| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- #!/usr/bin/env sh
- #Here is a sample custom api script.
- #This file name is "myapi.sh"
- #So, here must be a method myapi_deploy()
- #Which will be called by acme.sh to deploy the cert
- #returns 0 means success, otherwise error.
- ######## Public functions #####################
- #domain keyfile certfile cafile fullchain
- strongswan_deploy() {
- _cdomain="$1"
- _ckey="$2"
- _ccert="$3"
- _cca="$4"
- _cfullchain="$5"
- _info "Using strongswan"
- if [ -x /usr/sbin/ipsec ]; then
- _ipsec=/usr/sbin/ipsec
- elif [ -x /usr/sbin/strongswan ]; then
- _ipsec=/usr/sbin/strongswan
- elif [ -x /usr/local/sbin/ipsec ]; then
- _ipsec=/usr/local/sbin/ipsec
- else
- _err "no strongswan or ipsec command is detected"
- return 1
- fi
- _info _ipsec "$_ipsec"
- _confdir=$($_ipsec --confdir)
- if [ $? -ne 0 ] || [ -z "$_confdir" ]; then
- _err "no strongswan --confdir is detected"
- return 1
- fi
- _info _confdir "$_confdir"
- _debug _cdomain "$_cdomain"
- _debug _ckey "$_ckey"
- _debug _ccert "$_ccert"
- _debug _cca "$_cca"
- _debug _cfullchain "$_cfullchain"
- cat "$_ckey" >"${_confdir}/ipsec.d/private/$(basename "$_ckey")"
- cat "$_ccert" >"${_confdir}/ipsec.d/certs/$(basename "$_ccert")"
- cat "$_cca" >"${_confdir}/ipsec.d/cacerts/$(basename "$_cca")"
- cat "$_cfullchain" >"${_confdir}/ipsec.d/cacerts/$(basename "$_cfullchain")"
- $_ipsec reload
- }
|
