21 lines
696 B
Django/Jinja
21 lines
696 B
Django/Jinja
#!/bin/sh
|
|
|
|
{% if pg_letsencrypt_cert is defined %}
|
|
|
|
if [ $1 == "{{ pg_letsencrypt_cert }}" ]; then
|
|
cp /var/lib/dehydrated/certificates/certs/{{ pg_letsencrypt_cert }}/fullchain.pem /var/lib/pgsql/ssl/server.crt
|
|
cp /var/lib/dehydrated/certificates/certs/{{ pg_letsencrypt_cert }}/privkey.pem /var/lib/pgsql/ssl/server.key
|
|
chown root:postgres /var/lib/pgsql/ssl/server.key
|
|
chown root:root /var/lib/pgsql/ssl/server.crt
|
|
chmod 640 /var/lib/pgsql/ssl/server.key
|
|
chmod 644 /var/lib/pgsql/ssl/server.crt
|
|
systemctl reload postgresql{{ (pg_version != 'default') | ternary('-' + pg_version | string,'') }}
|
|
fi
|
|
|
|
{% else %}
|
|
|
|
# No Let's Encrypt cert configured, nothing to do
|
|
exit 0
|
|
|
|
{% endif %}
|