From 43b56245013f25aa3d274cc6da530ea52014bc19 Mon Sep 17 00:00:00 2001
From: root <root@blorand.org>
Date: Wed, 22 Apr 2020 00:42:09 +0200
Subject: [PATCH] Ajout du script de hook pour certbot

---
 ssl/certbot-hook.sh | 49 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100755 ssl/certbot-hook.sh

diff --git a/ssl/certbot-hook.sh b/ssl/certbot-hook.sh
new file mode 100755
index 0000000..59c90a7
--- /dev/null
+++ b/ssl/certbot-hook.sh
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# certbot certonly --agree-tos -m myname@mydomain.com --webroot -w /opt/certbot-webroot/data --deploy-hook "/etc/letsencrypt/certbot-hook.sh" -d mydomain.com -d www.mydomain.com
+#
+
+LANG=fr_FR.UTF-8
+TO_EMAIL="myname@mydomain.com" # Email address
+FROM_EMAIL="no-reply@mydomain.com"
+FROM_NAME="Certbot - `hostname`"
+SUBJECT="Renouvellement de certificat"
+
+
+#KOPANO-GATEWAY
+KOPANO_CERT=/etc/kopano/gateway/cert.pem
+KOPANO_CERT_KEY=/etc/kopano/gateway/privkey.pem
+cp "${RENEWED_LINEAGE}/fullchain.pem" "${KOPANO_CERT}"
+cp "${RENEWED_LINEAGE}/privkey.pem" "${KOPANO_CERT_KEY}"
+chmod 600 "${KOPANO_CERT_KEY}"
+chown kopano:kopano "${KOPANO_CERT}" "${KOPANO_CERT_KEY}"
+systemctl reload kopano-gateway.service
+
+#POSTFIX
+POSTFIX_CERT=/etc/postfix/ssl/cert.pem
+POSTFIX_CERT_KEY=/etc/postfix/ssl/privkey.pem
+cp "${RENEWED_LINEAGE}/fullchain.pem" "${POSTFIX_CERT}"
+cp "${RENEWED_LINEAGE}/privkey.pem" "${POSTFIX_CERT_KEY}"
+chmod 600 "${POSTFIX_CERT_KEY}"
+chown postfix:postfix "${POSTFIX_CERT}" "${POSTFIX_CERT_KEY}"
+systemctl reload postfix.service
+
+
+if [ ! -z "${TO_EMAIL}" ] ; then
+	for i in ${TO_EMAIL} ; do
+	        /usr/sbin/sendmail -i -- ${i} << END
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+Subject: =?UTF-8?Q?${SUBJECT}?=
+From: ${FROM_NAME} <${FROM_EMAIL}>
+To: ${i}
+
+Le(s) certificat(s) suivant(s) viennent d'être renouvelé :
+${RENEWED_DOMAINS}
+
+--
+Certbot
+END
+	done
+fi