vanbroup · March 15, 2021 13:30
diff --git a/create-cache-config-crl.sh b/create-cache-config-crl.sh
 # make sure that this script runs with the time zone GMT
 export TZ=GMT

 config="crl-cache-headers.conf"

 # swap the root directy every reload to make sure that
 # the config alines with the files actually served
 curdir=`cat lastroot.txt`
 newdir=`expr $curdir + 1`
 olddir=`expr $curdir - 1`

 rm -rf dir$olddir
 mkdir -p dir$newdir

 # clear config
 echo "" > $config

 # loop all crls
 for crl in *.crl
 do
  if [ ! -f $crl ]; then
    echo "CRL file not found ($crl), please check input directory"
    continue
  fi

  # get lastupdate and nextupdate from crl and transform to required format
  LASTUPDATE=`openssl crl -inform der -noout -lastupdate -in $crl | awk -F'=' '{ print $2 }'`
  NEXTUPDATE=`openssl crl -inform der -noout -nextupdate -in $crl | awk -F'=' '{ print $2 }'`
  CRLNUMBER=`openssl crl -inform der -noout -crlnumber -in $crl | awk -F'=' '{ print $2 }'`
  NXTUPD=`date --date="$NEXTUPDATE" "+%a, %d %b %Y %T GMT"`
  LSTUPD=`date --date="$LASTUPDATE" "+%a, %d %b %Y %T GMT"`

  # set the correct last modified date on disk
  touch -m -t `date --date="$LASTUPDATE" "+%Y%m%d%H%M.%S"` $crl

  # move file to newdir
  mv $crl dir$newdir

  # add file to cache config
  echo "location /gs/$crl {" >> $config
  echo "    root dir$newdir;" >> $config
  echo "    expires off;" >> $config
  echo "    add_header ETag \"$CRLNUMBER\";" >> $config
  echo "    add_header Expires \"$NXTUPD\";" >> $config
  echo "    add_header Last-Modified \"$LSTUPD\";" >> $config
  echo "    add_header Cache-Control \"public, no-transform, must-revalidate, s-maxage=3600\";" >> $config
  echo "}" >> $config
 done

 echo $newdir > lastroot.txt
	# make sure that this script runs with the time zone GMT
	export TZ=GMT

	config="crl-cache-headers.conf"

	# swap the root directy every reload to make sure that
	# the config alines with the files actually served
	curdir=`cat lastroot.txt`
	newdir=`expr $curdir + 1`
	olddir=`expr $curdir - 1`

	rm -rf dir$olddir
	mkdir -p dir$newdir

	# clear config
	echo "" > $config

	# loop all crls
	for crl in *.crl
	do
	if [ ! -f $crl ]; then
	echo "CRL file not found ($crl), please check input directory"
	continue
	fi

	# get lastupdate and nextupdate from crl and transform to required format
	LASTUPDATE=`openssl crl -inform der -noout -lastupdate -in $crl \| awk -F'=' '{ print $2 }'`
	NEXTUPDATE=`openssl crl -inform der -noout -nextupdate -in $crl \| awk -F'=' '{ print $2 }'`
	CRLNUMBER=`openssl crl -inform der -noout -crlnumber -in $crl \| awk -F'=' '{ print $2 }'`
	NXTUPD=`date --date="$NEXTUPDATE" "+%a, %d %b %Y %T GMT"`
	LSTUPD=`date --date="$LASTUPDATE" "+%a, %d %b %Y %T GMT"`

	# set the correct last modified date on disk
	touch -m -t `date --date="$LASTUPDATE" "+%Y%m%d%H%M.%S"` $crl

	# move file to newdir
	mv $crl dir$newdir

	# add file to cache config
	echo "location /gs/$crl {" >> $config
	echo " root dir$newdir;" >> $config
	echo " expires off;" >> $config
	echo " add_header ETag \"$CRLNUMBER\";" >> $config
	echo " add_header Expires \"$NXTUPD\";" >> $config
	echo " add_header Last-Modified \"$LSTUPD\";" >> $config
	echo " add_header Cache-Control \"public, no-transform, must-revalidate, s-maxage=3600\";" >> $config
	echo "}" >> $config
	done

	echo $newdir > lastroot.txt