]>
Commit | Line | Data |
---|---|---|
f845b371 | 1 | #!/usr/bin/env sh |
2 | ||
3 | #Here is a script to deploy cert to vsftpd server. | |
4 | ||
5 | #returns 0 means success, otherwise error. | |
6 | ||
6dfc8fe0 | 7 | #DEPLOY_VSFTPD_CONF="/etc/vsftpd.conf" |
8 | #DEPLOY_VSFTPD_RELOAD="service vsftpd restart" | |
9 | ||
f845b371 | 10 | ######## Public functions ##################### |
11 | ||
12 | #domain keyfile certfile cafile fullchain | |
13 | vsftpd_deploy() { | |
14 | _cdomain="$1" | |
15 | _ckey="$2" | |
16 | _ccert="$3" | |
17 | _cca="$4" | |
18 | _cfullchain="$5" | |
19 | ||
20 | _debug _cdomain "$_cdomain" | |
21 | _debug _ckey "$_ckey" | |
22 | _debug _ccert "$_ccert" | |
23 | _debug _cca "$_cca" | |
24 | _debug _cfullchain "$_cfullchain" | |
25 | ||
6dfc8fe0 | 26 | _ssl_path="/etc/acme.sh/vsftpd" |
27 | if ! mkdir -p "$_ssl_path"; then | |
28 | _err "Can not create folder:$_ssl_path" | |
29 | return 1 | |
30 | fi | |
31 | ||
6dfc8fe0 | 32 | _info "Copying key and cert" |
33 | _real_key="$_ssl_path/vsftpd.key" | |
34 | if ! cat "$_ckey" >"$_real_key"; then | |
35 | _err "Error: write key file to: $_real_key" | |
36 | return 1 | |
37 | fi | |
38 | _real_fullchain="$_ssl_path/vsftpd.chain.pem" | |
39 | if ! cat "$_cfullchain" >"$_real_fullchain"; then | |
40 | _err "Error: write key file to: $_real_fullchain" | |
41 | return 1 | |
42 | fi | |
45d6e00f | 43 | |
6dfc8fe0 | 44 | DEFAULT_VSFTPD_RELOAD="service vsftpd restart" |
45 | _reload="${DEPLOY_VSFTPD_RELOAD:-$DEFAULT_VSFTPD_RELOAD}" | |
ddf293bb | 46 | |
47 | if [ -z "$IS_RENEW" ]; then | |
48 | DEFAULT_VSFTPD_CONF="/etc/vsftpd.conf" | |
49 | _vsftpd_conf="${DEPLOY_VSFTPD_CONF:-$DEFAULT_VSFTPD_CONF}" | |
50 | if [ ! -f "$_vsftpd_conf" ]; then | |
51 | if [ -z "$DEPLOY_VSFTPD_CONF" ]; then | |
52 | _err "vsftpd conf is not found, please define DEPLOY_VSFTPD_CONF" | |
53 | return 1 | |
54 | else | |
55 | _err "It seems that the specified vsftpd conf is not valid, please check." | |
56 | return 1 | |
57 | fi | |
58 | fi | |
59 | if [ ! -w "$_vsftpd_conf" ]; then | |
60 | _err "The file $_vsftpd_conf is not writable, please change the permission." | |
61 | return 1 | |
62 | fi | |
63 | _backup_conf="$DOMAIN_BACKUP_PATH/vsftpd.conf.bak" | |
64 | _info "Backup $_vsftpd_conf to $_backup_conf" | |
65 | cp "$_vsftpd_conf" "$_backup_conf" | |
66 | ||
67 | _info "Modify vsftpd conf: $_vsftpd_conf" | |
68 | if _setopt "$_vsftpd_conf" "rsa_cert_file" "=" "$_real_fullchain" \ | |
69 | && _setopt "$_vsftpd_conf" "rsa_private_key_file" "=" "$_real_key" \ | |
70 | && _setopt "$_vsftpd_conf" "ssl_enable" "=" "YES"; then | |
71 | _info "Set config success!" | |
72 | else | |
73 | _err "Config vsftpd server error, please report bug to us." | |
74 | _info "Restoring vsftpd conf" | |
75 | if cat "$_backup_conf" >"$_vsftpd_conf"; then | |
76 | _info "Restore conf success" | |
77 | eval "$_reload" | |
78 | else | |
df14085e | 79 | _err "Oops, error restore vsftpd conf, please report bug to us." |
ddf293bb | 80 | fi |
81 | return 1 | |
82 | fi | |
83 | fi | |
84 | ||
85 | _info "Run reload: $_reload" | |
86 | if eval "$_reload"; then | |
87 | _info "Reload success!" | |
6dfc8fe0 | 88 | if [ "$DEPLOY_VSFTPD_CONF" ]; then |
89 | _savedomainconf DEPLOY_VSFTPD_CONF "$DEPLOY_VSFTPD_CONF" | |
90 | else | |
91 | _cleardomainconf DEPLOY_VSFTPD_CONF | |
92 | fi | |
93 | if [ "$DEPLOY_VSFTPD_RELOAD" ]; then | |
94 | _savedomainconf DEPLOY_VSFTPD_RELOAD "$DEPLOY_VSFTPD_RELOAD" | |
95 | else | |
96 | _cleardomainconf DEPLOY_VSFTPD_RELOAD | |
97 | fi | |
98 | return 0 | |
99 | else | |
ddf293bb | 100 | _err "Reload error, restoring" |
6dfc8fe0 | 101 | if cat "$_backup_conf" >"$_vsftpd_conf"; then |
102 | _info "Restore conf success" | |
103 | eval "$_reload" | |
104 | else | |
df14085e | 105 | _err "Oops, error restore vsftpd conf, please report bug to us." |
6dfc8fe0 | 106 | fi |
107 | return 1 | |
108 | fi | |
ddf293bb | 109 | return 0 |
f845b371 | 110 | } |