HEX
Server: Apache
System: Linux eisbus 6.8.12-9-pve #1 SMP PREEMPT_DYNAMIC PMX 6.8.12-9 (2025-03-16T19:18Z) x86_64
User: www-data (33)
PHP: 8.2.29
Disabled: NONE
$ pwd: /lib/inithooks/firstboot.d/
Upload Files
File: //lib/inithooks/firstboot.d/15regen-sslcert
#!/bin/bash -e
# Regenerate self-signed TLS/SSL cert & key

[[ -n "$_TURNKEY_INIT" ]] && exit 0

[[ -e $INITHOOKS_CONF ]] && . $INITHOOKS_CONF

_hook=$(basename $0)

fatal() { echo "FATAL: [$_hook] $@" 1>&2 ; exit 1 ; }
info() { echo "INFO: [$_hook] $@" ; }

# Check for 'turnkey-make-ssl-cert' - should be provided by
# turnkey-ssl package.
turnkey_make_ssl_cert=$(which turnkey-make-ssl-cert) \
    || fatal "turnkey-make-ssl-cert executable not found."

# As of v17.0 a predefined 4096 bits default dhparams file is provided. Please
# see https://github.com/turnkeylinux/tracker/issues/1653 for more info.
info "Generating SSL/TLS cert & key."
$turnkey_make_ssl_cert --default --force

# Restart relevant services
SERVICES="\
    nginx
    apache2
    lighttpd
    tomcat9"

info "Restarting relevant services."
for service in $SERVICES; do
    service="${service}.service"
    if systemctl list-units --full --all | grep -Fq $service; then
        info "$service found; (re)starting..."
        if systemctl is-active --quiet $service; then
            systemctl restart --quiet $service
        else
            systemctl start --quiet $service
        fi
    fi
done

# final tidy up
update-ca-certificates

exit 0
@ Telegram