From 717bbcd2bf624ad68ea1cdf08216ab4f06e8bc4d Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 10 Apr 2012 21:21:08 +0200
Subject: Configure certmonger to execute restart scripts on renewal.

certmonger now has the ability to execute a script when it renews a
certificate. This can be used to automatically restart servers so
the certificate doesn't expire in the running server.

https://fedorahosted.org/freeipa/ticket/2050
---
 install/restart_scripts/Makefile.am    | 15 +++++++++++++++
 install/restart_scripts/README         |  2 ++
 install/restart_scripts/restart_dirsrv | 13 +++++++++++++
 install/restart_scripts/restart_httpd  |  7 +++++++
 4 files changed, 37 insertions(+)
 create mode 100644 install/restart_scripts/Makefile.am
 create mode 100644 install/restart_scripts/README
 create mode 100644 install/restart_scripts/restart_dirsrv
 create mode 100644 install/restart_scripts/restart_httpd

(limited to 'install/restart_scripts')

diff --git a/install/restart_scripts/Makefile.am b/install/restart_scripts/Makefile.am
new file mode 100644
index 000000000..abc066b30
--- /dev/null
+++ b/install/restart_scripts/Makefile.am
@@ -0,0 +1,15 @@
+NULL =
+
+appdir = $(libdir)/ipa/certmonger
+app_DATA =                              \
+	restart_dirsrv			\
+	restart_httpd			\
+	$(NULL)
+
+EXTRA_DIST =                            \
+        $(app_DATA)                     \
+        $(NULL)
+
+MAINTAINERCLEANFILES =                  \
+        *~                              \
+        Makefile.in
diff --git a/install/restart_scripts/README b/install/restart_scripts/README
new file mode 100644
index 000000000..64ad8b43e
--- /dev/null
+++ b/install/restart_scripts/README
@@ -0,0 +1,2 @@
+This directory contains scripts to be used by the command (-C) option
+of certmonger to restart services when the certificates are renewed.
diff --git a/install/restart_scripts/restart_dirsrv b/install/restart_scripts/restart_dirsrv
new file mode 100644
index 000000000..e243583f9
--- /dev/null
+++ b/install/restart_scripts/restart_dirsrv
@@ -0,0 +1,13 @@
+#!/usr/bin/python -E
+import sys
+from ipapython import services as ipaservices
+
+try:
+    instance = sys.argv[1]
+except IndexError:
+    instance = ""
+
+try:
+    ipaservices.knownservices.dirsrv.restart(instance)
+except Exception, e:
+    print "Cannot restart dirsrv (instance: '%s'): %s" % (instance, str(e))
diff --git a/install/restart_scripts/restart_httpd b/install/restart_scripts/restart_httpd
new file mode 100644
index 000000000..a53ab6e62
--- /dev/null
+++ b/install/restart_scripts/restart_httpd
@@ -0,0 +1,7 @@
+#!/usr/bin/python -E
+from ipapython import services as ipaservices
+
+try:
+    ipaservices.knownservices.httpd.restart()
+except Exception, e:
+    print "Cannot restart httpd: %s" % str(e)
-- 
cgit