From bc000e0bd808cabed45753bdd40bb3e98e0e4c50 Mon Sep 17 00:00:00 2001
From: Alexander Gabriel <alexander.gabriel@digital-infinity.de>
Date: Thu, 16 Jan 2025 20:43:45 +0100
Subject: [PATCH] detect certbot and acme.sh and enable and start path

---
 README.md                |  3 +++
 le-services-restart.path |  3 ++-
 le_services_restart.sh   | 30 ++++++++++++++++++++++++------
 3 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index c299efd..1774f43 100644
--- a/README.md
+++ b/README.md
@@ -25,4 +25,7 @@ Update Domain-Name in files and copy them to:
 Don't forget to:
 ```
 chmod +x /usr/local/bin/le_services_restart.sh
+systemctl enable le-services-restart.path
+systemctl start le-services-restart.path
+
 ```
diff --git a/le-services-restart.path b/le-services-restart.path
index bfdae32..7e71d31 100644
--- a/le-services-restart.path
+++ b/le-services-restart.path
@@ -2,7 +2,8 @@
 Description="Monitor the server certificate files to trigger a services restart after the certificates has been renewed"
 
 [Path]
-PathModified=/root/.acme.sh/server.example.com/
+PathModified=/root/.acme.sh/SERVER.EXAMPLE.COM
+PathModified=/etc/letsencrypt/live/SERVER.EXAMPLE.COM
 Unit=le-services-restart.service
 
 [Install]
diff --git a/le_services_restart.sh b/le_services_restart.sh
index 4878514..4fab16d 100644
--- a/le_services_restart.sh
+++ b/le_services_restart.sh
@@ -8,7 +8,23 @@
 # Short-Description: LE SERVICES CERT AUTO UPDATER
 # Description: Restart services automatically when a new Let's Encrypt certificate is issued.
 ### END INIT INFO
+
 # postfix
+domain=SERVER.EXAMPLE.COM
+certfile=$(mktemp)
+keyfile=$(mktemp)
+
+if [ -e "/etc/letsencrypt/live/$domain/fullchain.pem" ]; then
+    cat /etc/letsencrypt/live/$domain/fullchain.pem > $certfile
+    cat /etc/letsencrypt/live/$domain/privkey.pem > $keyfile
+elif [ -e "/root/.acme.sh/$domain/$domain.cer" ]; then
+    cat /root/.acme.sh/$domain/ca.cer > $certfile
+    cat /root/.acme.sh/$domain/$domain.cer >> $certfile
+    cat /root/.acme.sh/$domain/$domain.key > $keyfile
+else
+    exit 1
+fi
+
 FILE=/etc/postfix/main.cf
 if [ -f "$FILE" ]; then
     systemctl restart influxd
@@ -23,25 +39,27 @@ fi
 # pro-tftp
 FILE=/etc/pure-ftpd/pure-ftpd.conf
 if [ -f "$FILE" ]; then
-    cat /root/.acme.sh/server.example.com/fullchain.pem > /etc/ssl/private/pure-ftpd.pem
-    cat /root/.acme.sh/server.example.com/server.example.com.key >> /etc/ssl/private/pure-ftpd.pem
+    cat $certfile > /etc/ssl/private/pure-ftpd.pem
+    cat $keyfile >> /etc/ssl/private/pure-ftpd.pem
     systemctl restart pure-ftpd-mysql.service
 fi
 
 # influxdb
 FILE=/etc/influxdb/influxdb.pem
 if [ -f "$FILE" ]; then
-    cat /root/.acme.sh/server.example.com/fullchain.pem > /etc/influxdb/influxdb.pem
-    cat /etc/letsencrypt/live/server.example.com/server.example.com.key > /etc/influxdb/influxdb.key
+    cat $certfile > /etc/influxdb/influxdb.pem
+    cat $keyfile > /etc/influxdb/influxdb.key
     systemctl restart influxd
 fi
 
 # coturn
 FILE=/usr/local/etc/turn_server_cert.pem
 if [ -f "$FILE" ]; then
-    cat /root/.acme.sh/server.example.com/fullchain.pem > /usr/local/etc/turn_server_cert.pem
-    cat /etc/letsencrypt/live/server.example.com/server.example.com.key > /usr/local/etc/turn_server_pkey.pem
+    cat $certfile > /usr/local/etc/turn_server_cert.pem
+    cat $keyfile > /usr/local/etc/turn_server_pkey.pem
     chown turnserver /usr/local/etc/turn_server*
     systemctl restart coturn
 fi
 
+rm $certfile
+rm $keyfile
\ No newline at end of file