| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 |
- #!/bin/bash
- # info: add letsencrypt for host and backend
- # options: NONE
- #
- # example: v-add-letsencrypt-host
- #
- # This function check and validates the backend certificate and generate
- # a new let's encrypt certificate.
- #----------------------------------------------------------#
- # Variables & Functions #
- #----------------------------------------------------------#
- # Includes
- # shellcheck source=/etc/hestiacp/hestia.conf
- source /etc/hestiacp/hestia.conf
- # shellcheck source=/usr/local/hestia/func/main.sh
- source $HESTIA/func/main.sh
- # shellcheck source=/usr/local/hestia/func/domain.sh
- source $HESTIA/func/domain.sh
- # load config file
- source_conf "$HESTIA/conf/hestia.conf"
- # Perform verification if read-only mode is enabled
- check_hestia_demo_mode
- # Argument definition
- domain=$(hostname -f)
- if [ -z $domain ]; then
- domain=$HOSTNAME
- fi
- user="$($BIN/v-search-domain-owner "$domain" web)"
- [[ -z "$user" ]] && user="admin"
- USER_DATA=$HESTIA/data/users/$user
- #----------------------------------------------------------#
- # Verifications #
- #----------------------------------------------------------#
- is_format_valid 'user' 'domain' 'aliases'
- is_object_valid 'user' 'USER' "$user"
- is_object_unsuspended 'user' 'USER' "$user"
- is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
- #----------------------------------------------------------#
- # Action #
- #----------------------------------------------------------#
- # Check if hostname already exists as domain
- if [ "$($BIN/v-list-web-domain $user $domain plain | cut -f 1)" != "$domain" ]; then
- # Create web domain for hostname
- $BIN/v-add-web-domain-ipv46 "$user" "$domain"
- fi
- # Validate web domain
- is_object_valid 'web' 'DOMAIN' "$domain"
- is_object_unsuspended 'web' 'DOMAIN' "$domain"
- get_domain_values 'web'
- # Load domain data
- parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
- # Set ssl installation to yes
- add_ssl="yes"
- if [ "$SSL" = "yes" ]; then
- # Valildate SSL Certificate
- if [ -e "$USER_DATA/ssl/$domain.ca" ]; then
- if openssl verify -CAfile <(openssl x509 -in $USER_DATA/ssl/$domain.ca) $USER_DATA/ssl/$domain.pem | grep -q "$domain.pem: OK"; then
- add_ssl="no"
- fi
- else
- if openssl verify $USER_DATA/ssl/$domain.pem | grep -q "$domain.pem: OK"; then
- add_ssl="no"
- fi
- fi
- fi
- # Add let's encrypt ssl if needed
- if [ "$add_ssl" = "yes" ]; then
- # Add let's encrypt ssl
- $BIN/v-add-letsencrypt-domain "$user" "$domain"
- check_result $? "Let's Encrypt SSL creation failed" "$E_UPDATE"
- fi
- # Add certificate to backend
- $BIN/v-update-host-certificate "$user" "$domain"
- # Enable automatic ssl forward and hsts
- $BIN/v-add-web-domain-ssl-force "$user" "$domain" > /dev/null 2>&1
- $BIN/v-add-web-domain-ssl-hsts "$user" "$domain" > /dev/null 2>&1
- #----------------------------------------------------------#
- # Hestia #
- #----------------------------------------------------------#
- exit
|
