From 714ed2ba7738acb39de67c7b2cb7800d9a9a4471 Mon Sep 17 00:00:00 2001 From: HgO Date: Tue, 21 Apr 2020 12:42:52 +0200 Subject: [PATCH 1/5] Hotfix renew-cert CN certificates --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index 2f37189..7a2f9ef 100644 --- a/manifest.json +++ b/manifest.json @@ -5,7 +5,7 @@ "en": "Auto renewal for the Neutrinet vpn-certificates", "fr": "Renouvellement automatique des certificats vpn Neutrinet" }, - "version": "0.3.0~ynh4", + "version": "fix/correct-cn-certificates~ynh1", "license": "GPL-3+", "maintainer": { "name": "ilja", -- GitLab From c120c6624788259dc0693f0a6e8730e412f08c62 Mon Sep 17 00:00:00 2001 From: HgO Date: Sun, 26 Apr 2020 00:24:20 +0200 Subject: [PATCH 2/5] remove debug flag; forward all cron script params to renew script --- scripts/install | 2 +- scripts/renew_cert_cron.sh | 28 ++++------------------------ scripts/upgrade | 2 +- 3 files changed, 6 insertions(+), 26 deletions(-) diff --git a/scripts/install b/scripts/install index 13b6ce2..a117ace 100644 --- a/scripts/install +++ b/scripts/install @@ -139,7 +139,7 @@ ynh_script_progression "Setting up cron job for certificate renewal…" cat < /etc/cron.daily/$app-renew-cert #!/bin/bash cd $renew_cert_path -$renew_cert_path/$renew_cert_cron_script +$renew_cert_path/$renew_cert_cron_script -q EOF chown root:root /etc/cron.daily/$app-renew-cert diff --git a/scripts/renew_cert_cron.sh b/scripts/renew_cert_cron.sh index 3b72e6d..60d1070 100644 --- a/scripts/renew_cert_cron.sh +++ b/scripts/renew_cert_cron.sh @@ -26,14 +26,6 @@ then fi RENEW_CERT_SCRIPT="${RENEW_CERT_PATH}/renew.py" -DEBUG=false -while getopts "v" opt -do - case $opt in - v) DEBUG=true;; - esac -done - if [[ -f $OPENVPN_CREDENTIALS_FILE ]] then credentials_file=$OPENVPN_CREDENTIALS_FILE @@ -50,30 +42,17 @@ password=$(tail -n 1 "$credentials_file") run_date=$(date +'%Y-%m-%d_%H:%M:%S') renew_dir="certs_$run_date" +renew_params="$@" -if $DEBUG -then - $RENEW_CERT_PYTHON $RENEW_CERT_SCRIPT "$login" -p "$password" -c "$OPENVPN_USER_CERT" -d "$renew_dir" -v -else - # Keep the logs for later. We will print them only if the certificates are being renewed. - renew_cert_logs=$($RENEW_CERT_PYTHON $RENEW_CERT_SCRIPT "$login" -p "$password" -c "$OPENVPN_USER_CERT" -d "$renew_dir") -fi +$RENEW_CERT_PYTHON $RENEW_CERT_SCRIPT "$login" -p "$password" -c "$OPENVPN_USER_CERT" -d "$renew_dir" $renew_params if [[ ! -d $renew_dir || ! -f $renew_dir/ca.crt || ! -f $renew_dir/client.crt || ! -f $renew_dir/client.key ]] then - if $DEBUG - then - echo "Cleaning $renew_dir directory." - fi rm -rf "$renew_dir" exit 0 fi -if [[ -n $renew_cert_logs ]] -then - echo "$renew_cert_logs" -fi - +echo "VPN certificate renewed!" echo "Saving old OpenVPN config" cp -r $OPENVPN_CONF_DIR{,.old_${run_date}} @@ -87,6 +66,7 @@ cp "$renew_dir/client.key" "$OPENVPN_USER_KEY" echo "Adding user credentials" echo -e "$login\n$password" > "$OPENVPN_CREDENTIALS_FILE" +chmod 0600 "$OPENVPN_CREDENTIALS_FILE" echo "Updating VPNClient config" yunohost app setting vpnclient server_name -v "vpn.neutrinet.be" diff --git a/scripts/upgrade b/scripts/upgrade index 8a61966..0b53d9a 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -175,7 +175,7 @@ ynh_script_progression "Setting up cron job for renewal..." cat < /etc/cron.daily/$app-renew-cert #!/bin/bash cd $renew_cert_path -$renew_cert_path/$renew_cert_cron_script +$renew_cert_path/$renew_cert_cron_script -q EOF chown root:root /etc/cron.daily/$app-renew-cert -- GitLab From 5f2719183fffafb12a6d411aea112ded33d9fef5 Mon Sep 17 00:00:00 2001 From: HgO Date: Tue, 28 Apr 2020 19:53:03 +0200 Subject: [PATCH 3/5] update renew_cert version --- manifest.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifest.json b/manifest.json index b61eec2..22e9d0c 100644 --- a/manifest.json +++ b/manifest.json @@ -5,7 +5,7 @@ "en": "Auto renewal for the Neutrinet vpn-certificates", "fr": "Renouvellement automatique des certificats vpn Neutrinet" }, - "version": "fix/correct-cn-certificates~ynh1", + "version": "0.3.1~ynh1", "license": "GPL-3+", "maintainer": { "name": "ilja", -- GitLab From 97747cf9025fbb49d966fdd2d92ceabec0da20e6 Mon Sep 17 00:00:00 2001 From: HgO Date: Sun, 3 May 2020 12:39:16 +0200 Subject: [PATCH 4/5] change renew_cert repo url to gitlab --- scripts/install | 2 +- scripts/upgrade | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index a117ace..770f8a3 100644 --- a/scripts/install +++ b/scripts/install @@ -110,7 +110,7 @@ ynh_systemd_action nginx reload # INSTALL RENEW CERT #================================================= -renew_cert_repo="https://github.com/neutrinet/renew_cert" +renew_cert_repo="https://gitlab.domainepublic.net/Neutrinet/renew_cert.git" renew_cert_version=$(jq .version ../manifest.json -r -e | cut -d '~' -f 1) renew_cert_path="$opt_path/renew_cert" renew_cert_cron_script="renew_cert_cron.sh" diff --git a/scripts/upgrade b/scripts/upgrade index 0b53d9a..222b3e7 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -143,7 +143,7 @@ ynh_systemd_action nginx reload ynh_script_progression "Installing automatic VPN certificate renewal..." -renew_cert_repo="https://github.com/neutrinet/renew_cert" +renew_cert_repo="https://gitlab.domainepublic.net/Neutrinet/renew_cert.git" renew_cert_version=$(jq .version ../manifest.json -r -e | cut -d '~' -f 1) renew_cert_path="$opt_path/renew_cert" renew_cert_cron_script="renew_cert_cron.sh" -- GitLab From 72fd1117d562db7f9ceebd6a1dde68e6c53851cb Mon Sep 17 00:00:00 2001 From: HgO Date: Sun, 3 May 2020 12:42:42 +0200 Subject: [PATCH 5/5] update existing repo url --- scripts/upgrade | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/upgrade b/scripts/upgrade index 222b3e7..5797c8e 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -151,6 +151,7 @@ renew_cert_cron_script="renew_cert_cron.sh" if [[ ! -e $renew_cert_path ]]; then git clone $renew_cert_repo $renew_cert_path else + git -C $renew_cert_path remote set-url origin $renew_cert_repo git -C $renew_cert_path fetch -t fi -- GitLab