32,19 → 32,20 |
$SED 's/^domain.*/domain\t\tlocaldomain/g' /etc/chilli.conf |
$SED 's/^ServerName.*/ServerName alcasar.localdomain/g' /etc/httpd/conf/httpd.conf |
$SED "s/^domain=.*/domain=localdomain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf |
hostnamectl set-hostname alcasar.localdomain |
$SED "s/^\tAuthName.*/\tAuthName alcasar.localdomain/g" /etc/httpd/conf/webapps.d/alcasar.conf |
$SED "s/^\tErrorDocument.*/\tErrorDocument 404 https:\/\/alcasar.localdomain\//g" /etc/httpd/conf/webapps.d/alcasar.conf |
} |
|
function defaultCert() |
{ |
cd $DIR_CERT |
rm private/alcasar.key |
rm certs/alcasar.crt |
mv certs/alcasar.crt.old certs/alcasar.crt |
mv private/alcasar.key.old private/alcasar.key |
if [ -f certs/server-chain.crt.old ] |
mv -f $DIR_CERT/certs/alcasar.crt.old $DIR_CERT/certs/alcasar.crt |
mv -f $DIR_CERT/private/alcasar.key.old $DIR_CERT/private/alcasar.key |
if [ -f $DIR_CERT/certs/server-chain.crt.old ] |
then |
rm certs/server-chain.crt |
mv certs/server-chain.crt.old certs/server-chain.crt |
mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt |
else |
rm -f $DIR_CERT/certs/server-chain.crt |
fi |
} |
|
69,44 → 70,43 |
$SED "s/^uamallowed.*/uamallowed\t$hostname,$fqdn/g" /etc/chilli.conf |
$SED "s/^ServerName.*/ServerName $fqdn/g" /etc/httpd/conf/httpd.conf |
$SED "s/^domain=.*/domain=$domain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf |
hostnamectl set-hostname $fqdn |
$SED "s/^\tAuthName.*/\tAuthName $fqdn/g" /etc/httpd/conf/webapps.d/alcasar.conf |
$SED "s/^\tErrorDocument.*/\tErrorDocument 404 https:\/\/$fqdn\//g" /etc/httpd/conf/webapps.d/alcasar.conf |
fi |
} |
|
function certImport() |
{ |
cd $DIR_CERT |
|
if [ ! -f "/etc/pki/tls/certs/alcasar.crt.old" ] |
if [ ! -f "$DIR_CERT/certs/alcasar.crt.old" ] |
then |
echo "Backup of old cert (alcasar.crt)" |
mv certs/alcasar.crt certs/alcasar.crt.old |
mv $DIR_CERT/certs/alcasar.crt $DIR_CERT/certs/alcasar.crt.old |
fi |
if [ ! -f "/etc/pki/tls/private/alcasar.key.old" ] |
if [ ! -f "$DIR_CERT/private/alcasar.key.old" ] |
then |
echo "Backup of old private key (alcasar.key)" |
mv private/alcasar.key private/alcasar.key.old |
mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old |
fi |
cp $cert $DIR_CERT/certs/alcasar.crt |
cp $key $DIR_CERT/private/alcasar.key |
|
cp $cert certs/alcasar.crt |
cp $key private/alcasar.key |
chown root:apache $DIR_CERT/certs/alcasar.crt |
chown root:apache $DIR_CERT/private/alcasar.key |
|
chown root:apache certs/alcasar.crt |
chown root:apache private/alcasar.key |
|
chmod 750 certs/alcasar.crt |
chmod 750 private/alcasar.key |
|
chmod 750 $DIR_CERT/certs/alcasar.crt |
chmod 750 $DIR_CERT/private/alcasar.key |
if [ "$sc" != "" ] |
then |
echo "cert-chain exists" |
if [ ! -f "/etc/pki/tls/certs/server-chain.crt.old" ] |
if [ ! -f "$DIR_CERT/certs/server-chain.crt.old" ] |
then |
echo "Backup of old cert-chain (server-chain.crt)" |
mv certs/server-chain.crt certs/server-chain.crt.old |
mv $DIR_CERT/certs/server-chain.crt $DIR_CERT/certs/server-chain.crt.old |
fi |
cp $sc certs/server-chain.crt |
chown root:apache certs/server-chain.crt |
chmod 750 certs/server-chain.crt |
cp $sc $DIR_CERT/certs/server-chain.crt |
chown root:apache $DIR_CERT/certs/server-chain.crt |
chmod 750 $DIR_CERT/certs/server-chain.crt |
fi |
} |
|
161,13 → 161,12 |
else |
echo "Importing certificate $cert with private key $key and server-chain $sc" |
fi |
|
domainName $cert |
certImport $cert $key $sc |
for services in chilli httpd dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist |
do |
systemctl restart $services |
done |
do |
echo "restarting $services"; systemctl restart $services; sleep 1 |
done |
;; |
-d) |
if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ] |
175,8 → 174,10 |
echo "Restoring default certificate" |
defaultCert |
defaultNdd |
systemctl restart chilli.service |
systemctl restart httpd.service |
for services in chilli httpd dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist |
do |
echo "restarting $services"; systemctl restart $services; sleep 1 |
done |
fi |
;; |
*) |