fixes/security

2026-05-31 09:35:54 +02:00
parent 85cf6f5533
commit 11b13cd326
17 changed files with 31 additions and 49 deletions
@@ -1,32 +0,0 @@
-#!/bin/sh
-set -e
-
-# The location your renewal tool places your certificates.
-CERT_DIR="/etc/letsencrypt/live/irc.secretbee.buzz"
-
-# The location of the InspIRCd config directory.
-INSPIRCD_CONFIG_DIR="/etc/inspircd"
-
-# The location of the InspIRCd pid file.
-INSPIRCD_PID_FILE="/var/run/inspircd/inspircd.pid"
-
-# The user:group that owns the inspircd config directory on the host.
-INSPIRCD_OWNER="root:root"
-
-if [ -e ${CERT_DIR} -a -e ${INSPIRCD_CONFIG_DIR} ]
-then
-    cp "${CERT_DIR}/fullchain.pem" "${INSPIRCD_CONFIG_DIR}/cert.pem"
-    cp "${CERT_DIR}/privkey.pem" "${INSPIRCD_CONFIG_DIR}/key.pem"
-    chown ${INSPIRCD_OWNER} "${INSPIRCD_CONFIG_DIR}/cert.pem" "${INSPIRCD_CONFIG_DIR}/key.pem"
-
-    if podman container exists inspircd 2>/dev/null
-    then
-        podman kill --signal USR1 inspircd
-    elif [ -r ${INSPIRCD_PID_FILE} ]
-    then
-        kill -USR1 $(cat ${INSPIRCD_PID_FILE})
-    elif [ -d /lib/systemd ] && systemctl --quiet is-active inspircd
-    then
-        systemctl kill --signal USR1 inspircd
-    fi
-fi
@@ -18,18 +18,6 @@
        - matrix.secretbee.buzz
        - gallery.secretbee.buzz

-    - name: Add post hook script
-      ansible.builtin.copy:
-        src: irc-post-hook.sh
-        dest: /opt/beeserver/irc-post-hook.sh
-        owner: root
-        group: root
-        mode: '0755'
-
-    - name: Renew for post hook
-      changed_when: true
-      ansible.builtin.command: certbot renew --cert-name irc.secretbee.buzz --deploy-hook /opt/beeserver/irc-post-hook.sh --force-renewal
-
    - name: Change permission on live
      ansible.builtin.file:
        path: /etc/letsencrypt/live/
@@ -1,7 +0,0 @@
-#!/bin/sh
-set -e
-
-if podman container exists nginx 2>/dev/null
-then
-    podman kill --signal HUP nginx
-fi