]>
Commit | Line | Data |
---|---|---|
307336cf VB |
1 | #!/usr/bin/env sh |
2 | ||
3 | #Here is a script to deploy cert to mailcow. | |
4 | ||
5 | #returns 0 means success, otherwise error. | |
6 | ||
7 | ######## Public functions ##################### | |
8 | ||
9 | #domain keyfile certfile cafile fullchain | |
10 | mailcow_deploy() { | |
11 | _cdomain="$1" | |
12 | _ckey="$2" | |
13 | _ccert="$3" | |
14 | _cca="$4" | |
15 | _cfullchain="$5" | |
16 | ||
17 | _debug _cdomain "$_cdomain" | |
18 | _debug _ckey "$_ckey" | |
19 | _debug _ccert "$_ccert" | |
20 | _debug _cca "$_cca" | |
21 | _debug _cfullchain "$_cfullchain" | |
22 | ||
d643a2ff VB |
23 | _mailcow_path="${DEPLOY_MAILCOW_PATH}" |
24 | ||
25 | if [ -z "$_mailcow_path" ]; then | |
d6041661 VB |
26 | _err "Mailcow path is not found, please define DEPLOY_MAILCOW_PATH." |
27 | return 1 | |
d643a2ff VB |
28 | fi |
29 | ||
32b62d6d | 30 | #Tests if _ssl_path is the mailcow root directory. |
2bc62797 CB |
31 | if [ -f "${_mailcow_path}/generate_config.sh" ]; then |
32 | _ssl_path="${_mailcow_path}/data/assets/ssl/" | |
33 | else | |
32b62d6d | 34 | _ssl_path="${_mailcow_path}" |
2bc62797 CB |
35 | fi |
36 | ||
d643a2ff | 37 | if [ ! -d "$_ssl_path" ]; then |
d6041661 VB |
38 | _err "Cannot find mailcow ssl path: $_ssl_path" |
39 | return 1 | |
307336cf VB |
40 | fi |
41 | ||
2bc62797 CB |
42 | # ECC or RSA |
43 | if [ -z "${Le_Keylength}" ]; then | |
32b62d6d | 44 | Le_Keylength="" |
2bc62797 CB |
45 | fi |
46 | if _isEccKey "${Le_Keylength}"; then | |
32b62d6d | 47 | _info "ECC key type detected" |
32b62d6d | 48 | _cert_name_prefix="ecdsa-" |
2bc62797 | 49 | else |
32b62d6d | 50 | _info "RSA key type detected" |
32b62d6d | 51 | _cert_name_prefix="" |
2bc62797 | 52 | fi |
307336cf | 53 | _info "Copying key and cert" |
2bc62797 | 54 | _real_key="$_ssl_path/${_cert_name_prefix}key.pem" |
307336cf VB |
55 | if ! cat "$_ckey" >"$_real_key"; then |
56 | _err "Error: write key file to: $_real_key" | |
57 | return 1 | |
58 | fi | |
59 | ||
2bc62797 | 60 | _real_fullchain="$_ssl_path/${_cert_name_prefix}cert.pem" |
307336cf VB |
61 | if ! cat "$_cfullchain" >"$_real_fullchain"; then |
62 | _err "Error: write cert file to: $_real_fullchain" | |
63 | return 1 | |
64 | fi | |
65 | ||
2bc62797 | 66 | DEFAULT_MAILCOW_RELOAD="docker restart $(docker ps -qaf name=postfix-mailcow); docker restart $(docker ps -qaf name=nginx-mailcow); docker restart $(docker ps -qaf name=dovecot-mailcow)" |
307336cf VB |
67 | _reload="${DEPLOY_MAILCOW_RELOAD:-$DEFAULT_MAILCOW_RELOAD}" |
68 | ||
69 | _info "Run reload: $_reload" | |
70 | if eval "$_reload"; then | |
71 | _info "Reload success!" | |
72 | fi | |
73 | return 0 | |
74 | ||
75 | } |