hooks; generate-ssl-cert

.gitignore

@@ -0,0 +1 @@
+*.swp

generate-ssl-cert.sh

@@ -0,0 +1,21 @@
+#! /usr/bin/env bash
+
+if [ $# -eq 0 ]
+then
+  echo "Usage: generate-ssl-cert hostname [options]" >&2
+  exit 64
+fi
+
+host="$1"
+
+letsencrypt --agree-tos --renew-by-default --standalone --standalone-supported-challenges http-01 --http-01-port 9999 --server https://acme-v01.api.letsencrypt.org/directory certonly -d $*
+
+if [ $? -ne 0 ]
+then
+  echo "Failed to generate certificate" >&2
+  exit 1
+fi
+
+ln -sf /etc/letsencrypt/live/${host}/cert.pem /etc/ssl/private/${host}.crt
+ln -sf /etc/letsencrypt/live/${host}/privkey.pem /etc/ssl/private/${host}.key
+ln -sf /etc/letsencrypt/live/${host}/chain.pem /etc/ssl/private/${host}-chain.crt

install

@@ -1,6 +1,8 @@
 #! /usr/bin/env sh
 
 mkdir -p /etc/sitegen
+mkdir -p ~/.sitegen/hooks.d
 install sitegen/* /etc/sitegen/
 install sitegen.sh /usr/local/bin/sitegen
+install generate-ssl-cert.sh /usr/local/bin/generate-ssl-cert
 install sitegen.completion /etc/bash_completion.d/sitegen

sitegen.sh

@@ -4,17 +4,8 @@ apache_dir=/etc/apache2/sites-available/
 conf_dir=/etc/sitegen/
 site_dir=/var/
 
-conf_file=/etc/sitegen/sitegen.conf
-conf_file_local=~/.sitegen.conf
-
-loadConf()
-{
-  if [ -e "$1" ]
-  then
-    echo "Found a config file: $1"
-    . "$1"
-  fi
-}
+hooks_dir=/etc/sitegen/hooks.d/
+hooks_dir_local=~/.sitegen/hooks.d/
 
 makeDir()
 {
@@ -30,15 +21,28 @@ getPath()
   readlink -m "$1"
 }
 
+applyHooks()
+{
+  dir="$1"
+  if [ -d ${dir} ]
+  then
+    for file in $(find ${dir} | sort) ;
+    do
+      echo "Applying ${file}"
+      . "${file}"
+    done
+  else
+    echo "No hooks found in ${dir}"
+  fi
+}
+
+
 if [ $# -eq 0 ] || [ $# -gt 2 ] || [ "$1" = "--help" ]
 then
   echo "Usage:" $(basename $0) "hostname [config=default]" >&2
   exit 1
 fi
 
-loadConf "${conf_file}"
-loadConf "${conf_file_local}"
-
 host="$1"
 if [ $# -eq 2 ]
 then
@@ -75,3 +79,6 @@ makeDir "${apache_dir}"
 
 sed -e "${sed_host}" -e "${sed_root}" "${conf_conf}" > "${site_conf}"
 sed -e "${sed_host}" -e "${sed_root}" "${conf_include}" > "${site_include}"
+
+applyHooks ${hooks_dir}
+applyHooks ${hooks_dir_local}

sitegen/hooks.available/000-print

@@ -0,0 +1,6 @@
+echo "Host: ${host}"
+echo "Root Document: ${root_dir}"
+echo "Http Configuration Source: ${conf_conf}"
+echo "Site Configuration Source: ${conf_include}"
+echo "Http Configuration Destination: ${site_conf}"
+echo "Site Configuration Destination: ${site_include}"

sitegen/hooks.available/050-letsencrypt

@@ -0,0 +1,8 @@
+count=$(grep -ci SSLCertificateFile ${site_conf})
+if [ "${count}" -ge 1 ]
+then
+  echo "SSL found; generating certificate..."
+  generate-ssl-cert "${host}"
+else
+  echo "No SSL found; doing nothing"
+fi

sitegen/hooks.available/100-chown

@@ -0,0 +1,3 @@
+user=$(logname)
+echo "chown to ${user}"
+chown ${user}:${user} ${root_dir}

sitegen/hooks.available/200-a2ensite

@@ -0,0 +1 @@
+a2ensite "${host}.conf"

sitegen/hooks.available/300-reload

@@ -0,0 +1 @@
+service apache2 reload

sitegen/hooks.d/000-print

@@ -0,0 +1 @@
+../hooks.available/000-print

sitegen/https.conf

@@ -9,7 +9,7 @@
         SSLEngine on
         SSLCertificateFile /etc/ssl/private/%%HOST%%.crt
         SSLCertificateKeyFile /etc/ssl/private/%%HOST%%.key
-        SSLCertificateChainFile /etc/ssl/certs/sub.class1.server.ca.pem
+        SSLCertificateChainFile /etc/ssl/private/%%HOST%%-chain.crt
     </VirtualHost>
 </IfModule>
 <IfModule !mod_ssl.c>