MythicSalt/states/certificates/dehydrated/hooks/deploy.sh

31 lines
710 B
Bash
Raw Permalink Normal View History

#!/usr/bin/env bash
#
# Copy dehydrated generated certs into /var/local/certificates and
# set required ownership and permissions. Also restart local services
# as appropriate.
action=$1
shift
deploy_cert() {
cp -a /var/lib/dehydrated/certs/* /var/local/certificates/
chown -R root:ssl-cert /var/local/certificates/
find /var/local/certificates/ -type d -print0 | xargs -0 chmod g+rx
find /var/local/certificates/ -type f -print0 | xargs -0 chmod g+r
DOMAIN="$1"
case $DOMAIN in
"mail.lunch.org.uk")
systemctl restart exim4
systemctl reload dovecot
;;
esac
}
case $action in
deploy_cert)
deploy_cert "$@"
;;
esac