FreeBSD/jails/jails-update-cert.sh

#!/usr/local/bin/bash

# Copyright (c) 2018-2022, diyIT.org
# All rights reserved.
#
# BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")
# https://diyit.org/license/
#
#

web_jails=(cloud hub nivi rachna rishabh sharad web web-diyit web-datavpc web-rockwood web-scvcc-rental ldap-mgr r-ldap-mgr monitor)

for i in ${web_jails[@]};
do
	echo "restarting apache in web_jail $i after SSL update"
	iocage exec $i "service apache24 restart"
    # The majority of TLS/SSL servers require a full restart to re-load the certificates if the filename is unchanged.
done

ldap_jails=(ldap r-ldap)

for i in ${ldap_jails[@]};
do
	echo "restarting ldap in ldap_jail $i after SSL update"
	iocage exec $i "service slapd restart"
done

echo "restarting haproxy in jail proxy after SSL update"
iocage exec proxy "service haproxy reload"

echo "restarting nginx in jail pkgp after SSL update"
iocage exec pkgp "service nginx restart"
# The majority of TLS/SSL servers require a full restart to re-load the certificates if the filename is unchanged.

echo "restarting mail in jail mail after SSL update"
iocage exec mail "service postfix stop"
iocage exec mail "service postfix start"
iocage exec mail "service dovecot stop"
iocage exec mail "service dovecot start"

echo "restarting ELK in jail elk after SSL update"
iocage exec elk "cp /mnt/certs/diy*.pem /usr/local/etc/elasticsearch/certs"
iocage exec elk "cp /mnt/certs/cacert.pem /usr/local/etc/elasticsearch/certs"

exit

iocage exec elk "service elasticsearch restart"
iocage exec elk "service kibana restart"

#iocage exec elk "service logstash restart"
iocage exec elk 'ps axww | grep logstash | cut -f1 -d" " | xargs -n 1 kill -9 '
iocage exec elk "/root/start_logstash.sh"

iocage exec elk "service heartbeat restart"
next set of updates 2020-05-26 21:15:31 -07:00			`#!/usr/local/bin/bash`

copyright update 2022-04-19 13:46:35 -07:00			`# Copyright (c) 2018-2022, diyIT.org`
Feb 25, 2020 2020-02-25 11:28:31 -08:00			`# All rights reserved.`
			`#`
			`# BSD 2-Clause License ("Simplified BSD License" or "FreeBSD License")`
			`# https://diyit.org/license/`
			`#`
			`#`

apr 19 update 2022-04-19 13:38:56 -07:00			`web_jails=(cloud hub nivi rachna rishabh sharad web web-diyit web-datavpc web-rockwood web-scvcc-rental ldap-mgr r-ldap-mgr monitor)`
Feb 25, 2020 2020-02-25 11:28:31 -08:00
			`for i in ${web_jails[@]};`
			`do`
auto now hosts django apps added devfs_rule configs for jails configure mail ipv6 settings windows2019 VM 2020-04-11 00:46:09 -07:00			`echo "restarting apache in web_jail $i after SSL update"`
Feb 25, 2020 2020-02-25 11:28:31 -08:00			`iocage exec $i "service apache24 restart"`
apr 19 update 2022-04-19 13:38:56 -07:00			`# The majority of TLS/SSL servers require a full restart to re-load the certificates if the filename is unchanged.`
Feb 25, 2020 2020-02-25 11:28:31 -08:00			`done`

			`ldap_jails=(ldap r-ldap)`

			`for i in ${ldap_jails[@]};`
			`do`
auto now hosts django apps added devfs_rule configs for jails configure mail ipv6 settings windows2019 VM 2020-04-11 00:46:09 -07:00			`echo "restarting ldap in ldap_jail $i after SSL update"`
Feb 25, 2020 2020-02-25 11:28:31 -08:00			`iocage exec $i "service slapd restart"`
			`done`

auto now hosts django apps added devfs_rule configs for jails configure mail ipv6 settings windows2019 VM 2020-04-11 00:46:09 -07:00			`echo "restarting haproxy in jail proxy after SSL update"`
Feb 25, 2020 2020-02-25 11:28:31 -08:00			`iocage exec proxy "service haproxy reload"`

auto now hosts django apps added devfs_rule configs for jails configure mail ipv6 settings windows2019 VM 2020-04-11 00:46:09 -07:00			`echo "restarting nginx in jail pkgp after SSL update"`
apr 19 update 2022-04-19 13:38:56 -07:00			`iocage exec pkgp "service nginx restart"`
			`# The majority of TLS/SSL servers require a full restart to re-load the certificates if the filename is unchanged.`
auto now hosts django apps added devfs_rule configs for jails configure mail ipv6 settings windows2019 VM 2020-04-11 00:46:09 -07:00
			`echo "restarting mail in jail mail after SSL update"`
apr 19 update 2022-04-19 13:38:56 -07:00			`iocage exec mail "service postfix stop"`
			`iocage exec mail "service postfix start"`
			`iocage exec mail "service dovecot stop"`
			`iocage exec mail "service dovecot start"`
Feb 25, 2020 2020-02-25 11:28:31 -08:00
updated for FreeBSD 12.2 2021-02-13 11:38:38 -08:00			`echo "restarting ELK in jail elk after SSL update"`
			`iocage exec elk "cp /mnt/certs/diy*.pem /usr/local/etc/elasticsearch/certs"`
			`iocage exec elk "cp /mnt/certs/cacert.pem /usr/local/etc/elasticsearch/certs"`
. 2021-04-01 01:23:14 -07:00
			`exit`

updated for FreeBSD 12.2 2021-02-13 11:38:38 -08:00			`iocage exec elk "service elasticsearch restart"`
			`iocage exec elk "service kibana restart"`
Feb 25, 2020 2020-02-25 11:28:31 -08:00
updated for FreeBSD 12.2 2021-02-13 11:38:38 -08:00			`#iocage exec elk "service logstash restart"`
			`iocage exec elk 'ps axww \| grep logstash \| cut -f1 -d" " \| xargs -n 1 kill -9 '`
			`iocage exec elk "/root/start_logstash.sh"`
Feb 25, 2020 2020-02-25 11:28:31 -08:00
updated for FreeBSD 12.2 2021-02-13 11:38:38 -08:00			`iocage exec elk "service heartbeat restart"`