Changeset View
Changeset View
Standalone View
Standalone View
head/security/py-certbot/files/500.certbot.in
#!/bin/sh | #!/bin/sh | ||||
# | # | ||||
# $FreeBSD$ | # $FreeBSD$ | ||||
# | # | ||||
# Automatically renew Let's Encrypt certificates each week | # Automatically renew Let's Encrypt certificates each week | ||||
# | # | ||||
# Add the following lines to /etc/periodic.conf: | # Add the following lines to /etc/periodic.conf: | ||||
# | # | ||||
# weekly_certbot_enable (bool): Set to "NO" by default | # weekly_certbot_enable (bool): Set to "NO" by default | ||||
# weekly_certbot_service (str): If defined, certbot will try to | # weekly_certbot_service (str): If defined, certbot will try to shutdown this | ||||
# shutdown this this service before | # service before renewing the certificate, and restart it afterwards. | ||||
# renewing the certificate, and restart | # For example, set to "nginx" or "apache24". This is usually used to avoid | ||||
# it afterwards. For example, set to | # conflict with the standalone plugin webserver. | ||||
# "nginx" or "apache24" | # If any of pre_hook or post_hook is set, this behavior is disabled. | ||||
# weekly_certbot_pre_hook (str): Command to be run in a shell before obtaining | |||||
# any certificates. | |||||
# weekly_certbot_post_hook (str): Command to be run in a shell after | |||||
# attempting to obtain/renew certificates. | |||||
# An example to reload nginx after renewing all certificates. | |||||
# weekly_certbot_post_hook="service nginx onereload" | |||||
# weekly_certbot_deploy_hook (str): Command to be run in a shell once for each | |||||
# successfully issued certificate. | |||||
# weekly_certbot_custom_args (str): Any other misc arguments for the renewal | |||||
# See certbot -h renew for full list | |||||
# An example to force renewal for certificates not due yet | |||||
# weekly_certbot_custom_args="--force-renewal" | |||||
# If there is a global system configuration file, suck it in. | # If there is a global system configuration file, suck it in. | ||||
# | # | ||||
if [ -r /etc/defaults/periodic.conf ] | if [ -r /etc/defaults/periodic.conf ] | ||||
then | then | ||||
. /etc/defaults/periodic.conf | . /etc/defaults/periodic.conf | ||||
source_periodic_confs | source_periodic_confs | ||||
fi | fi | ||||
case "$weekly_certbot_enable" in | case "$weekly_certbot_enable" in | ||||
[Yy][Ee][Ss]) | [Yy][Ee][Ss]) | ||||
echo | echo | ||||
echo "Renewing Let's Encrypt certificates:" | echo "Renewing Let's Encrypt certificates:" | ||||
PRE_HOOK="" | PRE_HOOK="" | ||||
POST_HOOK="" | POST_HOOK="" | ||||
if [ -n "$weekly_certbot_service" ] | DEPLOY_HOOK="" | ||||
if [ -n "$weekly_certbot_service" ] && \ | |||||
[ -z "$weekly_certbot_pre_hook" ] && [ -z "$weekly_certbot_post_hook" ]; | |||||
then | then | ||||
if service "$weekly_certbot_service" onestatus | if service "$weekly_certbot_service" onestatus | ||||
then | then | ||||
PRE_HOOK="service $weekly_certbot_service onestop" | PRE_HOOK="--pre-hook 'service $weekly_certbot_service onestop'" | ||||
POST_HOOK="service $weekly_certbot_service onestart" | POST_HOOK="--post-hook 'service $weekly_certbot_service onestart'" | ||||
fi | fi | ||||
else | |||||
if [ -n "$weekly_certbot_pre_hook" ]; then | |||||
PRE_HOOK="--pre-hook '$weekly_certbot_pre_hook'" | |||||
fi | fi | ||||
if [ -n "$weekly_certbot_post_hook" ]; then | |||||
POST_HOOK="--post-hook '$weekly_certbot_post_hook'" | |||||
fi | |||||
fi | |||||
if [ -n "$weekly_certbot_deploy_hook" ]; then | |||||
DEPLOY_HOOK="--deploy-hook '$weekly_certbot_deploy_hook'" | |||||
fi | |||||
anticongestion | anticongestion | ||||
if %%LOCALBASE%%/bin/certbot-%%PYTHON_VER%% renew --pre-hook "$PRE_HOOK" \ | |||||
--post-hook "$POST_HOOK" \ | eval %%LOCALBASE%%/bin/certbot-%%PYTHON_VER%% renew "$PRE_HOOK" "$POST_HOOK" \ | ||||
--no-random-sleep-on-renew | "$DEPLOY_HOOK" "$weekly_certbot_custom_args" --no-random-sleep-on-renew | ||||
if [ $? -gt 0 ] | |||||
then | then | ||||
rc=0 | echo | ||||
echo "Errors were reported when renewing Let's Encrypt certificate(s)." | |||||
rc=3 | |||||
else | else | ||||
rc=1 | rc=0 | ||||
fi | fi | ||||
;; | ;; | ||||
*) rc=0;; | *) rc=0;; | ||||
esac | esac | ||||
exit $rc | exit $rc |