From 606724869bdc736e4102c55049f418be01fcb322 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zolt=C3=A1n=20Felleg?= <zoltan.felleg@userrendszerhaz.hu>
Date: Tue, 12 Jul 2022 14:36:16 +0200
Subject: [PATCH] Updated ws.pm (added passwordchange.useribm.hu site).

---
 .../etc/httpd/conf.d/useribm.hu.443.conf.le   | 29 +++++++++++++++++++
 .../usr/local/bin/getletsencrypt.sh           | 25 ++++++++++++----
 2 files changed, 49 insertions(+), 5 deletions(-)

diff --git a/sources/ws.pm/c3d/postinstall/install-data/etc/httpd/conf.d/useribm.hu.443.conf.le b/sources/ws.pm/c3d/postinstall/install-data/etc/httpd/conf.d/useribm.hu.443.conf.le
index 0907477..cd7b221 100644
--- a/sources/ws.pm/c3d/postinstall/install-data/etc/httpd/conf.d/useribm.hu.443.conf.le
+++ b/sources/ws.pm/c3d/postinstall/install-data/etc/httpd/conf.d/useribm.hu.443.conf.le
@@ -6,6 +6,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -49,6 +50,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -66,6 +68,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -83,6 +86,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -101,6 +105,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -112,6 +117,27 @@
     ProxyPassReverse /minicrm http://minicrm.in.useribm.hu:8080/minicrm
 </VirtualHost>
 
+<VirtualHost *:443>
+    ServerName passwordchange.useribm.hu
+    ServerAdmin webadmin@useribm.hu
+    DocumentRoot "/var/www/htdocs.useribm.hu.443"
+
+    SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+
+    <Directory /var/www/htdocs.useribm.hu.443>
+        <RequireAny>
+            Require all granted
+            #Require ip 10.228.0.0/16
+            #Require ip 172.16.223.0/24
+        </RequireAny>
+    </Directory>
+
+    ProxyPass / http://fdc.in.useribm.hu/
+    ProxyPassReverse / http://fdc.in.useribm.hu/
+</VirtualHost>
+
 <VirtualHost *:443>
     ServerName redmine.useribm.hu
     ServerAdmin webadmin@useribm.hu
@@ -119,6 +145,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -137,6 +164,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
@@ -155,6 +183,7 @@
 
     SSLCertificateFile /etc/letsencrypt/live/useribm/fullchain.pem
     SSLCertificateKeyFile /etc/letsencrypt/live/useribm/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
 
     <Directory /var/www/htdocs.useribm.hu.443>
         <RequireAny>
diff --git a/sources/ws.pm/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh b/sources/ws.pm/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh
index e8161fc..44ac05c 100755
--- a/sources/ws.pm/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh
+++ b/sources/ws.pm/c3d/postinstall/install-data/usr/local/bin/getletsencrypt.sh
@@ -1,6 +1,15 @@
 #!/bin/sh
 
 
+# cases are:
+# 1: /etc/letsencrypt does not exist
+# 2: /etc/letsencrypt exists
+# 2.1: /etc/letsencrypt.staging does not exist
+# 2.2: /etc/letsencrypt.staging exists
+# 2.2.1: staging differs from current
+# 2.2.2: staging is the same as current
+
+
 LE_DIRECTORY=/etc/letsencrypt
 OLD_LE_DIRECTORY=/etc/letsencrypt.old
 STAGING_DIRECTORY=/etc/letsencrypt.staging
@@ -25,25 +34,30 @@ cp --archive \
 
 if [ -d $LE_DIRECTORY ]
 then
+    # case 2
     if [ -d $STAGING_DIRECTORY ]
     then
+        # case 2.2
         diff --brief --recursive $STAGING_DIRECTORY $TMP_DIRECTORY
-        DIFFERING=$?
-        if [ $DIFFERING -eq 0 ]
+        DIFFERS=$?
+        if [ $DIFFERS -eq 0 ]
         then
+            # case 2.2.2
             rm --force --recursive $OLD_LE_DIRECTORY
             rm --force --recursive $TMP_DIRECTORY
             mv $LE_DIRECTORY $OLD_LE_DIRECTORY
             mv $STAGING_DIRECTORY $LE_DIRECTORY
-            systemctl restart httpd
+            systemctl restart httpd.service
         else
+            # case 2.2.1
             rm --force --recursive $STAGING_DIRECTORY
             mv $TMP_DIRECTORY $STAGING_DIRECTORY
         fi
     else
+        # case 2.1
         diff --brief --recursive $LE_DIRECTORY $TMP_DIRECTORY
-        DIFFERING=$?
-        if [ $DIFFERING -eq 0 ]
+        DIFFERS=$?
+        if [ $DIFFERS -eq 0 ]
         then
             rm --force --recursive $TMP_DIRECTORY
         else
@@ -51,5 +65,6 @@ then
         fi
     fi
 else
+    # case 1
     mv $TMP_DIRECTORY $LE_DIRECTORY
 fi
-- 
2.54.0