dehydrated/hook.sh



#!/bin/sh

set -e

ACTION=$1; shift

REALM=$(cat /etc/local-ORG/realm)

# resolve hostnames of service installed and registered with Redpill
servicehosts() {
    SERVICE=$1; shift
    for binary in "$@"; do
        which -- "$binary" || exit
    done
    cat "/etc/local-REDPILL/$REALM/${SERVICE}host" \
      "/etc/local-REDPILL/$REALM/${SERVICE}althosts" \
      2> /dev/null \
      | perl -0777 -pe 's/\s*\#.*//gm;s/^\s+//;s/\s+$//;s/\s+/|/g'
}
MAILHOSTS=$(servicehosts mail postconf)
MAILHOSTS=$(servicehosts chat ejabberdctl)

case "$ACTION" in
  deploy_challenge) ;;
  clean_challenge) ;;
#  deploy_cert)
  deploy_cert|unchanged_cert)
    DOMAIN="$1"; KEYFILE="$2"; FULLCHAINFILE="$4"
    case "$DOMAIN" in
      "$MAILHOSTS")
        cat "$FULLCHAINFILE" > "/etc/dovecot/$DOMAIN.pem"
        sg dovecot -c "umask 027; cat '$KEYFILE' > '/etc/dovecot/private/$DOMAIN.pem'"
        #service dovecot force-reload
        ;;
      "$CHATHOSTS")
        sg ejabberd -c "umask 027; cat '$KEYFILE' '$FULLCHAINFILE' > '/etc/ejabberd/$DOMAIN.pem'"
        #service ejabberd force-reload
        ;;
    esac
    ;;
  unchanged_cert) ;;
  *)
    >&2 echo "ERROR: unsupported action \"$ACTION\""
    exit 1
    ;;
esac