| f845b371 |
1 | #!/usr/bin/env sh |
| 2 | |
| 3 | #Here is a script to deploy cert to exim4 server. |
| 4 | |
| 5 | #returns 0 means success, otherwise error. |
| 6 | |
| 19650351 |
7 | #DEPLOY_EXIM4_CONF="/etc/exim/exim.conf" |
| 8 | #DEPLOY_EXIM4_RELOAD="service exim4 restart" |
| 9 | |
| f845b371 |
10 | ######## Public functions ##################### |
| 11 | |
| 12 | #domain keyfile certfile cafile fullchain |
| 13 | exim4_deploy() { |
| 14 | _cdomain="$1" |
| 15 | _ckey="$2" |
| 16 | _ccert="$3" |
| 17 | _cca="$4" |
| 18 | _cfullchain="$5" |
| 19 | |
| 20 | _debug _cdomain "$_cdomain" |
| 21 | _debug _ckey "$_ckey" |
| 22 | _debug _ccert "$_ccert" |
| 23 | _debug _cca "$_cca" |
| 24 | _debug _cfullchain "$_cfullchain" |
| 25 | |
| 19650351 |
26 | _ssl_path="/etc/acme.sh/exim4" |
| 27 | if ! mkdir -p "$_ssl_path"; then |
| 28 | _err "Can not create folder:$_ssl_path" |
| 29 | return 1 |
| 30 | fi |
| 31 | |
| 32 | _info "Copying key and cert" |
| 33 | _real_key="$_ssl_path/exim4.key" |
| 34 | if ! cat "$_ckey" >"$_real_key"; then |
| 35 | _err "Error: write key file to: $_real_key" |
| 36 | return 1 |
| 37 | fi |
| 38 | _real_fullchain="$_ssl_path/exim4.pem" |
| 39 | if ! cat "$_cfullchain" >"$_real_fullchain"; then |
| 40 | _err "Error: write key file to: $_real_fullchain" |
| 41 | return 1 |
| 42 | fi |
| 43 | |
| 44 | DEFAULT_EXIM4_RELOAD="service exim4 restart" |
| 45 | _reload="${DEPLOY_EXIM4_RELOAD:-$DEFAULT_EXIM4_RELOAD}" |
| 46 | |
| 47 | if [ -z "$IS_RENEW" ]; then |
| 48 | DEFAULT_EXIM4_CONF="/etc/exim/exim.conf" |
| 49 | if [ ! -f "$DEFAULT_EXIM4_CONF" ]; then |
| 50 | DEFAULT_EXIM4_CONF="/etc/exim4/exim4.conf.template" |
| 51 | fi |
| 52 | _exim4_conf="${DEPLOY_EXIM4_CONF:-$DEFAULT_EXIM4_CONF}" |
| 53 | _debug _exim4_conf "$_exim4_conf" |
| 54 | if [ ! -f "$_exim4_conf" ]; then |
| 55 | if [ -z "$DEPLOY_EXIM4_CONF" ]; then |
| 56 | _err "exim4 conf is not found, please define DEPLOY_EXIM4_CONF" |
| 57 | return 1 |
| 58 | else |
| 59 | _err "It seems that the specified exim4 conf is not valid, please check." |
| 60 | return 1 |
| 61 | fi |
| 62 | fi |
| 63 | if [ ! -w "$_exim4_conf" ]; then |
| 64 | _err "The file $_exim4_conf is not writable, please change the permission." |
| 65 | return 1 |
| 66 | fi |
| 67 | _backup_conf="$DOMAIN_BACKUP_PATH/exim4.conf.bak" |
| 68 | _info "Backup $_exim4_conf to $_backup_conf" |
| 69 | cp "$_exim4_conf" "$_backup_conf" |
| 70 | |
| 71 | _info "Modify exim4 conf: $_exim4_conf" |
| 19c43451 |
72 | if _setopt "$_exim4_conf" "tls_certificate" "=" "$_real_fullchain" && |
| 73 | _setopt "$_exim4_conf" "tls_privatekey" "=" "$_real_key"; then |
| 19650351 |
74 | _info "Set config success!" |
| 75 | else |
| 76 | _err "Config exim4 server error, please report bug to us." |
| 77 | _info "Restoring exim4 conf" |
| 78 | if cat "$_backup_conf" >"$_exim4_conf"; then |
| 79 | _info "Restore conf success" |
| 80 | eval "$_reload" |
| 81 | else |
| df14085e |
82 | _err "Oops, error restore exim4 conf, please report bug to us." |
| 19650351 |
83 | fi |
| 84 | return 1 |
| 85 | fi |
| 86 | fi |
| 87 | |
| 88 | _info "Run reload: $_reload" |
| 89 | if eval "$_reload"; then |
| 90 | _info "Reload success!" |
| 91 | if [ "$DEPLOY_EXIM4_CONF" ]; then |
| 92 | _savedomainconf DEPLOY_EXIM4_CONF "$DEPLOY_EXIM4_CONF" |
| 93 | else |
| 94 | _cleardomainconf DEPLOY_EXIM4_CONF |
| 95 | fi |
| 96 | if [ "$DEPLOY_EXIM4_RELOAD" ]; then |
| 97 | _savedomainconf DEPLOY_EXIM4_RELOAD "$DEPLOY_EXIM4_RELOAD" |
| 98 | else |
| 99 | _cleardomainconf DEPLOY_EXIM4_RELOAD |
| 100 | fi |
| 101 | return 0 |
| 102 | else |
| 103 | _err "Reload error, restoring" |
| 104 | if cat "$_backup_conf" >"$_exim4_conf"; then |
| 105 | _info "Restore conf success" |
| 106 | eval "$_reload" |
| 107 | else |
| df14085e |
108 | _err "Oops, error restore exim4 conf, please report bug to us." |
| 19650351 |
109 | fi |
| 110 | return 1 |
| 111 | fi |
| 112 | return 0 |
| f845b371 |
113 | |
| 114 | } |
projects / mirror_acme.sh.git / blame