|
|
@@ -0,0 +1,51 @@
|
|
|
+
|
|
|
+
|
|
|
+git_dir="pki"
|
|
|
+branch="100883"
|
|
|
+
|
|
|
+
|
|
|
+function mail_send {
|
|
|
+ echo "${message}"|mail -s "Attention! Certificate status!" \
|
|
|
+ -S smtp=${SMTP_SERVER} \
|
|
|
+ -S smtp-use-starttls \
|
|
|
+ -S smtp-auth=login \
|
|
|
+ -S ssl-verify=ignore \
|
|
|
+ -S smtp-auth-user=${JENKINS_MAIL_USER} \
|
|
|
+ -S smtp-auth-password=$(cat /run/secrets/jenkins-mail-pass) \
|
|
|
+ -S nss-config-dir=/etc/pki/nssdb \
|
|
|
+ -S from=${JENKINS_MAIL_USER} \
|
|
|
+ ${RECIPIENT_MAIL_BOX}
|
|
|
+}
|
|
|
+
|
|
|
+function git_config {
|
|
|
+ cd /${git_dir}
|
|
|
+ git config --global user.email "${JENKINS_MAIL_USER}"
|
|
|
+ git config --global user.name "Jenkins"
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+if [ -d /${git_dir} ]
|
|
|
+then
|
|
|
+ git_config && git checkout ${branch} && git pull https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL}
|
|
|
+ if [ $? -ne 0 ];then message="letsencrypt. Can't pull https://${GIT_URL}"; mail_send; exit 1;fi
|
|
|
+else
|
|
|
+ cd / && git clone https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL} && cd /${git_dir} && git checkout ${branch}
|
|
|
+ if [ $? -ne 0 ];then message="letsencrypt. Can't clone https://${GIT_URL}"; mail_send; exit 1;fi
|
|
|
+fi
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+certbot renew --config-dir /pki/letsencrypt
|
|
|
+if [ $? -ne 0 ];then message="letsencrypt. Can't execute "dry-run" for $(echo $*). Generate cert and key will be skipped!!!"; mail_send; exit 1;fi
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+echo "Generate new key and cert for $(echo $*)" > /tmp/commit.txt
|
|
|
+git_config && git add -A && git commit -F /tmp/commit.txt
|
|
|
+git push https://${GIT_USER}:$(cat /run/secrets/provision-pass)@${GIT_URL} ${branch}
|
|
|
+if [ $? -ne 0 ];then message="letsencrypt. Can't push diff to https://${GIT_URL} !!!"; mail_send; exit 1;fi
|
|
|
+
|
|
|
+message="letsencrypt. Certs for domain $(echo $*) is generated!!!"
|
|
|
+mail_send
|
