52 lines
1.5 KiB
Bash
Executable File
52 lines
1.5 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
if [ "$1" == "certbot" ]; then
|
|
certbot renew -q --config-dir /etc/nginx/conf.d/ssl/letsencrypt/ --renew-hook "/usr/sbin/nginx -s reload"
|
|
|
|
elif [ "$1" == "lego" ]; then
|
|
CERTDIR=/etc/nginx/conf.d
|
|
CERTFILE=${CERTDIR}/lego-cert.ssl
|
|
RELOAD="/tmp/nginx.reload"
|
|
TLS_PORT=444
|
|
|
|
[ -r ${CERTFILE} ] || exit 1
|
|
|
|
cat ${CERTFILE} | while read line; do
|
|
echo " - line is [${line}]"
|
|
LEGO_ACCOUNT_EMAIL=$(echo ${line} | cut -d':' -f 1)
|
|
DOMAINS=$(echo ${line} | cut -d':' -f 2)
|
|
DNS=$(echo ${line} | cut -d':' -f 3)
|
|
LEGO_CERT_DOMAIN=(${DOMAINS//,/ })
|
|
|
|
LEGO_ACCOUNT_EMAIL=${LEGO_ACCOUNT_EMAIL:? LEGO_ACCOUNT_EMAIL not set}
|
|
LEGO_CERT_DOMAIN=${LEGO_CERT_DOMAIN:? LEGO_CERT_DOMAIN not set}
|
|
|
|
LEGO_CERT_DOMAIN=(${LEGO_CERT_DOMAIN[@]/#/-d })
|
|
|
|
if [ ${DNS} == 'cloudflare' ]; then
|
|
DNS=$(echo ${line} | cut -d':' -f 3)
|
|
|
|
export CLOUDFLARE_EMAIL=$(echo ${line} | cut -d':' -f 4)
|
|
export CF_DNS_API_TOKEN=$(echo ${line} | cut -d':' -f 5)
|
|
LEGO_DNS="--dns cloudflare"
|
|
else
|
|
:
|
|
fi
|
|
|
|
if [ "$2" == "run" ]; then
|
|
lego ${LEGO_DNS} --email="${LEGO_ACCOUNT_EMAIL}" ${LEGO_CERT_DOMAIN[@]} --path ${CERTDIR}/ssl/lego --tls --tls.port :${TLS_PORT} run --run-hook="touch $RELOAD"
|
|
else
|
|
lego ${LEGO_DNS} --email="${LEGO_ACCOUNT_EMAIL}" ${LEGO_CERT_DOMAIN[@]} --path ${CERTDIR}/ssl/lego --tls --tls.port :${TLS_PORT} renew --renew-hook="touch $RELOAD"
|
|
fi
|
|
done
|
|
|
|
if [ -r ${RELOAD} ]; then
|
|
echo "Reloading NGINX"
|
|
/usr/sbin/nginx -s reload
|
|
rm -f ${RELOAD}
|
|
fi
|
|
|
|
else
|
|
echo "! ERROR: Unknown certbot method [$1]"
|
|
fi
|