conf_server/add_domain_with_acme.sh

98 lines
2.1 KiB
Bash
Raw Normal View History

2023-01-11 01:03:34 +01:00
#!/bin/sh
gen_nginx_acme_conf(){
domain=$1
alt_domain=$2
2023-05-15 23:16:25 +02:00
nginx_conf_file="/etc/nginx/sites-enabled/$domain"
[ ! -f $nginx_conf_file ] || rm $nginx_conf_file;
mkdir /var/www/htdocs/$domain
rcctl check nginx
if [ $? == 0 ]; then
cat > $nginx_conf_file <<EOF
2023-01-11 01:03:34 +01:00
server {
listen 80;
server_name $alt_domain $domain;
include snippets/acme-challenge.conf;
2023-05-15 23:16:25 +02:00
root /htdocs/$domain;
2023-01-11 01:03:34 +01:00
}
EOF
2023-05-15 23:16:25 +02:00
rcctl reload nginx
2023-01-11 01:03:34 +01:00
else
2023-05-15 23:16:25 +02:00
echo "Service NGINX not running"
2023-01-11 01:03:34 +01:00
exit 1
fi
}
gen_acme_client_conf(){
domain=$1
alt_domain=$2
2023-05-15 23:16:25 +02:00
acme_conf_file="my_configuration/ssl/$domain-acme-client.conf"
# If the file exist, do nothing
[ ! -f $acme_conf_file ] || echo "Domain already configured !"; exit 1;
2023-01-11 01:03:34 +01:00
if [ "$alt_domain" == "" ]; then
2023-05-15 23:16:25 +02:00
cat >> $acme_conf_file <<EOF
2023-01-11 01:03:34 +01:00
domain $domain {
domain key "/etc/ssl/private/$domain.key"
domain full chain certificate "/etc/ssl/$domain.crt"
sign with letsencrypt
}
EOF
else
2023-05-15 23:16:25 +02:00
cat >> $acme_conf_file <<EOF
2023-01-11 01:03:34 +01:00
domain $domain {
alternative names { $alt_domain }
domain key "/etc/ssl/private/$domain.key"
domain full chain certificate "/etc/ssl/$domain.crt"
sign with letsencrypt
}
EOF
fi
}
2023-05-15 23:16:25 +02:00
add_acme_domain_to_conf(){
domain=$1
egrep "domain $domain" -A5 /etc/acme-client.conf > /tmp/acme-client.conf
cp -v /etc/acme-client.conf /etc/acme-client.conf.old
cp -v /tmp/acme-client.conf /etc/acme-client.conf
}
2023-01-11 01:03:34 +01:00
install_utils(){
cp -v utils/renew_https_certificate /usr/local/bin/renew_https_certificate
chmod u+x /usr/local/bin/renew_https_certificate
}
2023-05-15 23:16:25 +02:00
get_certificate()
{
2023-01-11 01:03:34 +01:00
domain=$1
/usr/local/bin/renew_https_certificate $domain
}
2023-05-15 23:16:25 +02:00
usage()
{
2023-01-11 01:03:34 +01:00
print "This program ask 3 arguments : \n"
print "First is email with domain name the second is list of alternatives domains with \" \" \n"
print "the last arguments is for share the ssl cert with xmpp daemon add xmpp at the end or not"
print "\t $0 domain.tld \"a.domain.tld b.domain.tld c.domain.tld\""
}
if [ -z $1 ];
then
usage
exit 3;
fi
domain=$1
alt_domain=$2
gen_nginx_acme_conf $domain