Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
N
neutrinet_ynh
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
2
Issues
2
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Neutrinet
neutrinet_ynh
Commits
e81d374c
Commit
e81d374c
authored
May 03, 2020
by
HgO
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'stable' of
ssh://gitlab.domainepublic.net:3265/Neutrinet/neutrinet_ynh
into unstable
parents
e84949fc
c5e0d9c0
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
10 additions
and
29 deletions
+10
-29
manifest.json
manifest.json
+1
-1
scripts/install
scripts/install
+2
-2
scripts/renew_cert_cron.sh
scripts/renew_cert_cron.sh
+4
-24
scripts/upgrade
scripts/upgrade
+3
-2
No files found.
manifest.json
View file @
e81d374c
...
...
@@ -5,7 +5,7 @@
"en"
:
"Auto renewal for the Neutrinet vpn-certificates"
,
"fr"
:
"Renouvellement automatique des certificats vpn Neutrinet"
},
"version"
:
"0.3.
0~ynh5
"
,
"version"
:
"0.3.
1~ynh1
"
,
"license"
:
"GPL-3+"
,
"maintainer"
:
{
"name"
:
"ilja"
,
...
...
scripts/install
View file @
e81d374c
...
...
@@ -110,7 +110,7 @@ ynh_systemd_action nginx reload
# INSTALL RENEW CERT
#=================================================
renew_cert_repo
=
"https://git
hub.com/neutrinet/renew_cer
t"
renew_cert_repo
=
"https://git
lab.domainepublic.net/Neutrinet/renew_cert.gi
t"
renew_cert_version
=
$(
jq .version ../manifest.json
-r
-e
|
cut
-d
'~'
-f
1
)
renew_cert_path
=
"
$opt_path
/renew_cert"
renew_cert_cron_script
=
"renew_cert_cron.sh"
...
...
@@ -139,7 +139,7 @@ ynh_script_progression "Setting up cron job for certificate renewal…"
cat
<<
EOF
> /etc/cron.daily/
$app
-renew-cert
#!/bin/bash
cd
$renew_cert_path
$renew_cert_path
/
$renew_cert_cron_script
$renew_cert_path
/
$renew_cert_cron_script
-q
EOF
chown
root:root /etc/cron.daily/
$app
-renew-cert
...
...
scripts/renew_cert_cron.sh
View file @
e81d374c
...
...
@@ -26,14 +26,6 @@ then
fi
RENEW_CERT_SCRIPT
=
"
${
RENEW_CERT_PATH
}
/renew.py"
DEBUG
=
false
while
getopts
"v"
opt
do
case
$opt
in
v
)
DEBUG
=
true
;;
esac
done
if
[[
-f
$OPENVPN_CREDENTIALS_FILE
]]
then
credentials_file
=
$OPENVPN_CREDENTIALS_FILE
...
...
@@ -50,30 +42,17 @@ password=$(tail -n 1 "$credentials_file")
run_date
=
$(
date
+
'%Y-%m-%d_%H:%M:%S'
)
renew_dir
=
"certs_
$run_date
"
renew_params
=
"
$@
"
if
$DEBUG
then
$RENEW_CERT_PYTHON
$RENEW_CERT_SCRIPT
"
$login
"
-p
"
$password
"
-c
"
$OPENVPN_USER_CERT
"
-d
"
$renew_dir
"
-v
else
# Keep the logs for later. We will print them only if the certificates are being renewed.
renew_cert_logs
=
$(
$RENEW_CERT_PYTHON
$RENEW_CERT_SCRIPT
"
$login
"
-p
"
$password
"
-c
"
$OPENVPN_USER_CERT
"
-d
"
$renew_dir
"
)
fi
$RENEW_CERT_PYTHON
$RENEW_CERT_SCRIPT
"
$login
"
-p
"
$password
"
-c
"
$OPENVPN_USER_CERT
"
-d
"
$renew_dir
"
$renew_params
if
[[
!
-d
$renew_dir
||
!
-f
$renew_dir
/ca.crt
||
!
-f
$renew_dir
/client.crt
||
!
-f
$renew_dir
/client.key
]]
then
if
$DEBUG
then
echo
"Cleaning
$renew_dir
directory."
fi
rm
-rf
"
$renew_dir
"
exit
0
fi
if
[[
-n
$renew_cert_logs
]]
then
echo
"
$renew_cert_logs
"
fi
echo
"VPN certificate renewed!"
echo
"Saving old OpenVPN config"
cp
-r
$OPENVPN_CONF_DIR
{
,.old_
${
run_date
}
}
...
...
@@ -87,6 +66,7 @@ cp "$renew_dir/client.key" "$OPENVPN_USER_KEY"
echo
"Adding user credentials"
echo
-e
"
$login
\n
$password
"
>
"
$OPENVPN_CREDENTIALS_FILE
"
chmod
0600
"
$OPENVPN_CREDENTIALS_FILE
"
echo
"Updating VPNClient config"
yunohost app setting vpnclient server_name
-v
"vpn.neutrinet.be"
...
...
scripts/upgrade
View file @
e81d374c
...
...
@@ -143,7 +143,7 @@ ynh_systemd_action nginx reload
ynh_script_progression
"Installing automatic VPN certificate renewal..."
renew_cert_repo
=
"https://git
hub.com/neutrinet/renew_cer
t"
renew_cert_repo
=
"https://git
lab.domainepublic.net/Neutrinet/renew_cert.gi
t"
renew_cert_version
=
$(
jq .version ../manifest.json
-r
-e
|
cut
-d
'~'
-f
1
)
renew_cert_path
=
"
$opt_path
/renew_cert"
renew_cert_cron_script
=
"renew_cert_cron.sh"
...
...
@@ -151,6 +151,7 @@ renew_cert_cron_script="renew_cert_cron.sh"
if
[[
!
-e
$renew_cert_path
]]
;
then
git clone
$renew_cert_repo
$renew_cert_path
else
git
-C
$renew_cert_path
remote set-url origin
$renew_cert_repo
git
-C
$renew_cert_path
fetch
-t
fi
...
...
@@ -175,7 +176,7 @@ ynh_script_progression "Setting up cron job for renewal..."
cat
<<
EOF
> /etc/cron.daily/
$app
-renew-cert
#!/bin/bash
cd
$renew_cert_path
$renew_cert_path
/
$renew_cert_cron_script
$renew_cert_path
/
$renew_cert_cron_script
-q
EOF
chown
root:root /etc/cron.daily/
$app
-renew-cert
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment