Add certsync role

2017-02-18 14:18:39 +01:00 · 2017-02-18 14:18:39 +01:00 · ba5a82e1ac
commit ba5a82e1ac
parent 4958014991
4 changed files with 50 additions and 0 deletions
--- a/roles/certsync/templates/certsync.j2
+++ b/roles/certsync/templates/certsync.j2
@ -0,0 +1,20 @@
+#!/bin/bash
+
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+CERT_DIR="{{ certsync_dir }}"
+
+if [ ! -d $CERT_DIR ]; then
+  mkdir -p $CERT_DIR
+  chown root.root $CERT_DIR
+  chmod 750 $CERT_DIR
+fi
+
+sftp -q -i {{ certsync_key }} certsync@{{ certsync_host }}:* "$CERT_DIR/" > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+  echo "Error getting certificates"
+  exit 1
+fi
+chown root.root $CERT_DIR/*
+chmod 440 $CERT_DIR/*
+
+service nginx reload > /dev/null