@ -4,10 +4,16 @@
#returns 0 means success, otherwise error.
# Settings for Unifi Controller:
#DEPLOY_UNIFI_KEYSTORE="/usr/lib/unifi/data/keystore"
#DEPLOY_UNIFI_KEYPASS="aircontrolenterprise"
#DEPLOY_UNIFI_RELOAD="service unifi restart"
# Additional settings for Unifi Cloud Key:
#DEPLOY_UNIFI_CLOUDKEY=yes
#DEPLOY_UNIFI_CLOUDKEY_CERTDIR="/etc/ssl/private"
#DEPLOY_UNIFI_RELOAD="service unifi restart && service nginx restart"
######## Public functions #####################
#domain keyfile certfile cafile fullchain
@ -29,11 +35,22 @@ unifi_deploy() {
return 1
fi
DEFAULT_DEPLOY_UNIFI_CLOUDKEY_CERTDIR = "/etc/ssl/private"
_cloudkey_certdir = " ${ DEPLOY_UNIFI_CLOUDKEY_CERTDIR :- $DEFAULT_DEPLOY_UNIFI_CLOUDKEY_CERTDIR } "
DEFAULT_DEPLOY_UNIFI_CLOUDKEY = "no"
if [ -f " ${ _cloudkey_certdir } /cloudkey.key " ] ; then
DEFAULT_DEPLOY_UNIFI_CLOUDKEY = "yes"
fi
_cloudkey_deploy = " ${ DEPLOY_UNIFI_CLOUDKEY :- $DEFAULT_DEPLOY_UNIFI_CLOUDKEY } "
DEFAULT_UNIFI_KEYSTORE = "/usr/lib/unifi/data/keystore"
_unifi_keystore = " ${ DEPLOY_UNIFI_KEYSTORE :- $DEFAULT_UNIFI_KEYSTORE } "
DEFAULT_UNIFI_KEYPASS = "aircontrolenterprise"
_unifi_keypass = " ${ DEPLOY_UNIFI_KEYPASS :- $DEFAULT_UNIFI_KEYPASS } "
DEFAULT_UNIFI_RELOAD = "service unifi restart"
if [ " $_cloudkey_deploy " = "yes" ] ; then
DEFAULT_UNIFI_RELOAD = " service nginx restart && ${ DEFAULT_UNIFI_RELOAD } "
fi
_reload = " ${ DEPLOY_UNIFI_RELOAD :- $DEFAULT_UNIFI_RELOAD } "
_debug _unifi_keystore " $_unifi_keystore "
@ -51,6 +68,19 @@ unifi_deploy() {
return 1
fi
_debug _cloudkey_deploy " $_cloudkey_deploy "
_debug _cloudkey_certdir " $_cloudkey_certdir "
if [ " $_cloudkey_deploy " = "yes" ] ; then
if [ ! -d " $_cloudkey_certdir " ] ; then
_err " The directory $_cloudkey_certdir is missing or invalid; please define DEPLOY_UNIFI_CLOUDKEY_CERTDIR "
return 1
fi
if [ ! -w " $_cloudkey_certdir " ] ; then
_err " The directory $_cloudkey_certdir is not writable; please check permissions "
return 1
fi
fi
_info "Generate import pkcs12"
_import_pkcs12 = " $( _mktemp) "
_toPkcs " $_import_pkcs12 " " $_ckey " " $_ccert " " $_cca " " $_unifi_keypass " unifi root
@ -72,29 +102,47 @@ unifi_deploy() {
return 1
fi
if [ " $_cloudkey_deploy " = "yes" ] ; then
_info " Install Cloud Key certificate: $_cloudkey_certdir "
cp " $_cfullchain " " ${ _cloudkey_certdir } /cloudkey.crt "
cp " $_ckey " " ${ _cloudkey_certdir } /cloudkey.key "
( cd " $_cloudkey_certdir " && tar -cf cert.tar cloudkey.crt cloudkey.key unifi.keystore.jks)
_info "Install Cloud Key certificate success!"
fi
_info " Run reload: $_reload "
if eval " $_reload " ; then
_info "Reload success!"
if [ " $DEPLOY_UNIFI_KEYSTORE " ] ; then
_savedomainconf DEPLOY_UNIFI_KEYSTORE " $DEPLOY_UNIFI_KEYSTORE "
else
_cleardomainconf DEPLOY_UNIFI_KEYSTORE
fi
if [ " $DEPLOY_UNIFI_KEYPASS " ] ; then
_savedomainconf DEPLOY_UNIFI_KEYPASS " $DEPLOY_UNIFI_KEYPASS "
else
_cleardomainconf DEPLOY_UNIFI_KEYPASS
fi
if [ " $DEPLOY_UNIFI_RELOAD " ] ; then
_savedomainconf DEPLOY_UNIFI_RELOAD " $DEPLOY_UNIFI_RELOAD "
else
_cleardomainconf DEPLOY_UNIFI_RELOAD
fi
return 0
else
_err "Reload error"
return 1
fi
return 0
if [ " $DEPLOY_UNIFI_KEYSTORE " ] ; then
_savedomainconf DEPLOY_UNIFI_KEYSTORE " $DEPLOY_UNIFI_KEYSTORE "
else
_cleardomainconf DEPLOY_UNIFI_KEYSTORE
fi
if [ " $DEPLOY_UNIFI_KEYPASS " ] ; then
_savedomainconf DEPLOY_UNIFI_KEYPASS " $DEPLOY_UNIFI_KEYPASS "
else
_cleardomainconf DEPLOY_UNIFI_KEYPASS
fi
if [ " $DEPLOY_UNIFI_RELOAD " ] ; then
_savedomainconf DEPLOY_UNIFI_RELOAD " $DEPLOY_UNIFI_RELOAD "
else
_cleardomainconf DEPLOY_UNIFI_RELOAD
fi
if [ " $DEPLOY_UNIFI_CLOUDKEY " ] ; then
_savedomainconf DEPLOY_UNIFI_CLOUDKEY " $DEPLOY_UNIFI_CLOUDKEY "
else
_cleardomainconf DEPLOY_UNIFI_CLOUDKEY
fi
if [ " $DEPLOY_UNIFI_CLOUDKEY_CERTDIR " ] ; then
_savedomainconf DEPLOY_UNIFI_CLOUDKEY_CERTDIR " $DEPLOY_UNIFI_CLOUDKEY_CERTDIR "
else
_cleardomainconf DEPLOY_UNIFI_CLOUDKEY_CERTDIR
fi
return 0
}
medmunds
5 years ago