From 00a0fdfbc8b60e6bbed462fa34acd2c4859d1d73 Mon Sep 17 00:00:00 2001
From: Keith Irwin <git@ki9.us>
Date: Sat, 10 Sep 2022 11:28:27 -0600
Subject: [PATCH] Lots of logging

---
 back/lib/ssl_peer_add | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/back/lib/ssl_peer_add b/back/lib/ssl_peer_add
index 31329a3..7776304 100755
--- a/back/lib/ssl_peer_add
+++ b/back/lib/ssl_peer_add
@@ -37,7 +37,7 @@ ipstring="${3}"
 printf 'Signing SSL certs for %s.%s.%s...\n' "${hostname}" "${username}" "${TLD}" >>"${LOGFILE}"
 
 # Generate key
-if ! sudo /usr/bin/openssl genrsa -out "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" >/dev/null 2>&1; then
+if ! sudo /usr/bin/openssl genrsa -out "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" >>"${LOGFILE}" 2>&1; then
 	printf 'Failed to generate SSL key %s/%s/server.key\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
@@ -45,7 +45,7 @@ if ! [ -f "${SSL_CONFIG_DIR:?}/${username:?}/${hostname:?}/server.key" ]; then
 	printf 'SSL key %s/%s/server.key was not generated!\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
-if ! sudo chmod 400 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key"; then
+if ! sudo chmod 400 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.key" >>"${LOGFILE}" 2>&1; then
 	printf 'Failed to chmod SSL key %s/%s/server.key\n' "${username}" "${hostname}" >>"${LOGFILE}"
 	exit 7
 fi
@@ -66,7 +66,7 @@ if ! sudo /usr/bin/openssl req -new -sha256 -reqexts SAN \
 	-out "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" \
 	-config "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" \
 	-subj "/O=${SSL_ORG}/OU=${username}/CN=${hostname}.${username}.${TLD}" \
-	>/dev/null 2>&1; then
+	 >>"${LOGFILE}" 2>&1; then
 		printf 'Failed to generate %s/%s.cnf\n' "${username}" "${hostname}" >>"${LOGFILE}"
 		exit 7
 fi
@@ -78,7 +78,7 @@ if ! sudo /usr/bin/openssl x509 -req -sha256 -extensions SAN -CAcreateserial \
 	-CA "${SSL_CA_CERT}" -CAkey "${SSL_CA_KEY}" \
 	-passin "pass:${SSL_CA_PASS}" \
 	-out "${SSL_CONFIG_DIR}/${username}/${hostname}/server.crt" \
-	-days "${SSL_DAYS}" >/dev/null 2>&1; then
+	-days "${SSL_DAYS}"  >>"${LOGFILE}" 2>&1; then
 		printf 'Failed to generate SSL cert %s/%s/server.crt\n' "${username}" "${hostname}" >>"${LOGFILE}"
 		exit 7
 fi
@@ -92,6 +92,9 @@ if ! sudo chmod 644 "${SSL_CONFIG_DIR}/${username}/${hostname}/server.crt"; then
 fi
 
 # Remove old files
-if sudo rm "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" 2>/dev/null
+if ! sudo rm "${SSL_CONFIG_DIR}/${username}/${hostname}.cnf" "${SSL_CONFIG_DIR}/${username}/${hostname}.csr" 2>/dev/null; then
+	printf 'Failed to remove old SSL config files %s/%s/%s.cnf\n' "${SSL_CONFIG_DIR}" "${username}" "${hostname}" >>"${LOGFILE}"
+	exit 7
+fi
 
 printf 'SSL certs for %s.%s.%s are ready\n' "${hostname}" "${username}" "${TLD}" >>"${LOGFILE}"
\ No newline at end of file