-
-
Notifications
You must be signed in to change notification settings - Fork 18
Expand file tree
/
Copy pathsession-ticket-keys-sync
More file actions
executable file
·44 lines (33 loc) · 1.16 KB
/
session-ticket-keys-sync
File metadata and controls
executable file
·44 lines (33 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
#!/bin/bash
set -o errexit -o nounset -o pipefail
status=0
cd /etc/tls/session-ticket-keys
if [[ ! -f syncing ]]; then
for mirror in $(cat /etc/mirrors); do
echo
echo Syncing from $mirror
echo
ssh $mirror "bash -c [[ -f /etc/tls/session-ticket-keys/synced ]]" || continue
rm -rf sync
mkdir sync
rsync -aI $mirror:/etc/tls/session-ticket-keys/{{next,1,2,3,4}.key,keys} sync/ || continue
rsync -aIv sync/{{next,1,2,3,4}.key,keys} . || continue
rm -r sync
if systemctl is-active --quiet nginx.service; then
systemctl reload nginx || true
fi
if systemctl is-active --quiet dnsdist.service; then
dnsdist -c -e 'reloadAllCertificates()' || true
fi
touch syncing
break
done
fi
for mirror in $(cat /etc/mirrors); do
echo
echo Syncing to $mirror
echo
ssh $mirror "rm -rf /etc/tls/session-ticket-keys/sync && mkdir /etc/tls/session-ticket-keys/sync" || continue
rsync -aI {{next,1,2,3,4}.key,keys} $mirror:/etc/tls/session-ticket-keys/sync || continue
ssh $mirror session-ticket-keys-sync-deploy || continue
done