[[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
case $1 in
- # for first run, accept host key
+ # For first run, accept host key. Note, known_hosts is saved in /p.
-1)
opt=(-e 'ssh -oStrictHostKeyChecking=no')
;;
f=/a/bin/bash_unpublished/source-state
if [[ -e $f ]]; then
+ # shellcheck source=/a/bin/bash_unpublished/source-state
source $f
fi
case $HOSTNAME in
$MAIL_HOST|bk)
- local_mx=mail.iankelling.org
# ||: is to allow for temporary connection issues.
- rsync ${opt[@]} -ogtL --chown=root:Debian-exim --chmod=640 \
+ rsync "${opt[@]}" -ogtL --chown=root:Debian-exim --chmod=640 \
root@li.iankelling.org:/etc/letsencrypt/live/mail.iankelling.org/{fullchain.pem,privkey.pem} /etc/exim4 ||:
if ! openssl x509 -checkend $(( 60 * 60 * 24 * 3 )) -noout -in /etc/exim4/fullchain.pem; then
echo "$0: error!: cert rsync failed and it will expire in less than 3 days"