Update lego and enabled run to register certificates

This commit is contained in:
Deon George 2021-02-03 10:25:11 +11:00
parent 1eae86dc9e
commit 940d683837
2 changed files with 17 additions and 2 deletions

View File

@ -14,7 +14,7 @@ RUN apt-get update && apt-get install python3-certbot-dns-cloudflare -yy \
&& rm -rf /var/lib/apt/lists/* /tmp/* && rm -rf /var/lib/apt/lists/* /tmp/*
# Add acme-lego Certbot # Add acme-lego Certbot
RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.1.3/lego_v4.1.3_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf - RUN curl -sL https://github.com/go-acme/lego/releases/download/v4.2.0/lego_v4.2.0_linux_amd64.tar.gz | tar -C /usr/local/sbin -xzf -
#RUN cd /usr/local/sbin && \ #RUN cd /usr/local/sbin && \
# curl -O https://dl.eff.org/certbot-auto && \ # curl -O https://dl.eff.org/certbot-auto && \

View File

@ -15,6 +15,7 @@ elif [ "$1" == "lego" ]; then
echo " - line is [${line}]" echo " - line is [${line}]"
LEGO_ACCOUNT_EMAIL=$(echo ${line} | cut -d':' -f 1) LEGO_ACCOUNT_EMAIL=$(echo ${line} | cut -d':' -f 1)
DOMAINS=$(echo ${line} | cut -d':' -f 2) DOMAINS=$(echo ${line} | cut -d':' -f 2)
DNS=$(echo ${line} | cut -d':' -f 3)
LEGO_CERT_DOMAIN=(${DOMAINS//,/ }) LEGO_CERT_DOMAIN=(${DOMAINS//,/ })
LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set} LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set}
@ -22,7 +23,21 @@ elif [ "$1" == "lego" ]; then
LEGO_CERT_DOMAIN=(${LEGO_CERT_DOMAIN[@]/#/-d }) LEGO_CERT_DOMAIN=(${LEGO_CERT_DOMAIN[@]/#/-d })
lego --email="${LEGO_ACCOUNT_EMAIL}" ${LEGO_CERT_DOMAIN[@]} --path ${CERTDIR}/ssl/lego --tls --tls.port :${TLS_PORT} renew --renew-hook="touch $RELOAD" if [ ${DNS} == 'cloudflare' ]; then
DNS=$(echo ${line} | cut -d':' -f 3)
export CLOUDFLARE_EMAIL=$(echo ${line} | cut -d':' -f 4)
export CF_DNS_API_TOKEN=$(echo ${line} | cut -d':' -f 5)
LEGO_DNS="--dns cloudflare"
else
:
fi
if [ "$2" == "run" ]; then
lego ${LEGO_DNS} --email="${LEGO_ACCOUNT_EMAIL}" ${LEGO_CERT_DOMAIN[@]} --path ${CERTDIR}/ssl/lego --tls --tls.port :${TLS_PORT} run --run-hook="touch $RELOAD"
else
lego ${LEGO_DNS} --email="${LEGO_ACCOUNT_EMAIL}" ${LEGO_CERT_DOMAIN[@]} --path ${CERTDIR}/ssl/lego --tls --tls.port :${TLS_PORT} renew --renew-hook="touch $RELOAD"
fi
done done
if [ -r ${RELOAD} ]; then if [ -r ${RELOAD} ]; then