Added Update Certificate Scripts

diff --git a/update_certificate b/update_certificate
new file mode 100755 (executable)
index 0000000..1ea4e59
--- /dev/null
+++ b/update_certificate
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+# Download
+echo " ------------------------------- "
+echo "| Updating Download Certificate |"
+echo " ------------------------------- "
+host="download.giorgioravera.it"
+user="root"
+rsync -rlptDv /etc/letsencrypt/archive $user@$host:/etc/letsencrypt/
+rsync -rlptDv /etc/letsencrypt/live $user@$host:/etc/letsencrypt/
+ssh $user@$host /etc/init.d/apache2 restart
+echo ""
+
+# XOA
+echo " ------------------------------- "
+echo "| Updating XOA Certificate      |"
+echo " ------------------------------- "
+host="xoa.giorgioravera.it"
+user="root"
+rsync -rlptDv /etc/letsencrypt/archive $user@$host:/etc/letsencrypt/
+rsync -rlptDv /etc/letsencrypt/live $user@$host:/etc/letsencrypt/
+ssh $user@$host systemctl restart xo-server.service
+echo ""
+
+# Asterisk
+echo " ------------------------------- "
+echo "| Updating Asterisk Certificate |"
+echo " ------------------------------- "
+host="asterisk.giorgioravera.it"
+user="root"
+rsync -rlptDv /etc/letsencrypt/archive $user@$host:/etc/letsencrypt/
+rsync -rlptDv /etc/letsencrypt/live $user@$host:/etc/letsencrypt/
+ssh $user@$host chown asterisk:asterisk /etc/letsencrypt -R
+ssh $user@$host fwconsole certificate --updateall
+ssh $user@$host fwconsole sysadmin updatecert
+#ssh $user@$host fwconsole restart
+#ssh $user@$host systemctl reload httpd.service
+echo ""
+
+# Firewall
+echo " ------------------------------- "
+echo "| Updating Firewall Certificate |"
+echo " ------------------------------- "
+update_certificate_firewall

diff --git a/update_certificate_firewall b/update_certificate_firewall
new file mode 100755 (executable)
index 0000000..a933bf8
--- /dev/null
+++ b/update_certificate_firewall
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+# Parameters
+host='firewall.giorgioravera.it'
+username="root"
+cert_path="/etc/letsencrypt/live/server.giorgioravera.it"
+keyname="letsencrypt"
+certificate="cert.pem"
+privatekey="privkey.pem"
+
+# Certificate and Key Preparation
+cert=$(base64 $cert_path/$certificate)
+cert=$(echo $cert | sed "s/ //g")
+key=$(base64 $cert_path/$privatekey)
+key=$(echo $key | sed "s/ //g")
+
+# Moving into temp dir
+cd /tmp
+
+# Download Configuration
+scp $username@$host:/conf/config.xml config.xml
+
+# Extraction old cert and kay from configuration
+oldcertificate=$(grep -A2 -P $keyname config.xml | awk '/<crt>/ { print $1}' | sed "s|<crt>||g" | sed "s|</crt>||g")
+oldprivatekey=$(grep -A2 -P $keyname config.xml | awk '/<prv>/ { print $1}' | sed "s|<prv>||g" | sed "s|</prv>||g")
+
+# Check if it's necessary updating certificate and key
+if grep "$cert" config.xml > /dev/null
+then
+    echo "Identical certificate found, renewal not required"
+else
+    echo "Certificate not found, renewal required"
+    # Replace old cert & key
+    sed -i -e "s|$oldcertificate|$cert|g" config.xml
+    sed -i -e "s|$oldprivatekey|$key|g" config.xml
+    scp config.xml $username@$host:/conf/config.xml
+    ssh $username@$host rm /tmp/config.cache
+    ssh $username@$host /etc/rc.restart_webgui
+fi
+
+# Clean directory
+rm config.xml