-and-upload-self-signed-keys.in28
1 files changed, 14 insertions, 14 deletions
diff --git a/generate-and-upload-self-signed-keys.in b/generate-and-upload-self-signed-keys.in
index 76331d9..619a923 100755
--- a/generate-and-upload-self-signed-keys.in
+++ b/generate-and-upload-self-signed-keys.in
@@ -4,8 +4,12 @@ if [ -r '#ETCDIR#/generate-and-upload-self-signed-keys.conf' ]; then
. '#ETCDIR#/generate-and-upload-self-signed-keys.conf'
fi
+key_dir='#ETCDIR#/nginx/keys'
+
hosts=$(
- find '#ETCDIR#/nginx/' -name sites-available -prune , \
+ find '#ETCDIR#/nginx/' \
+ -name keys -prune , \
+ -name sites-available -prune , \
\( -type f -o -type l \) \
-exec sed -n '
s/^\s*//
@@ -35,17 +39,13 @@ host_key_files=$(
| cut -d' ' -f1
)
-host_key_files=$(
- printf '#ETCDIR#/nginx/keys/%s\n' ${host_key_files}
-)
-
if [ "$(whoami)" = 'root' ]; then
updated_something=false
for host_key_file in ${host_key_files}; do
- if [ -f "${host_key_file}.key.pem.new" ] \
- && [ -f "${host_key_file}.cert.pem.new" ]; then
- mv "${host_key_file}.key.pem"{.new,}
- mv "${host_key_file}.cert.pem"{.new,}
+ if [ -f "${keydir}/${host_key_file}.key.pem.new" ] \
+ && [ -f "${keydir}/${host_key_file}.cert.pem.new" ]; then
+ mv "${keydir}/${host_key_file}.key.pem"{.new,}
+ mv "${keydir}/${host_key_file}.cert.pem"{.new,}
updated_something=true
fi
done
@@ -63,8 +63,8 @@ fi
printf '%s\n' "${hosts}" \
| while read -r host other_hosts; do
openssl req -x509 -newkey rsa:4096 \
- -keyout "#ETCDIR#/nginx/keys/${host}.key.pem.new" \
- -out "#ETCDIR#/nginx/keys/${host}.cert.pem.new" \
+ -keyout "${keydir}/${host}.key.pem.new" \
+ -out "${keydir}/${host}.cert.pem.new" \
-days 365 -nodes -subj '/C=DE/ST=Thuringia/L=Jena/O=Eckner/OU=Net/CN='"${host}" -sha256 \
-config <(
cat '#ETCDIR#/ssl/openssl.cnf'
@@ -80,13 +80,13 @@ done
rsync --ignore-missing-args \
$(
- printf '#ETCDIR#/nginx/keys/%s.cert.pem\n' ${host_key_files}
- printf '#ETCDIR#/nginx/keys/%s.cert.pem.new\n' ${host_key_files}
+ printf -- "${keydir}"'/%s.cert.pem\n' ${host_key_files}
+ printf -- "${keydir}"'/%s.cert.pem.new\n' ${host_key_files}
) \
"${remote_host}:${remote_dir}/"
(
- cd '#ETCDIR#/nginx/keys'
+ cd "${keydir}"
{
printf '%s.cert.pem\n' ${host_key_files}
printf '%s.cert.pem.new\n' ${host_key_files}