From 7eb111136453d0e8d8451d7dd85ba9892318f294 Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Mon, 28 Oct 2024 22:14:59 -0400
Subject: acme/nginx/asterisk fixes

---
 scripts/hostclass/asterisk_server          | 8 ++++----
 scripts/hostclass/authoritative_nameserver | 4 ++--
 scripts/hostclass/public_webserver         | 8 +++-----
 3 files changed, 9 insertions(+), 11 deletions(-)

(limited to 'scripts/hostclass')

diff --git a/scripts/hostclass/asterisk_server b/scripts/hostclass/asterisk_server
index fe10f51..dcd2675 100644
--- a/scripts/hostclass/asterisk_server
+++ b/scripts/hostclass/asterisk_server
@@ -54,23 +54,23 @@ install_directory -o "$asterisk_user" -g "$asterisk_user" -m 0755 "$asterisk_db_
 install_file -m 0644 \
   "${asterisk_conf_dir}/extensions.conf" \
   "${asterisk_conf_dir}/logger.conf" \
-  "${asterisk_conf_dir}/queues.conf" \
   "${asterisk_conf_dir}/voicemail.conf"
 
 install_template -m 0644 \
   "${asterisk_conf_dir}/voicemail.conf" \
   "${asterisk_conf_dir}/pjsip.conf" \
+  "${asterisk_conf_dir}/queues.conf" \
   "${asterisk_conf_dir}/rtp.conf"
 
-install_template -m 0640 \
+install_template -m 0640 -g "$asterisk_user" \
   "${asterisk_conf_dir}/pjsip_wizard.conf"
 
 # Acquire public TLS certificate.
 install_template -m 0600 /usr/local/etc/sudoers.d/acme
 acme_install_certificate \
-  -c "$asterisk_public_tls_cert" \
-  -k "$asterisk_public_tls_key" \
+  -g "$asterisk_user" \
   -r 'sudo service asterisk reload' \
+  asterisk \
   "$asterisk_public_fqdn"
 
 # Enable and start asterisk.
diff --git a/scripts/hostclass/authoritative_nameserver b/scripts/hostclass/authoritative_nameserver
index 69a7dde..0b7e73f 100644
--- a/scripts/hostclass/authoritative_nameserver
+++ b/scripts/hostclass/authoritative_nameserver
@@ -18,8 +18,8 @@ install_template -m 0644 /usr/local/etc/nsd/nsd.conf
 
 # Copy zone files.
 for zone in $nsd_zones; do
-  eval "zone_name=\${nsd_${zone}_zone}"
-  install_file -m 0644 "${nsd_conf_dir}/${zone_name}.zone"
+  eval "_domain=\${nsd_${zone}_domain}"
+  install_file -m 0644 "${nsd_conf_dir}/${_domain}.zone"
 done
 
 # Enable and start nsd.
diff --git a/scripts/hostclass/public_webserver b/scripts/hostclass/public_webserver
index 721cbfc..3877313 100644
--- a/scripts/hostclass/public_webserver
+++ b/scripts/hostclass/public_webserver
@@ -27,14 +27,12 @@ service nginx restart
 
 # Acquire public TLS certificates.
 install_template -m 0600 /usr/local/etc/sudoers.d/acme
-for cert in $acme_certs; do
-  eval "acme_domains=\${acme_${cert}_domains}"
+for certname in $acme_certs; do
+  eval "acme_domains=\${acme_${certname}_domains}"
   acme_install_certificate \
-    -C "${acme_cert_dir}/${cert}.ca.crt" \
-    -c "${acme_cert_dir}/${cert}.crt" \
-    -k "${acme_cert_dir}/${cert}.key" \
     -g "$nginx_user" \
     -r 'sudo service nginx reload' \
+    "$certname" \
     $acme_domains
 done
 
-- 
cgit v1.2.3