From a7cef49e4b8594c1ed0c5bf40fcff8a712e015dc Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 8 Oct 2020 14:19:52 +0200 Subject: [PATCH] Cleanup after failed ssl request --- AppendCMS.sh | 7 +++++-- Scripts/EnableSSL.sh | 2 ++ installer.sh | 18 ++++++++++++------ 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index d8cf196..d4ce7e8 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -229,6 +229,7 @@ msg " Setting up SSL" site_ext="ssl" else site_ext="nossl" + rm -rf /etc/acmesh/certs/$domain* fi unset certsatus if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/ssl-handler.sh; then @@ -238,8 +239,10 @@ elif [ $sslenable = 0 ]; then site_ext=nossl fi -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-$domain.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$sitename'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh +if [ $site_ext = nossl ]; then + curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-$domain.sh + sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$sitename'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh +fi msg " Running conf for CMS" if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/conf.sh; then diff --git a/Scripts/EnableSSL.sh b/Scripts/EnableSSL.sh index ee070e4..12895dc 100644 --- a/Scripts/EnableSSL.sh +++ b/Scripts/EnableSSL.sh @@ -38,6 +38,8 @@ then site_ext="ssl" else site_ext="nossl" + rm -rf /etc/acmesh/certs/$domain* + echo "LE failed, restoring configuration" fi unset certsatus diff --git a/installer.sh b/installer.sh index 8f91dff..c9887fb 100644 --- a/installer.sh +++ b/installer.sh @@ -641,6 +641,7 @@ if [ $sslenable = 1 ]; then site_ext="ssl" else site_ext="nossl" + rm -rf /etc/acmesh/certs/$domain* fi unset certsatus /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --issue --"$certwebserv" --ocsp --keylength 'ec-384' -d "$hostname" @@ -651,21 +652,26 @@ if [ $sslenable = 1 ]; then siteBackend_ext="ssl" else siteBackend_ext="nossl" + rm -rf /etc/acmesh/certs/$hostname* fi if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/ssl-handler.sh; then sslfr=1 source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/ssl-handler.sh) fi elif [ $sslenable = 0 ]; then site_ext=nossl - siteBackend_ext="nossl" + siteBackend_ext=nossl fi -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-$domain.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$sitename'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh +if [ $site_ext = nossl ]; then + curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-$domain.sh + sed -i -e 's/DOMAINname/'$domain'/' -e 's/CONFname/'$sitename'/' -e 's/DomainWWW/'$domainwww'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-$domain.sh +fi -if [ -z $disbackendcms ]; then -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-Backend.sh -sed -i -e 's/DOMAINname/'$hostname'/' -e 's/CONFname/'Backend'/' -e 's/DomainWWW/'0'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-Backend.sh +if [ $siteBackend_ext = nossl ]; then + if [ -z $disbackendcms ]; then + curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/EnableSSL.sh -o ~/activateSSL-Backend.sh + sed -i -e 's/DOMAINname/'$hostname'/' -e 's/CONFname/'Backend'/' -e 's/DomainWWW/'0'/' -e 's/Email/'$email'/' -e 's/WebServer/'$webserv'/' ~/activateSSL-Backend.sh + fi fi msg " Configuring CMS"