Subversion Repositories sysadmin_scripts

#! /usr/bin/env perl

# copies server certificates to target, then restarts services

# If called with one parameter (hostname), will copy all .crt

# and .key files matching hostname (ie, hostname*.crt and 

# hostname*.key.

#

# assumes root user on this system can connect to hostname as

# root.

#

# restarts service apache2 on hostname after copy.

#

# assumes crt and key files are in $serverCertDir

use strict;

use warnings;

use FindBin;

use File::Spec;

use Cwd 'abs_path';

use File::Basename;

my $binDir = dirname( abs_path( __FILE__ ) ) . '/';

my $config = $binDir . "makeCert.conf";

my $configFile;    # prototype for the domain specific config file

my $caCRT;         # location of the CA crt file

my $caKey;         # location of the CA Key file

my $serverCertDir; # where to put the server certs

my $certDays;      # number of days a Server certificate is valid for, not used here

my $caDays;        # number of days a CA is good for

die "Config File $config not found\n" unless -f $config;

die "openssl config file $sslConfig not found\n" unless -f $sslConfig;

# load the config file

eval `cat $config`;

my $targetDir = '/etc/certificates/';

my $remoteCommand = 'chmod 644 /etc/certificates/* && chown root:root /etc/certificates/* && service apache2 reload';

my $hostname = shift;

my $certname = shift;

die "Usage: $0 hostname [certname]\n" unless $hostname;

$certname .= '*' unless $certname;

`scp $serverCertDir$certname.crt $serverCertDir$certname.key $hostname:$targetDir`;

`ssh $hostname '$remoteCommand'`;

print "$hostname updated and web server restarted\n";

1;