58 lines
1.6 KiB
Bash
Executable File
58 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
CERTDIR=/etc/nginx/conf.d
|
|
RELOAD="/tmp/nginx.reload"
|
|
|
|
if [ "$1" == "certbot" ]; then
|
|
echo "! WARNING - untested"
|
|
|
|
CERTFILE=${CERTDIR}/certbot-cert.ssl
|
|
[ -r ${CERTFILE} ] || exit 1
|
|
[ -d ${CERTDIR}/ssl/letsencrypt ] || mkdir ${CERTDIR}/ssl/letsencrypt
|
|
|
|
cat ${CERTFILE} | while read line; do
|
|
echo " - line is [${line}]"
|
|
LEGO_ACCOUNT_EMAIL=$(echo ${line} | cut -d':' -f 1)
|
|
DOMAINS=$(echo ${line} | cut -d':' -f 2)
|
|
LEGO_CERT_DOMAIN=(${DOMAINS//,/ })
|
|
|
|
LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set}
|
|
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:? LEGO_CERT_DOMAIN not set}
|
|
|
|
LEGO_CERT_DOMAIN=(${LEGO_CERT_DOMAIN[@]/#/-d })
|
|
|
|
certbot certonly --webroot --config-dir ${CERTDIR}/ssl/letsencrypt/ -w /tmp --agree-tos --email ${LEGO_ACCOUNT_EMAIL} -n${LEGO_CERT_DOMAIN}
|
|
touch ${RELOAD}
|
|
done
|
|
|
|
|
|
elif [ "$1" == "lego" ]; then
|
|
CERTFILE=${CERTDIR}/lego-cert.ssl
|
|
[ -r ${CERTFILE} ] || exit 1
|
|
[ -d ${CERTDIR}/ssl/lego ] || mkdir ${CERTDIR}/ssl/lego
|
|
|
|
TLS_PORT=444
|
|
|
|
cat ${CERTFILE} | while read line; do
|
|
echo " - line is [${line}]"
|
|
LEGO_ACCOUNT_EMAIL=$(echo ${line} | cut -d':' -f 1)
|
|
DOMAINS=$(echo ${line} | cut -d':' -f 2)
|
|
LEGO_CERT_DOMAIN=(${DOMAINS//,/ })
|
|
|
|
LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set}
|
|
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:? LEGO_CERT_DOMAIN not set}
|
|
|
|
LEGO_CERT_DOMAIN=(${LEGO_CERT_DOMAIN[@]/#/-d })
|
|
|
|
lego -m ${LEGO_ACCOUNT_EMAIL} ${LEGO_CERT_DOMAIN[@]} --path ${CERTDIR}/ssl/lego -a --tls --tls.port :${TLS_PORT} run && touch ${RELOAD}
|
|
done
|
|
|
|
else
|
|
echo "! ERROR: Unknown certbot method [$1]"
|
|
fi
|
|
|
|
if [ -r ${RELOAD} ]; then
|
|
echo "Reloading NGINX"
|
|
/usr/sbin/nginx -s reload
|
|
rm -f ${RELOAD}
|
|
fi
|