Lots of logging

2022-09-10 11:28:27 -06:00 · 2022-09-10 11:28:27 -06:00 · 00a0fdfbc8
parent 74afeb08b4
commit 00a0fdfbc8
1 changed files with 8 additions and 5 deletions
--- a/back/lib/ssl_peer_add
+++ b/back/lib/ssl_peer_add
@ -37,7 +37,7 @@ ipstring="${3}"
 printf 'Signing SSL certs for %s.%s.%s...\n' "${hostname}" "${username}" "${TLD}" >>"${LOGFILE}"

 # Generate key
-if ! sudo /usr/bin/openssl genrsa -out "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" >/dev/null 2>&1; then
+if ! sudo /usr/bin/openssl genrsa -out "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" >>"${LOGFILE}" 2>&1; then
 	printf 'Failed to generate SSL key %s/%s/server.key\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
@ -45,7 +45,7 @@ if ! [ -f "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" ]; then
 	printf 'SSL key %s/%s/server.key was not generated!\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
-if ! sudo chmod 400 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key"; then
+if ! sudo chmod 400 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key" >>"${LOGFILE}" 2>&1; then
 	printf 'Failed to chmod SSL key %s/%s/server.key\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
@ -66,7 +66,7 @@ if ! sudo /usr/bin/openssl req -new -sha256 -reqexts SAN \
 	-out "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" \
 	-config "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" \
 	-subj "/O=${SSL_ORG}/OU=${username}/CN=${hostname}.${username}.${TLD}" \
-	>/dev/null 2>&1; then
+	 >>"${LOGFILE}" 2>&1; then
 		printf 'Failed to generate %s/%s.cnf\n' "${username}" "${hostname}" >>"${LOGFILE}"
 		exit 7
 fi
@ -78,7 +78,7 @@ if ! sudo /usr/bin/openssl x509 -req -sha256 -extensions SAN -CAcreateserial \
 	-CA "${SSL_CA_CERT}" -CAkey "${SSL_CA_KEY}" \
 	-passin "pass:${SSL_CA_PASS}" \
 	-out "${SSL_CONFIG_DIR}/${username}/${hostname}/server.crt" \
-	-days "${SSL_DAYS}" >/dev/null 2>&1; then
+	-days "${SSL_DAYS}"  >>"${LOGFILE}" 2>&1; then
 		printf 'Failed to generate SSL cert %s/%s/server.crt\n' "${username}" "${hostname}" >>"${LOGFILE}"
 		exit 7
 fi
@ -92,6 +92,9 @@ if ! sudo chmod 644 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.crt"; then
 fi

 # Remove old files
-if sudo rm "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" 2>/dev/null
+if ! sudo rm "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" 2>/dev/null; then
+	printf 'Failed to remove old SSL config files %s/%s/%s.cnf\n' "${SSL_CONFIG_DIR}" "${username}" "${hostname}" >>"${LOGFILE}"
+	exit 7
+fi

 printf 'SSL certs for %s.%s.%s are ready\n' "${hostname}" "${username}" "${TLD}" >>"${LOGFILE}"