- ajout du cas proxmox pour la gestion des certificats
This commit is contained in:
parent
b98528e416
commit
ec375078f4
|
|
@ -12,8 +12,7 @@ check_deb_status() {
|
|||
esac
|
||||
}
|
||||
|
||||
update_cron_marker()
|
||||
{
|
||||
update_cron_marker(){
|
||||
# ------------------------------------------------------------------
|
||||
# Installation du cron
|
||||
# ------------------------------------------------------------------
|
||||
|
|
@ -566,7 +565,7 @@ do_deb_sys_cert_install(){
|
|||
local ca_ip wildcard_domain ca_url ca_fingerprint base_domain marker root_crt input_ip step_path \
|
||||
system_target inter_target cert_group load_state unit svc_user current_group \
|
||||
cert_dir cert_crt cert_key cert_key cert_pfx pfx_cmd pfx_input step_bin renew_cmd restart_cmd="" \
|
||||
unit full_command cert_fullchain
|
||||
unit full_command cert_fullchain proxmox_cmd
|
||||
|
||||
# Fichiers de certificats
|
||||
cert_dir="${CONFIG_DEB_INSTALL_DEFAULT_CA_INSTALL_PATH}"
|
||||
|
|
@ -864,11 +863,18 @@ do_deb_sys_cert_install(){
|
|||
# Commande complète du cron
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
# ajout du certificat à proxmox
|
||||
proxmox_cmd='(command -v pvenode >/dev/null && pvenode cert set "'$cert_crt'" "'$cert_key'" --force 1 || true)'
|
||||
if eval "$proxmox_cmd"; then
|
||||
msg_info "Vérification proxmox effectuée"
|
||||
fi
|
||||
|
||||
full_command="$renew_cmd >> /var/log/cert-renew.log 2>&1 \
|
||||
&& $pfx_cmd \
|
||||
&& chown root:\"$current_group\" \"$cert_key\" \"$cert_crt\" \
|
||||
&& chmod 640 \"$cert_key\" \
|
||||
&& chmod 644 \"$cert_crt\""
|
||||
&& chmod 644 \"$cert_crt\" \
|
||||
&& $proxmox_cmd"
|
||||
|
||||
if [[ -n "$restart_cmd" ]]; then
|
||||
full_command+=" && $restart_cmd"
|
||||
|
|
@ -881,18 +887,6 @@ do_deb_sys_cert_install(){
|
|||
|
||||
update_cron_marker "$CONFIG_DEB_INSTALL_DEFAULT_CA_CRON" "0 0 1 * * $full_command"
|
||||
|
||||
# ------------------------------------------------------------------
|
||||
# Exécution immédiate de la génération du PFX
|
||||
# ------------------------------------------------------------------
|
||||
#if eval "$pfx_cmd"; then
|
||||
# chown root:"$current_group" "$cert_key" "$cert_crt"
|
||||
# chmod 640 "$cert_key"
|
||||
# chmod 644 "$cert_crt"
|
||||
# msg_success "Fichier PFX généré avec succès."
|
||||
#else
|
||||
# msg_error "Échec de la génération du fichier PFX."
|
||||
#fi
|
||||
|
||||
# ------------------------------------------------------------------
|
||||
# Redémarrage final (sécurité)
|
||||
# ------------------------------------------------------------------
|
||||
|
|
|
|||
Loading…
Reference in New Issue