Andrey
16c254510a
Refactor README, architecture, and backup documentation to emphasize the use of Vaultwarden for credential management across various services. Update scripts for Nextcloud, Gitea, Paperless, and others to reference Vaultwarden for sensitive information. Remove outdated references to previous backup strategies and ensure clarity on credential retrieval processes. This improves security practices and streamlines backup operations.
27 lines
779 B
Bash
27 lines
779 B
Bash
#!/bin/bash
|
|
# Pre-hook для certbot: проверка beget.ini перед renew
|
|
# Путь: /etc/letsencrypt/renewal-hooks/pre/check-beget-credentials.sh
|
|
# При отсутствии файла или неверных правах — exit 1, certbot не выполнит renew.
|
|
|
|
BEGET_INI="/root/.secrets/certbot/beget.ini"
|
|
|
|
if [ ! -f "$BEGET_INI" ]; then
|
|
echo "check-beget-credentials: $BEGET_INI not found" >&2
|
|
exit 1
|
|
fi
|
|
|
|
mode=$(stat -c '%a' "$BEGET_INI" 2>/dev/null)
|
|
owner=$(stat -c '%u' "$BEGET_INI" 2>/dev/null)
|
|
|
|
if [ "$mode" != "600" ]; then
|
|
echo "check-beget-credentials: $BEGET_INI has mode $mode, expected 600" >&2
|
|
exit 1
|
|
fi
|
|
|
|
if [ "$owner" != "0" ]; then
|
|
echo "check-beget-credentials: $BEGET_INI owner $owner, expected root (0)" >&2
|
|
exit 1
|
|
fi
|
|
|
|
exit 0
|