mirror of
https://github.com/EDCD/EDDN.git
synced 2025-04-26 13:12:13 +03:00
36 lines
1.4 KiB
Bash
36 lines
1.4 KiB
Bash
###########################################################################
|
|
# Copy a certificate's files into place, with appropriate ownership and
|
|
# mode.
|
|
#
|
|
# $1 - Name of certificate (i.e. letsencrypt directory names).
|
|
# $2 - Source Directory
|
|
# $3 - Destination filename for fullchain.pem
|
|
# $4 - Destination filename for privkey.pem
|
|
# $5 - File ownership to set (user:group)
|
|
# $6 - File mode to set (as passed to 'chmod')
|
|
###########################################################################
|
|
copy_cert() {
|
|
CERT_NAME="$1"
|
|
SRC_DIR="$2"
|
|
DST_FILE_FULLCHAIN="$3"
|
|
DST_FILE_PRIVKEY="$4"
|
|
CERT_NEW_OWNER="$5"
|
|
CERT_NEW_PERMS="$6"
|
|
|
|
echo "${CERT_NAME}: Copying new files into place..."
|
|
|
|
# Preserve only the mode as it should be 0600, and thus we won't
|
|
# temporarily open up the files for *all* users to read,
|
|
# BUT don't preserve the timestamp as we want it to be 'now' so
|
|
# that a `find ... -newer <this file>` check works later.
|
|
cp -v --preserve=mode ${SRC_DIR}/fullchain.pem ${DST_FILE_FULLCHAIN}
|
|
cp -v --preserve=mode ${SRC_DIR}/privkey.pem ${DST_FILE_PRIVKEY}
|
|
chown -v ${CERT_NEW_OWNER} ${DST_FILE_FULLCHAIN} ${DST_FILE_PRIVKEY}
|
|
chmod -v ${CERT_NEW_PERMS} ${DST_FILE_FULLCHAIN} ${DST_FILE_PRIVKEY}
|
|
|
|
echo "${CERT_NAME}: Copying new files into place DONE"
|
|
}
|
|
###########################################################################
|
|
|
|
# vim: :set filetype=sh tabstop=2 shiftwidth=2 expandtab wrapmargin=0 textwidth=0
|