mirror of
https://github.com/GrapheneOS/infrastructure.git
synced 2025-11-15 21:07:34 -05:00
36 lines
626 B
Bash
Executable file
36 lines
626 B
Bash
Executable file
#!/bin/bash
|
|
|
|
set -o errexit -o nounset -o pipefail
|
|
|
|
cd /etc/session-ticket-keys
|
|
|
|
exec {fd}>sync-lock
|
|
flock $fd
|
|
|
|
if [[ -f synced ]]; then
|
|
echo skipping rotation due to sync
|
|
rm synced
|
|
exit 0
|
|
fi
|
|
|
|
rsync -tI 2.key 1.key
|
|
rsync -tI 3.key 2.key
|
|
rsync -tI 4.key 3.key
|
|
rsync -tI next.key 4.key
|
|
head -c 80 </dev/random >tmp.key
|
|
mv tmp.key next.key
|
|
|
|
cat next.key {1..4}.key > keys.new
|
|
mv keys.new keys
|
|
|
|
status=0
|
|
|
|
if systemctl is-active --quiet nginx.service; then
|
|
nginx -s reload || status=1
|
|
fi
|
|
|
|
if systemctl is-active --quiet dnsdist.service; then
|
|
dnsdist -c -e 'reloadAllCertificates()' || status=1
|
|
fi
|
|
|
|
exit $status
|