diff --git a/provision/letsencrypt.sh b/provision/letsencrypt.sh index 151a785a..64e0df2e 100755 --- a/provision/letsencrypt.sh +++ b/provision/letsencrypt.sh @@ -368,7 +368,7 @@ mailtoaster_deploy() { for _target in haraka haproxy dovecot webmail do echo "deploying $_target" - . "/root/.acme.sh/deploy/$_target" + . "~root/.acme.sh/deploy/$_target" ${_target}_deploy $* || return 2 done @@ -456,7 +456,7 @@ EO_LE_WEBMAIL install_deploy_scripts() { tell_status "installing deployment scripts" - export _deploy="/root/.acme.sh/deploy" + export _deploy="~root/.acme.sh/deploy" install_deploy_haproxy install_deploy_dovecot @@ -468,13 +468,18 @@ install_deploy_scripts() update_haproxy_ssld() { + if [ ! -d $ZFS_DATA_MNT/haproxy" ]; then + # haproxy not installed, nothing to do + return + fi + local _haconf="$ZFS_DATA_MNT/haproxy/etc/haproxy.conf" if ! grep -q 'ssl crt /etc' "$_haconf"; then # already updated return fi - tell_status "switching haproxy TLS cert dir to /data/ssl.d" + tell_status "switching haproxy TLS cert dir to /data/etc/tls.d" sed -i.bak \ -e 's!ssl crt /etc.*!ssl crt /data/etc/tls.d!' \ "$_haconf" @@ -487,13 +492,12 @@ configure_letsencrypt() tell_status "configuring acme.sh" local _HTTPDIR="$ZFS_DATA_MNT/webmail/htdocs" - local _acme="/root/.acme.sh/acme.sh" - $_acme --set-default-ca --server letsencrypt + acme.sh --set-default-ca --server letsencrypt - if $_acme --issue --force -d "$TOASTER_HOSTNAME" -w "$_HTTPDIR"; then + if acme.sh --issue --force -d "$TOASTER_HOSTNAME" -w "$_HTTPDIR"; then update_haproxy_ssld - $_acme --deploy -d "$TOASTER_HOSTNAME" --deploy-hook mailtoaster + acme.sh --deploy -d "$TOASTER_HOSTNAME" --deploy-hook mailtoaster else tell_status "TLS Certificate Issue failed" exit 1 @@ -502,11 +506,6 @@ configure_letsencrypt() test_letsencrypt() { - if [ ! -f "~root/.acme.sh/acme.sh" ]; then - echo "not installed!" - exit - fi - echo "it worked" }