Skip to content

Commit 2f07d0c

Browse files
ScIT-RaphaelScIT-Raphael
committed
Rework let's encrypt for mail ssl.
1 parent 8202dd4 commit 2f07d0c

File tree

6 files changed

+104
-372
lines changed

6 files changed

+104
-372
lines changed

bin/v-add-letsencrypt-domain

Lines changed: 49 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
#!/bin/bash
22
# info: check letsencrypt domain
3-
# options: USER DOMAIN [ALIASES]
3+
# options: USER DOMAIN [ALIASES] [MAIL]
44
#
55
# The function check and validates domain with Let's Encrypt
66

@@ -13,6 +13,7 @@
1313
user=$1
1414
domain=$2
1515
aliases=$3
16+
mail=$3
1617

1718
# LE API
1819
LE_API='https://acme-v02.api.letsencrypt.org'
@@ -54,26 +55,41 @@ query_le_v2() {
5455
# Verifications #
5556
#----------------------------------------------------------#
5657

57-
check_args '2' "$#" 'USER DOMAIN [ALIASES]'
58+
check_args '2' "$#" 'USER DOMAIN [ALIASES] [MAIL]'
5859
is_format_valid 'user' 'domain' 'aliases'
59-
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
6060
is_object_valid 'user' 'USER' "$user"
6161
is_object_unsuspended 'user' 'USER' "$user"
62-
is_object_valid 'web' 'DOMAIN' "$domain"
63-
is_object_unsuspended 'web' 'DOMAIN' "$domain"
64-
get_domain_values 'web'
65-
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
66-
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
67-
if [ -z "$check_alias" ]; then
68-
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
69-
fi
70-
done
62+
if [ -z "$mail" ]; then
63+
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
64+
is_object_valid 'web' 'DOMAIN' "$domain"
65+
is_object_unsuspended 'web' 'DOMAIN' "$domain"
66+
get_domain_values 'web'
67+
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
68+
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
69+
if [ -z "$check_alias" ]; then
70+
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
71+
fi
72+
done
73+
else
74+
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
75+
is_object_valid 'mail' 'DOMAIN' "$domain"
76+
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
77+
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$SSL'
78+
fi
79+
7180

7281

7382
#----------------------------------------------------------#
7483
# Action #
7584
#----------------------------------------------------------#
7685

86+
# Rework domain and alieses for mail.
87+
if [ ! -z "$mail" ]; then
88+
original_domain="mail.$domain"
89+
domain="mail.$domain"
90+
aliases="webmail.$domain,autodiscover.$domain"
91+
fi
92+
7793
# Registering LetsEncrypt user account
7894
$BIN/v-add-letsencrypt-user $user
7995
if [ "$?" -ne 0 ]; then
@@ -147,8 +163,8 @@ for auth in $authz; do
147163
check_result $? "DNS _acme-challenge record wasn't created"
148164
else
149165
if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
150-
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
151-
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
166+
conf="$HOMEDIR/$user/conf/web/$domain/nginx.conf_letsencrypt"
167+
sconf="$HOMEDIR/$user/conf/web/$domain/nginx.ssl.conf_letsencrypt"
152168
if [ ! -e "$conf" ]; then
153169
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
154170
> $conf
@@ -237,9 +253,15 @@ if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then
237253
fi
238254

239255
# Adding SSL
240-
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
241-
$BIN/v-delete-web-domain-ssl $user $domain > /dev/null 2>&1
242-
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
256+
if [ -z "$mail" ]; then
257+
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
258+
$BIN/v-delete-web-domain-ssl $user $domain > /dev/null 2>&1
259+
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
260+
else
261+
$BIN/v-delete-mail-domain-ssl $user $domain >/dev/null 2>&1
262+
$BIN/v-add-mail-domain-ssl $user $domain $ssl_dir
263+
fi
264+
243265
if [ "$?" -ne '0' ]; then
244266
touch $HESTIA/data/queue/letsencrypt.pipe
245267
sed -i "/ $domain /d" $HESTIA/data/queue/letsencrypt.pipe
@@ -256,11 +278,17 @@ if [ -z "$(grep v-update-lets $HESTIA/data/users/admin/cron.conf)" ]; then
256278
fi
257279

258280
# Updating letsencrypt key
259-
if [ -z "$LETSENCRYPT" ]; then
260-
add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER'
281+
if [ -z "$mail" ]; then
282+
if [ -z "$LETSENCRYPT" ]; then
283+
add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER'
284+
fi
285+
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
286+
else
287+
if [ -z "$LETSENCRYPT" ]; then
288+
add_object_key "mail" 'DOMAIN' "$original_domain" 'LETSENCRYPT'
289+
fi
290+
update_object_value 'mail' 'DOMAIN' "$original_domain" '$LETSENCRYPT' 'yes'
261291
fi
262-
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
263-
264292

265293
#----------------------------------------------------------#
266294
# Hestia #

bin/v-add-letsencrypt-mail-domain

Lines changed: 0 additions & 277 deletions
This file was deleted.

0 commit comments

Comments
 (0)