smecontribs/smeserver-unifi
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit of file from CVS for smeserver-unifi on Sat Sep 7 21:10:32 AEST 2024

Browse Source
This commit is contained in:
Trevor Batley
2024-09-07 21:10:32 +10:00
parent dae8118fe8
commit 599ba506da
19 changed files with 376 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
root/etc/e-smith/templates/usr/bin/hook-script.sh/30unifi Normal file
View File

@@ -0,0 +1,26 @@
if [ $1 = "deploy_cert" ]; then
# and now deploy our LE cert to Unifi controller !
{ # in case we rely on scl again
#. /opt/rh/rh-mongodb34/service-environment
#. scl_source enable \$RH_MONGODB34_SCLS_ENABLED
}
# To automatically detect DOMAIN (thanks to @SprockTech):
DOMAIN=$(mongo --quiet --port 27117 --eval 'db.getSiblingDB("ace").setting.find(\{"key": "super_identity"\}).forEach(function(document)\{ print(document.hostname) \})')
# Backup previous keystore
cp /opt/UniFi/data/keystore /opt/UniFi/data/keystore.backup.$(date +%F_%R)
# Convert cert to PKCS12 format
# Ignore warnings
#openssl pkcs12 -export -inkey /etc/letsencrypt/live/${DOMAIN}/privkey.pem -in /etc/letsencrypt/live/${DOMAIN}/fullchain.pem -out /etc/letsencrypt/live/${DOMAIN}/fullchain.p12 -name unifi -password pass:unifi
openssl pkcs12 -export -inkey `/sbin/e-smith/config getprop modSSL key` -in `/sbin/e-smith/config getprop modSSL crt` -out /opt/UniFi/data/fullchain.p12 -name unifi -password pass:unifi 2>/dev/null
# Install certificate
# Ignore warnings
#keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /var/lib/unifi/keystore -srckeystore /etc/letsencrypt/live/${DOMAIN}/fullchain.p12 -srcstoretype PKCS12 -srcstorepass unifi -alias unifi -noprompt
keytool -importkeystore -deststorepass aircontrolenterprise -destkeypass aircontrolenterprise -destkeystore /opt/UniFi/data/keystore -srckeystore /opt/UniFi/data/fullchain.p12 -srcstoretype PKCS12 -srcstorepass unifi -alias unifi -noprompt
#Restart UniFi controller
/usr/bin/systemctl restart unifi.service
fi