Skip to content

Commit c75db63

Browse files
nachoparkernachoparker
committed
letsencrypt: take into account the possibility of the ncp-nextcloud folder being used
Signed-off-by: nachoparker <nacho@ownyourbits.com>
1 parent b41fad0 commit c75db63

File tree

2 files changed

+20
-8
lines changed

2 files changed

+20
-8
lines changed

changelog.md

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,11 @@
11

2-
[v1.41.0](https://github.com/nextcloud/nextcloudpi/commit/33d8167) (2021-10-13) ncp-web: add NCP logs section
2+
[v1.41.1](https://github.com/nextcloud/nextcloudpi/commit/2c4cb42) (2021-10-14) letsencrypt: take into account the possibility of the ncp-nextcloud folder being used
33

4-
[v1.40.10](https://github.com/nextcloud/nextcloudpi/commit/8bb5795) (2021-10-12) nc-import-ncp: run activated apps upon import
4+
[v1.41.0 ](https://github.com/nextcloud/nextcloudpi/commit/b41fad0) (2021-10-13) ncp-web: add NCP logs section
55

6-
[v1.40.9 ](https://github.com/nextcloud/nextcloudpi/commit/a4998cd) (2021-10-12) letsencrypt: favor most recent cert if there are many
6+
[v1.40.10](https://github.com/nextcloud/nextcloudpi/commit/85cb1f0) (2021-10-12) nc-import-ncp: run activated apps upon import
7+
8+
[v1.40.9 ](https://github.com/nextcloud/nextcloudpi/commit/35a3a54) (2021-10-12) letsencrypt: favor most recent cert if there are many
79

810
[v1.40.8 ](https://github.com/nextcloud/nextcloudpi/commit/9bddfad) (2021-10-12) fix HPB with dynamic IP
911

etc/ncp-templates/nextcloud.conf.sh

Lines changed: 15 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -41,22 +41,32 @@ EOF
4141

4242
if [[ "$1" != "--defaults" ]] && [[ -n "$LETSENCRYPT_DOMAIN" ]]; then
4343
echo " ServerName ${LETSENCRYPT_DOMAIN}"
44+
45+
# try the obvious path first
4446
LETSENCRYPT_CERT_BASE_PATH="/etc/letsencrypt/live/${LETSENCRYPT_DOMAIN,,}"
47+
48+
# find the most recent cert otherwise
4549
[[ -d "${LETSENCRYPT_CERT_BASE_PATH}" ]] || {
46-
#find the most recent cert
4750
LETSENCRYPT_CERT_BASE_PATH="$(find /etc/letsencrypt/live -type d -name "${LETSENCRYPT_DOMAIN,,}*" -printf "%T@ %p\n" | sort -n | cut -f2 -d' ' | tail -1)"
4851
}
49-
LETSENCRYPT_CERT_PATH="${LETSENCRYPT_CERT_BASE_PATH}/fullchain.pem"
50-
LETSENCRYPT_KEY_PATH="${LETSENCRYPT_CERT_BASE_PATH}/privkey.pem"
5152

52-
# fall back to self-signed snakeoil certs
53-
[[ -d "${LETSENCRYPT_CERT_BASE_PATH}" ]] || unset LETSENCRYPT_CERT_BASE_PATH
53+
# otherwise, in some installs this is the path we use (for legacy reasons)
54+
[[ -d "${LETSENCRYPT_CERT_BASE_PATH}" ]] || {
55+
if [[ -d "/etc/letsencrypt/live/ncp-nextcloud" ]]; then
56+
LETSENCRYPT_CERT_BASE_PATH="/etc/letsencrypt/live/ncp-nextcloud"
57+
fi
58+
}
5459
else
5560
# Make sure the default snakeoil cert exists
5661
[ -f /etc/ssl/certs/ssl-cert-snakeoil.pem ] || make-ssl-cert generate-default-snakeoil --force-overwrite
5762
unset LETSENCRYPT_DOMAIN
5863
fi
5964

65+
# NOTE: we fall back to self-signed snakeoil certs if we couldn't get a LE one
66+
[[ -d "${LETSENCRYPT_CERT_BASE_PATH}" ]] && {
67+
LETSENCRYPT_CERT_PATH="${LETSENCRYPT_CERT_BASE_PATH}/fullchain.pem"
68+
LETSENCRYPT_KEY_PATH="${LETSENCRYPT_CERT_BASE_PATH}/privkey.pem"
69+
}
6070
cat <<EOF
6171
CustomLog /var/log/apache2/nc-access.log combined
6272
ErrorLog /var/log/apache2/nc-error.log

0 commit comments

Comments
 (0)