From 593cd34e52ce6eaa778639c11211ad931f5ba0bc Mon Sep 17 00:00:00 2001
From: Robin Dirksen <robin@famdirksen.nl>
Date: Tue, 7 Nov 2017 11:56:59 +0100
Subject: [PATCH] Create v-update-host-certificate

Add a file that's setting the hostname certificate for exim, dovecot & vesta-web so the email is always with a valid LE certificate.

# Todo:
- add to cronjobs (default every month) of adds to lets encrypt renewall/request when updating system hostname certificate
---
 bin/v-update-host-certificate | 67 +++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 bin/v-update-host-certificate

diff --git a/bin/v-update-host-certificate b/bin/v-update-host-certificate
new file mode 100644
index 00000000..b2aeba2e
--- /dev/null
+++ b/bin/v-update-host-certificate
@@ -0,0 +1,67 @@
+#!/bin/bash
+# info: update hosts certificates for exim, dovecot & vesta-web
+# options: user
+# options: hostname
+#
+# Function updates certificates for vesta
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+hostname=$2
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/ip.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" '[USER] [HOSTNAME]'
+is_format_valid 'user'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$hostname"
+is_object_unsuspended 'web' 'DOMAIN' "$hostname"
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Get current datetime for backup of old files
+backup_datetime=`date '+%Y-%m-%d_%H-%M-%S'`
+
+# Keep a backup of the old certificate - todo: remove in production
+#mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt_backup_$backup_datetime
+#mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key_backup_$backup_datetime
+
+# Copy hostnames certificates from user dir
+cp /home/$user/conf/web/ssl.$hostname.pem $VESTA/ssl/certificate.crt
+cp /home/$user/conf/web/ssl.$hostname.key $VESTA/ssl/certificate.key
+
+# Assign exim permissions
+chown exim:mail $VESTA/ssl/certificate.crt
+chown exim:mail $VESTA/ssl/certificate.key
+
+# Restart exim, dovecot & vesta
+v-restart-mail
+v-restart-web-backend
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit