hook.sh

[root@fusion ~]# cat /etc/dehydrated/hook.sh

#!/usr/bin/env bash

# https://github.com/lukas2511/dehydrated/blob/master/docs/examples/hook.sh

set -eu -o pipefail

NSUPDATE="nsupdate -k /root/.secrets/Kfusion.+165+59352.private"

DNSSERVER="ns1.mydomain.com"

TTL=300

deploy_challenge() {

local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}"

printf "server %s\nupdate add _acme-challenge.%s. %d in TXT \"%s\"\nsend\n" "${DNSSERVER}" "${1}" "${TTL}" "${3}" | $NSUPDATE

sleep 5

nslookup -q=txt _acme-challenge.${1}

}

clean_challenge() {

local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}"

printf "server %s\nupdate delete _acme-challenge.%s. %d in TXT \"%s\"\nsend\n" "${DNSSERVER}" "${1}" "${TTL}" "${3}" | $NSUPDATE

}

deploy_cert() {

local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}"

local ALLFILE=$(dirname ${2})-${TIMESTAMP}.pem

cat ${FULLCHAINFILE} > ${ALLFILE}

cat ${KEYFILE} >> ${ALLFILE}

cat ${CHAINFILE} >> ${ALLFILE}

install -o freeswitch -g daemon -m 0600 ${ALLFILE} /etc/freeswitch/tls/all.pem

install -o freeswitch -g daemon -m 0600 ${CERTFILE} /etc/freeswitch/tls/cert.pem

install -o freeswitch -g daemon -m 0600 ${CHAINFILE} /etc/freeswitch/tls/chain.pem

install -o freeswitch -g daemon -m 0600 ${FULLCHAINFILE} /etc/freeswitch/tls/fullchain.pem

install -o freeswitch -g daemon -m 0600 ${KEYFILE} /etc/freeswitch/tls/privkey.pem

/usr/sbin/nginx -t && /usr/sbin/nginx -s reload

for dst in agent tls wss dtls-srtp ; do

ln -sf /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/${dst}.pem

done

}

unchanged_cert() {

local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}"

echo ""

echo "unchanged_cert()"

echo ""

}

invalid_challenge() {

local DOMAIN="${1}" RESPONSE="${2}"

echo ""

echo "invalid_challenge()"

echo "${1}"

echo "${2}"

echo ""

}

request_failure() {

local STATUSCODE="${1}" REASON="${2}" REQTYPE="${3}"

echo ""

echo "request_failure()"

echo "${1}"

echo "${2}"

echo "${3}"

echo ""

}

exit_hook() {

find /etc/dehydrated/certs/ -mtime +120 -exec rm {} \;

echo ""

echo "done"

echo ""

}

HANDLER="$1"; shift

if [[ "${HANDLER}" =~ ^(deploy_challenge|clean_challenge|deploy_cert|unchanged_cert|invalid_challenge|request_failure|exit_hook)$ ]]; then

"$HANDLER" "$@"

fi

Author

Title

Language

Your paste - Paste your paste here

[root@fusion ~]# cat /etc/dehydrated/hook.sh
#!/usr/bin/env bash
# https://github.com/lukas2511/dehydrated/blob/master/docs/examples/hook.sh

set -eu -o pipefail

NSUPDATE="nsupdate -k /root/.secrets/Kfusion.+165+59352.private"
DNSSERVER="ns1.mydomain.com"
TTL=300

deploy_challenge() {
                local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}"
                printf "server %s\nupdate add _acme-challenge.%s. %d in TXT \"%s\"\nsend\n" "${DNSSERVER}" "${1}" "${TTL}" "${3}" | $NSUPDATE
                sleep 5
                nslookup -q=txt _acme-challenge.${1}

}

clean_challenge() {
                local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}"
                printf "server %s\nupdate delete _acme-challenge.%s. %d in TXT \"%s\"\nsend\n" "${DNSSERVER}" "${1}" "${TTL}" "${3}" | $NSUPDATE
}

deploy_cert() {
                local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}"
                local ALLFILE=$(dirname ${2})-${TIMESTAMP}.pem
                cat ${FULLCHAINFILE}  > ${ALLFILE}
                cat ${KEYFILE}       >> ${ALLFILE}
                cat ${CHAINFILE}     >> ${ALLFILE}
                install -o freeswitch -g daemon -m 0600 ${ALLFILE} /etc/freeswitch/tls/all.pem
                install -o freeswitch -g daemon -m 0600 ${CERTFILE} /etc/freeswitch/tls/cert.pem
                install -o freeswitch -g daemon -m 0600 ${CHAINFILE} /etc/freeswitch/tls/chain.pem
                install -o freeswitch -g daemon -m 0600 ${FULLCHAINFILE} /etc/freeswitch/tls/fullchain.pem
                install -o freeswitch -g daemon -m 0600 ${KEYFILE} /etc/freeswitch/tls/privkey.pem
                /usr/sbin/nginx -t && /usr/sbin/nginx -s reload
                for dst in agent tls wss dtls-srtp ; do
                        ln -sf /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/${dst}.pem
                done

}

unchanged_cert() {
    local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}"
                echo ""
                echo "unchanged_cert()"
                echo ""
}

invalid_challenge() {
    local DOMAIN="${1}" RESPONSE="${2}"
                echo ""
                echo "invalid_challenge()"
                echo "${1}"
                echo "${2}"
                echo ""
}

request_failure() {
    local STATUSCODE="${1}" REASON="${2}" REQTYPE="${3}"
                echo ""
                echo "request_failure()"
                echo "${1}"
                echo "${2}"
                echo "${3}"
                echo ""
}

exit_hook() {
        find /etc/dehydrated/certs/ -mtime +120 -exec rm {} \;
                echo ""
                echo "done"
                echo ""
}

HANDLER="$1"; shift
if [[ "${HANDLER}" =~ ^(deploy_challenge|clean_challenge|deploy_cert|unchanged_cert|invalid_challenge|request_failure|exit_hook)$ ]]; then
  "$HANDLER" "$@"
fi

Create Shorturl - Create a shorter url that redirects to your paste?

Private - Private paste aren't shown in recent listings.

Delete After - When should we delete your paste?

Spam protection - Type in the letters

Reply to "hook.sh"