50 lines
1.6 KiB
Bash
Executable file
50 lines
1.6 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# 6184 - This script moves Postgres SSL files from /awips2/data to
|
|
# /awips2/database/ssl and creates symlinks from the old locations to
|
|
# the new. Finally it updates postgresql.conf to refer to the new
|
|
# location.
|
|
#
|
|
# Run as root on dx1.
|
|
#
|
|
# Author: tgurney
|
|
|
|
ssl_dir=/awips2/database/ssl
|
|
ssl_dir_escaped=$(echo "${ssl_dir}" | sed 's/\//\\\//g')
|
|
data_dir=/awips2/data
|
|
temp_conf=$(mktemp)
|
|
|
|
echo INFO: Starting move of SSL files
|
|
|
|
mkdir -pv "${ssl_dir}"
|
|
chown -R awips:fxalpha "${ssl_dir}"
|
|
chmod 700 "${ssl_dir}"
|
|
|
|
didstuff=false
|
|
|
|
for file in "${data_dir}"/*.{crt,key}; do
|
|
if [[ -f "${file}" ]]; then
|
|
mv -v "${file}" "${ssl_dir}"
|
|
ln -fsv "${ssl_dir}"/"$(basename "${file}")" "${data_dir}"
|
|
didstuff=true
|
|
fi
|
|
done
|
|
|
|
cat "${data_dir}/postgresql.conf" \
|
|
| perl -pe 's/^\#?\s*ssl_cert_file\s*=.*$/ssl_cert_file = '"'${ssl_dir_escaped}"'\/server.crt'"'/g" \
|
|
| perl -pe 's/^\#?\s*ssl_key_file\s*=.*$/ssl_key_file = '"'${ssl_dir_escaped}"'\/server.key'"'/g" \
|
|
| perl -pe 's/^\#?\s*ssl_ca_file\s*=.*$/ssl_ca_file = '"'${ssl_dir_escaped}"'\/root.crt'"'/g" \
|
|
> ${temp_conf}
|
|
|
|
cmp -s "${data_dir}/postgresql.conf" "${temp_conf}"
|
|
if [[ "$?" -eq 0 ]]; then
|
|
echo INFO: No postgresql.conf update needed
|
|
else
|
|
echo INFO: Updating postgresql.conf
|
|
now=$(date +%Y%m%d.%H%M%S)
|
|
cp -a "${data_dir}/postgresql.conf" "${data_dir}"/postgresql.conf."${now}" && \
|
|
echo INFO: Old postgresql.conf saved at "${data_dir}"/postgresql.conf."${now}"
|
|
install -T -m 600 -o awips -g fxalpha ${temp_conf} "${data_dir}/postgresql.conf"
|
|
fi
|
|
|
|
echo INFO: Done
|