improve copy_certs

aed4e58c · Vitaly Lipatov · 23e96e22 · aed4e58c · aed4e58c
Commit aed4e58c authored Oct 27, 2013 by Vitaly Lipatov
Hide whitespace changes
Inline Side-by-side

Showing with 42 additions and 21 deletions

copy_certs_to_hosts.sh certs/copy_certs_to_hosts.sh +41 -20

gencsr.sh certs/gencsr.sh +1 -1

No files found.
--- a/certs/copy_certs_to_hosts.sh
+++ b/certs/copy_certs_to_hosts.sh
@@ -8,37 +8,50 @@ fatal()
 	exit 1
 }

-PRIVATEPEM="$(pwd)/etersoft_private.pem"
+PRIVATEPEM="$(pwd)/private/etersoft.pem"
+
 cd sites

+copy_to_nginx()
+{
+	if [ -n "$3" ] ; then
+		PEM="$(dirname "$PRIVATEPEM")/$1"
+		shift
+	else
+		PEM="$PRIVATEPEM"
+	fi
+	scp $1 $2:/etc/nginx/ssl/ || fatal
+	scp "$PEM" $2:/etc/nginx/ssl/ || fatal
+	ssh $2 service nginx reload
+}
+
+do_pem()
+{
+test -f "$1" || return
+cat "$1" "$PRIVATEPEM" \
+	> "$2"
+}
+
+copy_to_nginx pravtor.pem pravtor.ru.crt pravtor
+exit
+copy_to_nginx bugs.etersoft.ru.crt bugs
+copy_to_nginx mysql.eterhost.ru.crt host03
+copy_to_nginx stog.etersoft.ru.crt stog
+
+copy_to_priv()
+{
 scp roundcube.eterhost.ru.crt rt.etersoft.ru.crt sales.etersoft.ru.crt cyradm.eterhost.ru.crt \
 	sec.office.etersoft.ru.crt time.office.etersoft.ru.crt wiki.office.etersoft.ru.crt \
 	priv:/etc/nginx/ssl/ || fatal
 scp "$PRIVATEPEM" priv:/etc/nginx/ssl/etersoft.pem || fatal
 ssh priv service nginx restart
+}

-scp bugs.etersoft.ru.crt \
-	bugs:/etc/nginx/ssl/ || fatal
-scp "$PRIVATEPEM" bugs:/etc/nginx/ssl/etersoft.pem || fatal
-ssh bugs service nginx restart
-
-scp mysql.eterhost.ru.crt \
-	host03:/etc/nginx/ssl/ || fatal
-scp "$PRIVATEPEM" host03:/etc/nginx/ssl/etersoft.pem || fatal
-ssh host03 service nginx restart
+copy_to_priv

-scp stog.etersoft.ru.crt \
-	stog:/etc/nginx/ssl/ || fatal
-scp "$PRIVATEPEM" stog:/etc/nginx/ssl/etersoft.pem || fatal
-ssh stog service nginx restart

-do_pem()
+copy_to_im()
 {
-test -f "$1" || return
-cat "$1" "$PRIVATEPEM" \
-	> "$2"
-}
-
 echo
 echo "im.etersoft.ru"
 do_pem im.etersoft.ru.crt im.etersoft.ru.tmp || fatal
@@ -46,7 +59,12 @@ scp im.etersoft.ru.tmp \
 	im.etersoft.ru:/etc/jabberd2/ssl/im.etersoft.ru.pem || fatal
 rm -f im.etersoft.ru.tmp
 ssh im.etersoft.ru service jabberd2 restart
+}
+
+copy_to_im

+copy_to_mail()
+{
 echo
 echo "mail.etersoft.ru"
 do_pem mail.etersoft.ru.crt mail.etersoft.ru.tmp || fatal
@@ -58,3 +76,6 @@ ssh mail service postfix restart
 scp "$PRIVATEPEM" mail:/var/lib/imap/ssl/etersoft.pem || fatal
 scp mail.etersoft.ru.crt mail:/var/lib/imap/ssl/mail.etersoft.ru.crt || fatal
 ssh mail service cyrus-imapd restart
+}
+
+copy_to_mail
--- a/certs/gencsr.sh
+++ b/certs/gencsr.sh
 #!/bin/bash

 DOMAIN=$1
-PRIVATE_KEY=etersoft_private.pem
+PRIVATE_KEY=private/etersoft.pem
 SUFFIX_OUT_FILE="request.csr"

 mkdir -p csr/