]> WPIA git - infra.git/blobdiff - commands
projects / infra.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add: motion system from source
[infra.git] / commands
diff --git a/commands b/commands
index 0a6251443aad257108e76413af937c4d142a7c8e..aa2f8087a93a4f1fb5775e9eabf4b7f59f1dbcea 100755 (executable)
--- a/commands
+++ b/commands
@@ -1,22 +1,26 @@
 #!/bin/bash
 com="$SSH_ORIGINAL_COMMAND"
-if [[ "$UID" == 0 ]]; then
+if [[ $UID == 0 ]]; then
     echo "Run script as non-root-user"
     exit
 fi
-if [[ "$com" == "ask quiz certs" ]]; then
+if [[ $com == "update certs" || $com == "force update certs" ]]; then
+    force=false
+    if [[ $com == "force update certs" ]]; then
+        force=true
+    fi
     folder=$(mktemp -d)
     # In argument 1 is the path of the certificates to update: $1.crt and $1.key
     function update_cert {
         name=$1
-        if [[ -f $name.crt ]] && openssl x509 -checkend $((365*24*60*60)) -in $name.crt > /dev/null; then
+        if [[ -f $name.crt ]] && openssl x509 -checkend $((365*24*60*60)) -in $name.crt > /dev/null && ! $force; then
             echo "SKIP $name"
         else
             echo "ISSUE $name"
             openssl req -newkey rsa:4096 -subj "/CN=will-be-ignored" -nodes -out $folder/web.req -keyout $folder/web.key 2>/dev/null
             cat $folder/web.req
             read -r response
-            if [[ "$response" == "SUCCESS" ]]; then
+            if [[ $response == "SUCCESS" ]]; then
                 # read certificate count
                 read -r len
                 printf '' > $folder/web.crt
@@ -46,17 +50,18 @@ if [[ "$com" == "ask quiz certs" ]]; then
     update_cert "modules/gigi/files/gigi"
     update_cert "modules/gigi/files/client"
     update_cert "modules/gitweb/files/web"
+    update_cert "modules/motion/files/motion"
     echo "DONE"
     [[ -f $folder/web.crt ]] && rm $folder/web.crt
     [[ -f $folder/web.req ]] && rm $folder/web.req
     [[ -f $folder/web.key ]] && rm $folder/web.key
     rmdir $folder
-elif [[ "$com" == "reload quiz certs" ]]; then
+elif [[ $com == "reload certs" ]]; then
     sudo puppet apply /etc/puppet/code/environments/production/manifests --verbose
-    sudo lxc-attach -n front-nginx -- puppet agent --verbose --test
-    sudo lxc-attach -n quiz -- puppet agent --verbose --test
-    sudo lxc-attach -n gigi -- puppet agent --verbose --test
-elif [[ "$com" == "update crls" ]]; then
+    sudo lxc-attach -n front-nginx -- puppet agent --verbose --onetime --no-daemonize
+    sudo lxc-attach -n quiz -- puppet agent --verbose --onetime --no-daemonize
+    sudo lxc-attach -n gigi -- puppet agent --verbose --onetime --no-daemonize
+elif [[ $com == "update crls" ]]; then
     if ! tar xv -C /data/crl; then
         echo "requiring tar"
         exit;
WPIA Technical Infrastructure