From 79a156bc24e94996895437aa55e593ddb62a9d90 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Sat, 28 Oct 2017 12:31:13 +0000 Subject: [PATCH] - added strartup and exit hooks - marked hooks as system ones --- hook.functions | 40 ++++++++++++++++++++++++---------------- hook.sh | 7 +++++-- 2 files changed, 29 insertions(+), 18 deletions(-) diff --git a/hook.functions b/hook.functions index 20d8d97..15183d8 100644 --- a/hook.functions +++ b/hook.functions @@ -11,21 +11,21 @@ deploy_cert() { local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}" if [[ -n "${HOOKS_D}" ]]; then if [[ ! -d "${HOOKS_D}" ]]; then - echo " + Hook: ${HANDLER}: The path ${HOOKS_D} specified for HOOKS_D does not point to a directory." + echo " + System hook: ${HANDLER}: The path ${HOOKS_D} specified for HOOKS_D does not point to a directory." else if [[ -f "${HOOKS_D}/${DOMAIN}" ]]; then if [[ -r "${HOOKS_D}/${DOMAIN}" ]]; then - echo " + Hook: ${HANDLER}: Executing hook script for certificate ${DOMAIN}." + echo " + System hook: ${HANDLER}: Executing hook script for certificate ${DOMAIN}." . "${HOOKS_D}/${DOMAIN}" else - echo " + Hook: ${HANDLER}: Cannot execute hook script for certificate ${DOMAIN}." + echo " + System hook: ${HANDLER}: Cannot execute hook script for certificate ${DOMAIN}." fi else if [[ -f "${HOOKS_D}/global" ]] && [[ -r "${HOOKS_D}/global" ]]; then - echo " + Hook: ${HANDLER}: Executing global hook script" + echo " + System hook: ${HANDLER}: Executing global hook script" . "${HOOKS_D}/global" else - echo " + Hook: ${HANDLER}: Cannot execute global hook script." + echo " + System hook: ${HANDLER}: Cannot execute global hook script." fi fi fi @@ -34,27 +34,35 @@ deploy_cert() { clean_challenge() { local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}" - echo " + Hook: ${HANDLER}: Nothing to do..." + echo " + System hook: ${HANDLER}: Nothing to do..." } deploy_challenge() { local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}" - echo " + Hook: ${HANDLER}: Nothing to do..." + echo " + System hook: ${HANDLER}: Nothing to do..." } invalid_challenge() { local DOMAIN="${1}" RESPONSE="${2}" - echo " + Hook: ${HANDLER}: Nothing to do..." + echo " + System hook: ${HANDLER}: Nothing to do..." } request_failure() { local STATUSCODE="${1}" REASON="${2}" REQTYPE="${3}" - echo " + Hook: ${HANDLER}: Nothing to do..." + echo " + System hook: ${HANDLER}: Nothing to do..." } unchanged_cert() { local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" - echo " + Hook: ${HANDLER}: Nothing to do..." + echo " + System hook: ${HANDLER}: Nothing to do..." +} + +startup_hook() { + echo " + System hook: ${HANDLER}: Nothing to do..." +} + +exit_hook() { + echo " + System hook: ${HANDLER}: Nothing to do..." } # Function to concat files atomic way to avoid MITM problems @@ -71,7 +79,7 @@ lighttpd_reload() { if [ ! -x /usr/sbin/lighttpd ] || [ ! -f /etc/lighttpd/server.pem ]; then return fi - echo " + Hook: Overwritting /etc/lighttpd/server.pem and reloading lighttpd..." + echo " + System hook: Overwritting /etc/lighttpd/server.pem and reloading lighttpd..." atomic_concat /etc/lighttpd/server.pem "$FULLCHAINCERT" "$PRIVKEY" /sbin/service lighttpd reload } @@ -80,7 +88,7 @@ haproxy_reload() { if [ ! -x /usr/sbin/haproxy ] || [ ! -f /etc/haproxy/server.pem ]; then return fi - echo " + Hook: Overwritting /etc/haproxy/server.pem and restarting haproxy..." + echo " + System hook: Overwritting /etc/haproxy/server.pem and restarting haproxy..." atomic_concat /etc/haproxy/server.pem "$FULLCHAINCERT" "$PRIVKEY" /sbin/service haproxy reload } @@ -89,7 +97,7 @@ nginx_reload() { if [ ! -f /etc/nginx/server.crt ] || [ ! -f /etc/nginx/server.key ]; then return fi - echo " + Hook: Overwritting /etc/nginx/server.{crt,key} and reloading nginx..." + echo " + System hook: Overwritting /etc/nginx/server.{crt,key} and reloading nginx..." atomic_concat /etc/nginx/server.crt "$FULLCHAINCERT" atomic_concat /etc/nginx/server.key "$PRIVKEY" /sbin/service nginx reload @@ -99,7 +107,7 @@ apache_reload() { if [ ! -x /etc/rc.d/init.d/httpd ]; then return fi - echo " + Hook: Reloading Apache..." + echo " + System hook: Reloading Apache..." /sbin/service httpd graceful } @@ -107,7 +115,7 @@ postfix_reload() { if [ ! -x /etc/rc.d/init.d/postfix ]; then return fi - echo " + Hook: Reloading Postfix..." + echo " + System hook: Reloading Postfix..." /sbin/service postfix reload } @@ -115,6 +123,6 @@ dovecot_reload() { if [ ! -x /etc/rc.d/init.d/dovecot ]; then return fi - echo " + Hook: Reloading Dovecot..." + echo " + System hook: Reloading Dovecot..." /sbin/service dovecot reload } diff --git a/hook.sh b/hook.sh index 51c35b5..283ed79 100755 --- a/hook.sh +++ b/hook.sh @@ -28,7 +28,10 @@ request_failure) unchanged_cert) unchanged_cert "$@" ;; -*) - echo " + Hook: ${HANDLER}: Nothing to do..." +startup_hook) + startup_hook "$@" + ;; +exit_hook) + exit_hook "$@" ;; esac -- 2.46.0