Ajout du script de hook pour certbot

master
root 2 years ago
parent 99741356a2
commit 43b5624501
  1. 49
      ssl/certbot-hook.sh

@ -0,0 +1,49 @@
#!/bin/sh
#
# certbot certonly --agree-tos -m myname@mydomain.com --webroot -w /opt/certbot-webroot/data --deploy-hook "/etc/letsencrypt/certbot-hook.sh" -d mydomain.com -d www.mydomain.com
#
LANG=fr_FR.UTF-8
TO_EMAIL="myname@mydomain.com" # Email address
FROM_EMAIL="no-reply@mydomain.com"
FROM_NAME="Certbot - `hostname`"
SUBJECT="Renouvellement de certificat"
#KOPANO-GATEWAY
KOPANO_CERT=/etc/kopano/gateway/cert.pem
KOPANO_CERT_KEY=/etc/kopano/gateway/privkey.pem
cp "${RENEWED_LINEAGE}/fullchain.pem" "${KOPANO_CERT}"
cp "${RENEWED_LINEAGE}/privkey.pem" "${KOPANO_CERT_KEY}"
chmod 600 "${KOPANO_CERT_KEY}"
chown kopano:kopano "${KOPANO_CERT}" "${KOPANO_CERT_KEY}"
systemctl reload kopano-gateway.service
#POSTFIX
POSTFIX_CERT=/etc/postfix/ssl/cert.pem
POSTFIX_CERT_KEY=/etc/postfix/ssl/privkey.pem
cp "${RENEWED_LINEAGE}/fullchain.pem" "${POSTFIX_CERT}"
cp "${RENEWED_LINEAGE}/privkey.pem" "${POSTFIX_CERT_KEY}"
chmod 600 "${POSTFIX_CERT_KEY}"
chown postfix:postfix "${POSTFIX_CERT}" "${POSTFIX_CERT_KEY}"
systemctl reload postfix.service
if [ ! -z "${TO_EMAIL}" ] ; then
for i in ${TO_EMAIL} ; do
/usr/sbin/sendmail -i -- ${i} << END
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Subject: =?UTF-8?Q?${SUBJECT}?=
From: ${FROM_NAME} <${FROM_EMAIL}>
To: ${i}
Le(s) certificat(s) suivant(s) viennent d'être renouvelé :
${RENEWED_DOMAINS}
--
Certbot
END
done
fi
Loading…
Cancel
Save