Commit 342f63ec authored by Hj Ahmad Rasyid Hj Ismail's avatar Hj Ahmad Rasyid Hj Ismail Committed by Marius Burkard

Update installer_base.lib.php fixing certboot webroot command using...

Update installer_base.lib.php fixing certboot webroot command using --webroot-map as an alternative to version >=0.30. I would suggest @pixcept to add add support to acme.sh since he already did the acme.sh add up in https://git.ispconfig.org/ispconfig/ispconfig3/blob/master/server/lib/classes/letsencrypt.inc.php.
parent 2f21ecee
This diff is collapsed.
#!/bin/bash
### BEGIN INIT INFO
# Provides: LETSENCRYPT POST HOOK SCRIPT
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: LETSENCRYPT POST HOOK SCRIPT
# Description: To force close http port 80 if it is by default closed, to be used by letsencrypt client standlone command
### END INIT INFO
# You can add support to other firewall
# For RHEL, Centos or derivatives
if which yum &> /dev/null 2>&1 ; then
# If using firewalld
if [ rpm -q firewalld ] && [ `firewall-cmd --state` = running ]; then
firewall-cmd --zone=public --permanent --remove-service=http
firewall-cmd --reload
# If using UFW
elif rpm -q ufw; then
ufw --force enable && ufw deny http
else
fi
# For Debian, Ubuntu or derivatives
elif apt-get -v >/dev/null 2>&1 ; then
# If using UFW
if [ $(dpkg-query -W -f='${Status}' ufw 2>/dev/null | grep -c "ok installed") -eq 1 ]; then
ufw --force enable && ufw deny http
fi
# Try iptables as a final attempt
else
iptables -D INPUT -p tcp --dport 80 -j ACCEPT
service iptables save
fi
#!/bin/bash
### BEGIN INIT INFO
# Provides: LETSENCRYPT PRE HOOK SCRIPT
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: LETSENCRYPT PRE HOOK SCRIPT
# Description: To force open http port 80 to be used by letsencrypt client standlone command
### END INIT INFO
# You can add support to other firewall
# For RHEL, Centos or derivatives
if which yum &> /dev/null 2>&1 ; then
# If using firewalld
if [ rpm -q firewalld ] && [ `firewall-cmd --state` = running ]; then
firewall-cmd --zone=public --permanent --add-service=http
firewall-cmd --reload
# If using UFW
elif rpm -q ufw; then
ufw --force enable && ufw allow http
else
fi
# For Debian, Ubuntu or derivatives
elif apt-get -v >/dev/null 2>&1 ; then
# If using UFW
if [ $(dpkg-query -W -f='${Status}' ufw 2>/dev/null | grep -c "ok installed") -eq 1 ]; then
ufw --force enable && ufw allow http
fi
# Try iptables as a final attempt
else
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
service iptables save
fi
#!/bin/bash
### BEGIN INIT INFO
# Provides: LETSENCRYPT RENEW HOOK SCRIPT
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: LETSENCRYPT RENEW HOOK SCRIPT
# Description: Taken from LE4ISPC code. To be used to update ispserver.pem automatically after ISPConfig LE SSL certs are renewed and to reload / restart important ISPConfig server services
### END INIT INFO
lelive=/etc/letsencrypt/live/$(hostname -f); if [ -d "$lelive" ]; then
cd /usr/local/ispconfig/interface/ssl; ibak=ispserver.*.bak; ipem=ispserver.pem; icrt=ispserver.crt; ikey=ispserver.key
if ls $ibak 1> /dev/null 2>&1; then rm $ibak; fi
if [ -e "$ipem" ]; then mv $ipem $ipem-$(date +"%y%m%d%H%M%S").bak; cat $ikey $icrt > $ipem; chmod 600 $ipem; fi
pureftpdpem=/etc/ssl/private/pure-ftpd.pem; if [ -e "$pureftpdpem" ]; then chmod 600 $pureftpdpem; fi
# For Red Hat, Centos or derivatives
if which yum &> /dev/null 2>&1 ; then
if [ rpm -q pure-ftpd-mysql ]; then service pure-ftpd-mysql restart; fi
if [ rpm -q monit ]; then service monit restart; fi
if [ rpm -q postfix ]; then service postfix restart; fi
if [ rpm -q dovecot-imapd ]; then service dovecot restart; fi
if [ rpm -q mysql ]; then service mysql restart; fi
if [ rpm -q mariadb ]; then service mysql restart; fi
if [ rpm -q nginx ]; then service nginx restart; fi
if [ rpm -q apache2 ]; then service apache2 restart; fi
# For Debian, Ubuntu or derivatives
elif apt-get -v >/dev/null 2>&1 ; then
if [ $(dpkg-query -W -f='${Status}' pure-ftpd-mysql 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service pure-ftpd-mysql restart; fi
if [ $(dpkg-query -W -f='${Status}' monit 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service monit restart; fi
if [ $(dpkg-query -W -f='${Status}' postfix 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service postfix restart; fi
if [ $(dpkg-query -W -f='${Status}' dovecot-imapd 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service dovecot restart; fi
if [ $(dpkg-query -W -f='${Status}' mysql 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service mysql restart; fi
if [ $(dpkg-query -W -f='${Status}' mariadb 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service mysql restart; fi
if [ $(dpkg-query -W -f='${Status}' nginx 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service nginx restart; fi
if [ $(dpkg-query -W -f='${Status}' apache2 2>/dev/null | grep -c "ok installed") -eq 1 ]; then service apache2 restart; fi
else
fi
else echo `/bin/date` "Your Lets Encrypt SSL certs path for your ISPConfig server FQDN is missing.$line" >> /var/log/ispconfig/ispconfig.log; fi
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment