| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- #!/usr/bin/env bash
- source "${SNAP}/init"
- DOMAIN=`snapctl get domain`
- if [ "${DOMAIN}" != "--not-set" ]; then
- snapctl is-connected certs
- if [ $? -ne 0 ]; then
- logger "${SNAP_NAME} is disconnected (uuid: ${UUID})"
- logger "${SNAP_NAME} domain is set to '--not-set'"
- snapctl set domain="--not-set"
- exit 1
- fi
- CERT_MATCH_NAME="${UUID}_${DOMAIN}"
- readarray -d '' CERTIFICATES < <(find ${CERTS_DIR} -type f -name "*${CERT_MATCH_NAME}*" -print0)
- logger "`expr ${#CERTIFICATES[@]} / 4` available for ${CERT_MATCH_NAME}"
- if [ "${#CERTIFICATES[@]}" -ne 0 ]; then
- gpg_start_agent
- i=0
- for CERTIFICATE in "${CERTIFICATES[@]}"; do
- DEST="${SSL_DIR}/`basename "${CERTIFICATE}" ".gpg"`"
- ORIG=""
- if [ -f "${DEST}" ]; then
- ORIG="`cat "${DEST}"`"
- fi
- gpg --batch --yes --output "${DEST}" --decrypt "${CERTIFICATE}"
-
- DIFF=`echo "${ORIG}" | diff "${DEST}" -`
- RET=$?
- if [ "${RET}" -ne 0 ]; then
- echo "${ORIG}" > "${DEST}.backup"
- (( i = $i + 1 ))
- fi
- done
- if [ "${i}" -ne 0 ]; then
- logger "Certificates (${DOMAIN}) changed for ${SNAP_NAME}-${UUID}, restart"
- snapctl restart "${SNAP_NAME}.hass"
- fi
- gpg_close_agent
- fi
- else
- readarray -d '' CERTIFICATES < <(find ${CERTS_DIR} -type f -name "*${UUID}*" -print0)
- if [ "${#CERTIFICATES[@]}" -ne 0 ]; then
- logger "> `expr ${#CERTIFICATES[@]} / 4` available for ${SNAP_NAME} (uuid: ${UUID})"
- logger "> Consider setting your domain with 'sudo snap set ${SNAP_NAME} domain=\"domain.tld\"'"
- fi
- fi
|
