Ajout du script de hook pour certbot

2020-04-22 00:42:09 +02:00 · 2020-04-22 00:42:09 +02:00 · 43b5624501
commit 43b5624501
parent 99741356a2
1 changed files with 49 additions and 0 deletions
--- a/ssl/certbot-hook.sh
+++ b/ssl/certbot-hook.sh
@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# certbot certonly --agree-tos -m myname@mydomain.com --webroot -w /opt/certbot-webroot/data --deploy-hook "/etc/letsencrypt/certbot-hook.sh" -d mydomain.com -d www.mydomain.com
+#
+
+LANG=fr_FR.UTF-8
+TO_EMAIL="myname@mydomain.com" # Email address
+FROM_EMAIL="no-reply@mydomain.com"
+FROM_NAME="Certbot - `hostname`"
+SUBJECT="Renouvellement de certificat"
+
+
+#KOPANO-GATEWAY
+KOPANO_CERT=/etc/kopano/gateway/cert.pem
+KOPANO_CERT_KEY=/etc/kopano/gateway/privkey.pem
+cp "${RENEWED_LINEAGE}/fullchain.pem" "${KOPANO_CERT}"
+cp "${RENEWED_LINEAGE}/privkey.pem" "${KOPANO_CERT_KEY}"
+chmod 600 "${KOPANO_CERT_KEY}"
+chown kopano:kopano "${KOPANO_CERT}" "${KOPANO_CERT_KEY}"
+systemctl reload kopano-gateway.service
+
+#POSTFIX
+POSTFIX_CERT=/etc/postfix/ssl/cert.pem
+POSTFIX_CERT_KEY=/etc/postfix/ssl/privkey.pem
+cp "${RENEWED_LINEAGE}/fullchain.pem" "${POSTFIX_CERT}"
+cp "${RENEWED_LINEAGE}/privkey.pem" "${POSTFIX_CERT_KEY}"
+chmod 600 "${POSTFIX_CERT_KEY}"
+chown postfix:postfix "${POSTFIX_CERT}" "${POSTFIX_CERT_KEY}"
+systemctl reload postfix.service
+
+
+if [ ! -z "${TO_EMAIL}" ] ; then
+	for i in ${TO_EMAIL} ; do
+	        /usr/sbin/sendmail -i -- ${i} << END
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+Subject: =?UTF-8?Q?${SUBJECT}?=
+From: ${FROM_NAME} <${FROM_EMAIL}>
+To: ${i}
+
+Le(s) certificat(s) suivant(s) viennent d'être renouvelé :
+${RENEWED_DOMAINS}
+
+--
+Certbot
+END
+	done
+fi