| f845b371 |
1 | #!/usr/bin/env sh |
| 2 | |
| 3 | #Here is a script to deploy cert to vsftpd server. |
| 4 | |
| 5 | #returns 0 means success, otherwise error. |
| 6 | |
| 6dfc8fe0 |
7 | #DEPLOY_VSFTPD_CONF="/etc/vsftpd.conf" |
| 8 | #DEPLOY_VSFTPD_RELOAD="service vsftpd restart" |
| 9 | |
| f845b371 |
10 | ######## Public functions ##################### |
| 11 | |
| 12 | #domain keyfile certfile cafile fullchain |
| 13 | vsftpd_deploy() { |
| 14 | _cdomain="$1" |
| 15 | _ckey="$2" |
| 16 | _ccert="$3" |
| 17 | _cca="$4" |
| 18 | _cfullchain="$5" |
| 19 | |
| 20 | _debug _cdomain "$_cdomain" |
| 21 | _debug _ckey "$_ckey" |
| 22 | _debug _ccert "$_ccert" |
| 23 | _debug _cca "$_cca" |
| 24 | _debug _cfullchain "$_cfullchain" |
| 25 | |
| 6dfc8fe0 |
26 | _ssl_path="/etc/acme.sh/vsftpd" |
| 27 | if ! mkdir -p "$_ssl_path"; then |
| 28 | _err "Can not create folder:$_ssl_path" |
| 29 | return 1 |
| 30 | fi |
| 31 | |
| 6dfc8fe0 |
32 | _info "Copying key and cert" |
| 33 | _real_key="$_ssl_path/vsftpd.key" |
| 34 | if ! cat "$_ckey" >"$_real_key"; then |
| 35 | _err "Error: write key file to: $_real_key" |
| 36 | return 1 |
| 37 | fi |
| 38 | _real_fullchain="$_ssl_path/vsftpd.chain.pem" |
| 39 | if ! cat "$_cfullchain" >"$_real_fullchain"; then |
| 40 | _err "Error: write key file to: $_real_fullchain" |
| 41 | return 1 |
| 42 | fi |
| 45d6e00f |
43 | |
| 6dfc8fe0 |
44 | DEFAULT_VSFTPD_RELOAD="service vsftpd restart" |
| 45 | _reload="${DEPLOY_VSFTPD_RELOAD:-$DEFAULT_VSFTPD_RELOAD}" |
| ddf293bb |
46 | |
| 47 | if [ -z "$IS_RENEW" ]; then |
| 48 | DEFAULT_VSFTPD_CONF="/etc/vsftpd.conf" |
| 49 | _vsftpd_conf="${DEPLOY_VSFTPD_CONF:-$DEFAULT_VSFTPD_CONF}" |
| 50 | if [ ! -f "$_vsftpd_conf" ]; then |
| 51 | if [ -z "$DEPLOY_VSFTPD_CONF" ]; then |
| 52 | _err "vsftpd conf is not found, please define DEPLOY_VSFTPD_CONF" |
| 53 | return 1 |
| 54 | else |
| 55 | _err "It seems that the specified vsftpd conf is not valid, please check." |
| 56 | return 1 |
| 57 | fi |
| 58 | fi |
| 59 | if [ ! -w "$_vsftpd_conf" ]; then |
| 60 | _err "The file $_vsftpd_conf is not writable, please change the permission." |
| 61 | return 1 |
| 62 | fi |
| 63 | _backup_conf="$DOMAIN_BACKUP_PATH/vsftpd.conf.bak" |
| 64 | _info "Backup $_vsftpd_conf to $_backup_conf" |
| 65 | cp "$_vsftpd_conf" "$_backup_conf" |
| 66 | |
| 67 | _info "Modify vsftpd conf: $_vsftpd_conf" |
| 19c43451 |
68 | if _setopt "$_vsftpd_conf" "rsa_cert_file" "=" "$_real_fullchain" && |
| 69 | _setopt "$_vsftpd_conf" "rsa_private_key_file" "=" "$_real_key" && |
| 70 | _setopt "$_vsftpd_conf" "ssl_enable" "=" "YES"; then |
| ddf293bb |
71 | _info "Set config success!" |
| 72 | else |
| 73 | _err "Config vsftpd server error, please report bug to us." |
| 74 | _info "Restoring vsftpd conf" |
| 75 | if cat "$_backup_conf" >"$_vsftpd_conf"; then |
| 76 | _info "Restore conf success" |
| 77 | eval "$_reload" |
| 78 | else |
| df14085e |
79 | _err "Oops, error restore vsftpd conf, please report bug to us." |
| ddf293bb |
80 | fi |
| 81 | return 1 |
| 82 | fi |
| 83 | fi |
| 84 | |
| 85 | _info "Run reload: $_reload" |
| 86 | if eval "$_reload"; then |
| 87 | _info "Reload success!" |
| 6dfc8fe0 |
88 | if [ "$DEPLOY_VSFTPD_CONF" ]; then |
| 89 | _savedomainconf DEPLOY_VSFTPD_CONF "$DEPLOY_VSFTPD_CONF" |
| 90 | else |
| 91 | _cleardomainconf DEPLOY_VSFTPD_CONF |
| 92 | fi |
| 93 | if [ "$DEPLOY_VSFTPD_RELOAD" ]; then |
| 94 | _savedomainconf DEPLOY_VSFTPD_RELOAD "$DEPLOY_VSFTPD_RELOAD" |
| 95 | else |
| 96 | _cleardomainconf DEPLOY_VSFTPD_RELOAD |
| 97 | fi |
| 98 | return 0 |
| 99 | else |
| ddf293bb |
100 | _err "Reload error, restoring" |
| 6dfc8fe0 |
101 | if cat "$_backup_conf" >"$_vsftpd_conf"; then |
| 102 | _info "Restore conf success" |
| 103 | eval "$_reload" |
| 104 | else |
| df14085e |
105 | _err "Oops, error restore vsftpd conf, please report bug to us." |
| 6dfc8fe0 |
106 | fi |
| 107 | return 1 |
| 108 | fi |
| ddf293bb |
109 | return 0 |
| f845b371 |
110 | } |
projects / mirror_acme.sh.git / blame