letsencrypt: populate old ssl dirs (backwards compat)

provision/haproxy.sh

@@ -289,10 +289,10 @@ PEMSDIR=/data/etc/tls.d
 LOGDIR=/var/log/haproxy
 
 # Create the log path if it doesn't already exist
-[ -d ${LOGDIR} ] || mkdir ${LOGDIR}
+[ -d $LOGDIR ] || mkdir $LOGDIR
 UPDATED=0
 
-cd ${PEMSDIR}
+cd $PEMSDIR
 for pem in *.pem; do
  echo "= $(date)" >> "$LOGDIR/${pem}.log"
 
@@ -318,10 +318,10 @@ for pem in *.pem; do
 done
 
 if [ $UPDATED -gt 0 ]; then
- echo "= $(date) - Updated $UPDATED OCSP responses" >> "${LOGDIR}/${pem}.log"
- service haproxy reload > ${LOGDIR}/service-reload.log 2>&1
+ echo "= $(date) - Updated $UPDATED OCSP responses" >> "$LOGDIR/${pem}.log"
+ service haproxy reload > $LOGDIR/service-reload.log 2>&1
 else
- echo "= $(date) - No updates" >> ${LOGDIR}/${pem}.log
+ echo "= $(date) - No updates" >> $LOGDIR/${pem}.log
 fi
 
 EO_OCSP

provision/letsencrypt.sh

@@ -64,8 +64,8 @@ haproxy_deploy() {
  fi
 
  local _tls_dir="/data/haproxy/etc/tls.d"
- if [ ! -d "$_tls_dir" ]; then
- # legacy dir, pre-2024
+ if [ -d "/data/haproxy/ssl.d" ]; then
+ _debug "using legacy /data/ssl.d (new: /data/etc/tls.d)"
  _tls_dir="/data/haproxy/ssl.d"
  fi
 
@@ -150,7 +150,8 @@ dovecot_deploy() {
  assure_file "$_ccert" || return 2
 
  _ssl_dir="/data/dovecot/etc/tls"
- if [ ! -d "$_ssl_dir" ]; then
+ if [ -d "/data/dovecot/etc/ssl" ]; then
+ _debug "using legacy /data/etc/ssl (new: /data/etc/tls)"
  _ssl_dir="/data/dovecot/etc/ssl"
  fi