Fix ShellCheck errors: remove local outside functions, fix openssl redirections, unquote loop var
This commit is contained in:
@@ -279,8 +279,8 @@ geoip2 /usr/share/GeoIP/GeoLite2-City.mmdb {
|
||||
fi
|
||||
|
||||
# Collect server_name values from nginx configs to build same-site referer map
|
||||
local REFERER_ENTRIES=""
|
||||
local _jsc_domain_seen=()
|
||||
REFERER_ENTRIES=""
|
||||
_jsc_domain_seen=()
|
||||
for _conf in /etc/nginx/conf.d/*.conf /etc/nginx/sites-enabled/*; do
|
||||
[[ -f "$_conf" ]] || continue
|
||||
while read -r _sn; do
|
||||
@@ -289,7 +289,7 @@ fi
|
||||
_d="${_d%;}"
|
||||
[[ " ${_jsc_domain_seen[*]:-} " == *" $_d "* ]] && continue
|
||||
_jsc_domain_seen+=("$_d")
|
||||
local _d_escaped="${_d//./\\.}"
|
||||
_d_escaped="${_d//./\\.}"
|
||||
REFERER_ENTRIES+=" ~^1:https?://${_d_escaped} 1;\n"
|
||||
done
|
||||
done < <(grep -oP '^\s*server_name\s+\K[^;]+;?' "$_conf" 2>/dev/null)
|
||||
|
||||
@@ -117,10 +117,10 @@ fetch_cert() {
|
||||
local host="$1" port="$2" pem_file
|
||||
pem_file="${CERT_TMP}/${host}_${port}.pem"
|
||||
verbose "Fetching certificate from ${host}:${port}"
|
||||
if echo | timeout "${CONNECT_TIMEOUT}" openssl s_client \
|
||||
if timeout "${CONNECT_TIMEOUT}" openssl s_client \
|
||||
-connect "${host}:${port}" \
|
||||
-servername "${host}" \
|
||||
-showcerts </dev/null 2>/dev/null \
|
||||
-showcerts < /dev/null 2>/dev/null \
|
||||
| openssl x509 -outform PEM > "${pem_file}" 2>/dev/null; then
|
||||
if [[ -s "${pem_file}" ]]; then
|
||||
echo "${pem_file}"
|
||||
@@ -134,11 +134,11 @@ fetch_cert() {
|
||||
fetch_chain() {
|
||||
local host="$1" port="$2" chain_file
|
||||
chain_file="${CERT_TMP}/${host}_${port}_chain.pem"
|
||||
echo | timeout "${CONNECT_TIMEOUT}" openssl s_client \
|
||||
timeout "${CONNECT_TIMEOUT}" openssl s_client \
|
||||
-connect "${host}:${port}" \
|
||||
-servername "${host}" \
|
||||
-showcerts </dev/null 2>"${CERT_TMP}/s_client_err.txt" \
|
||||
> "${chain_file}" 2>/dev/null || true
|
||||
-showcerts < /dev/null 2>"${CERT_TMP}/s_client_err.txt" \
|
||||
> "${chain_file}" || true
|
||||
if [[ -s "${chain_file}" ]]; then
|
||||
echo "${chain_file}"
|
||||
fi
|
||||
|
||||
@@ -367,8 +367,8 @@ geoip2 /usr/share/GeoIP/GeoLite2-City.mmdb {
|
||||
fi
|
||||
|
||||
# Collect server_name values from nginx configs to build same-site referer map
|
||||
local REFERER_ENTRIES=""
|
||||
local _jsc_domain_seen=()
|
||||
REFERER_ENTRIES=""
|
||||
_jsc_domain_seen=()
|
||||
for _conf in /etc/nginx/conf.d/*.conf /etc/nginx/sites-enabled/*; do
|
||||
[[ -f "$_conf" ]] || continue
|
||||
while read -r _sn; do
|
||||
@@ -377,7 +377,7 @@ fi
|
||||
_d="${_d%;}"
|
||||
[[ " ${_jsc_domain_seen[*]:-} " == *" $_d "* ]] && continue
|
||||
_jsc_domain_seen+=("$_d")
|
||||
local _d_escaped="${_d//./\\.}"
|
||||
_d_escaped="${_d//./\\.}"
|
||||
REFERER_ENTRIES+=" ~^1:https?://${_d_escaped} 1;\n"
|
||||
done
|
||||
done < <(grep -oP '^\s*server_name\s+\K[^;]+;?' "$_conf" 2>/dev/null)
|
||||
|
||||
+1
-1
@@ -775,7 +775,7 @@ cmd_status() {
|
||||
echo
|
||||
|
||||
echo -e "# ${BOLD}TLS Certificates${NC}"
|
||||
for d in "$DOMAIN"; do
|
||||
for d in $DOMAIN; do
|
||||
local cert="/etc/letsencrypt/live/${d}/fullchain.pem"
|
||||
if [[ -f "$cert" ]]; then
|
||||
local expiry
|
||||
|
||||
Reference in New Issue
Block a user