[Astlinux-commits] SF.net SVN: astlinux:[8435] branches/1.0

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 8435
          http://sourceforge.net/p/astlinux/code/8435
Author:   abelbeck
Date:     2017-07-12 14:42:51 +0000 (Wed, 12 Jul 2017)
Log Message:
-----------
acme, add 'slapd' service type to ACME_SERVICE for LDAP SSL support

Modified Paths:
--------------
    branches/1.0/package/acme/deploy/astlinux.sh
    branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf

Modified: branches/1.0/package/acme/deploy/astlinux.sh
===================================================================

--- branches/1.0/package/acme/deploy/astlinux.sh	2017-07-10 21:29:00 UTC (rev 8434)
+++ branches/1.0/package/acme/deploy/astlinux.sh	2017-07-12 14:42:51 UTC (rev 8435)
@@ -55,7 +55,7 @@
       fi
       sleep 1
       service lighttpd init
-      logger -s -t acme-client "New ACME certificates deployed for HTTPS and Lighttpd restarted"
+      logger -s -t acme-client "New ACME certificates deployed for HTTPS and 'lighttpd' restarted"
     fi
   fi
 
@@ -69,7 +69,7 @@
     cat "$_ckey" > /mnt/kd/ssl/sip-tls/keys/server.key
     chmod 600 /mnt/kd/ssl/sip-tls/keys/server.key
     asterisk -rx "core restart when convenient" >/dev/null 2>&1 &
-    logger -s -t acme-client "New ACME certificates deployed for SIP-TLS and Asterisk restart when convenient requested"
+    logger -s -t acme-client "New ACME certificates deployed for SIP-TLS and 'asterisk' restart when convenient requested"
   fi
 
   if astlinux_is_acme_service prosody; then
@@ -86,8 +86,25 @@
     chown prosody:prosody /mnt/kd/prosody/certs/server.key
     sleep 1
     service prosody init
-    logger -s -t acme-client "New ACME certificates deployed for XMPP and Prosody restarted"
+    logger -s -t acme-client "New ACME certificates deployed for XMPP and 'prosody' restarted"
   fi
 
+  if astlinux_is_acme_service slapd; then
+    service slapd stop
+    mkdir -p /mnt/kd/ldap/certs
+    if [ -f "$_cfullchain" ]; then
+      cat "$_cfullchain" > /mnt/kd/ldap/certs/server.crt
+    else
+      cat "$_ccert" > /mnt/kd/ldap/certs/server.crt
+    fi
+    cat "$_ckey" > /mnt/kd/ldap/certs/server.key
+    chmod 600 /mnt/kd/ldap/certs/server.key
+    chown ldap:ldap /mnt/kd/ldap/certs/server.crt
+    chown ldap:ldap /mnt/kd/ldap/certs/server.key
+    sleep 1
+    service slapd init
+    logger -s -t acme-client "New ACME certificates deployed for LDAP and 'slapd' restarted"
+  fi
+
   return 0
 }

Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf	2017-07-10 21:29:00 UTC (rev 8434)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf	2017-07-12 14:42:51 UTC (rev 8435)
@@ -1061,7 +1061,7 @@
 ## For use with "Let's Encrypt" using the "acme-client" command.
 ## Note: Only DNS challenge validation is supported within AstLinux.
 ##
-## Deploy service types: lighttpd, asterisk and prosody
+## Deploy service types: lighttpd, asterisk, prosody and slapd
 #ACME_SERVICE="lighttpd"     # space separated list of deploy service types
 ## Registration email address, used for expiry notifications (optional)
 #ACME_ACCOUNT_EMAIL="ac...@my..."

This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.



