From 6094f35b5aea86b80e761302f83dc8c09a52b63b Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Fri, 19 Jan 2024 06:10:26 +0000
Subject: [PATCH] core183: generate new rsa before apache start

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 config/rootfiles/core/183/update.sh | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/config/rootfiles/core/183/update.sh b/config/rootfiles/core/183/update.sh
index 5930ad3242..51483bb7da 100644
--- a/config/rootfiles/core/183/update.sh
+++ b/config/rootfiles/core/183/update.sh
@@ -119,15 +119,6 @@ ldconfig
 chmod -v 750 /etc/sudoers.d
 chmod -v 640 /etc/sudoers.d/*
 
-# Start services
-/etc/rc.d/init.d/apache start
-if grep -q "ENABLE_SSH=on" /var/ipfire/remote/settings; then
-	/etc/init.d/sshd start
-fi
-if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
-	/etc/rc.d/init.d/ipsec start
-fi
-
 # Check apache rsa key and replace if it is too small
 KEYSIZE=$(openssl rsa -in /etc/httpd/server.key -text -noout | sed -n 's/Private-Key:\ (\(.*\)\ bit.*/\1/p')
 if [ $KEYSIZE \< 2048 ]; then
@@ -143,6 +134,16 @@ if [ $KEYSIZE \< 2048 ]; then
 		-out /etc/httpd/server.crt &>/dev/null
 fi
 
+# Start services
+/etc/rc.d/init.d/apache start
+if grep -q "ENABLE_SSH=on" /var/ipfire/remote/settings; then
+	/etc/init.d/sshd start
+fi
+if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+	/etc/rc.d/init.d/ipsec start
+fi
+
+
 # Rebuild initial ramdisks
 dracut --regenerate-all --force
 KVER="xxxKVERxxx"
-- 
2.39.5