2023-01-11 01:03:34 +01:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
|
|
|
|
gen_nginx_acme_conf(){
|
|
|
|
domain=$1
|
|
|
|
alt_domain=$2
|
2023-05-15 23:16:25 +02:00
|
|
|
nginx_conf_file="/etc/nginx/sites-enabled/$domain"
|
|
|
|
[ ! -f $nginx_conf_file ] || rm $nginx_conf_file;
|
|
|
|
|
|
|
|
mkdir /var/www/htdocs/$domain
|
|
|
|
rcctl check nginx
|
|
|
|
if [ $? == 0 ]; then
|
|
|
|
cat > $nginx_conf_file <<EOF
|
2023-01-11 01:03:34 +01:00
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
server_name $alt_domain $domain;
|
|
|
|
include snippets/acme-challenge.conf;
|
2023-05-15 23:16:25 +02:00
|
|
|
root /htdocs/$domain;
|
2023-01-11 01:03:34 +01:00
|
|
|
}
|
|
|
|
EOF
|
2023-05-15 23:16:25 +02:00
|
|
|
rcctl reload nginx
|
2023-01-11 01:03:34 +01:00
|
|
|
else
|
2023-05-15 23:16:25 +02:00
|
|
|
echo "Service NGINX not running"
|
2023-01-11 01:03:34 +01:00
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
gen_acme_client_conf(){
|
|
|
|
domain=$1
|
|
|
|
alt_domain=$2
|
2023-05-15 23:16:25 +02:00
|
|
|
acme_conf_file="my_configuration/ssl/$domain-acme-client.conf"
|
|
|
|
# If the file exist, do nothing
|
|
|
|
[ ! -f $acme_conf_file ] || echo "Domain already configured !"; exit 1;
|
|
|
|
|
2023-01-11 01:03:34 +01:00
|
|
|
if [ "$alt_domain" == "" ]; then
|
2023-05-15 23:16:25 +02:00
|
|
|
cat >> $acme_conf_file <<EOF
|
2023-01-11 01:03:34 +01:00
|
|
|
|
|
|
|
domain $domain {
|
|
|
|
domain key "/etc/ssl/private/$domain.key"
|
|
|
|
domain full chain certificate "/etc/ssl/$domain.crt"
|
|
|
|
sign with letsencrypt
|
|
|
|
}
|
|
|
|
|
|
|
|
EOF
|
|
|
|
else
|
2023-05-15 23:16:25 +02:00
|
|
|
cat >> $acme_conf_file <<EOF
|
2023-01-11 01:03:34 +01:00
|
|
|
|
|
|
|
domain $domain {
|
|
|
|
alternative names { $alt_domain }
|
|
|
|
domain key "/etc/ssl/private/$domain.key"
|
|
|
|
domain full chain certificate "/etc/ssl/$domain.crt"
|
|
|
|
sign with letsencrypt
|
|
|
|
}
|
|
|
|
|
|
|
|
EOF
|
|
|
|
fi
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2023-05-15 23:16:25 +02:00
|
|
|
add_acme_domain_to_conf(){
|
|
|
|
domain=$1
|
|
|
|
egrep "domain $domain" -A5 /etc/acme-client.conf > /tmp/acme-client.conf
|
|
|
|
cp -v /etc/acme-client.conf /etc/acme-client.conf.old
|
|
|
|
cp -v /tmp/acme-client.conf /etc/acme-client.conf
|
|
|
|
}
|
|
|
|
|
2023-01-11 01:03:34 +01:00
|
|
|
install_utils(){
|
|
|
|
cp -v utils/renew_https_certificate /usr/local/bin/renew_https_certificate
|
|
|
|
chmod u+x /usr/local/bin/renew_https_certificate
|
|
|
|
}
|
|
|
|
|
2023-05-15 23:16:25 +02:00
|
|
|
get_certificate()
|
|
|
|
{
|
2023-01-11 01:03:34 +01:00
|
|
|
domain=$1
|
|
|
|
/usr/local/bin/renew_https_certificate $domain
|
|
|
|
}
|
|
|
|
|
2023-05-15 23:16:25 +02:00
|
|
|
usage()
|
|
|
|
{
|
2023-01-11 01:03:34 +01:00
|
|
|
print "This program ask 3 arguments : \n"
|
|
|
|
print "First is email with domain name the second is list of alternatives domains with \" \" \n"
|
|
|
|
print "the last arguments is for share the ssl cert with xmpp daemon add xmpp at the end or not"
|
|
|
|
print "\t $0 domain.tld \"a.domain.tld b.domain.tld c.domain.tld\""
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if [ -z $1 ];
|
|
|
|
then
|
|
|
|
usage
|
|
|
|
exit 3;
|
|
|
|
fi
|
|
|
|
|
|
|
|
domain=$1
|
|
|
|
alt_domain=$2
|
|
|
|
|
|
|
|
gen_nginx_acme_conf $domain
|