|
|
@ -2,7 +2,7 @@ |
|
|
|
# |
|
|
|
# letsencrypt-renew.sh |
|
|
|
# |
|
|
|
# Copyright 2017 Jonathan Golder <jonathan@golderweb.de> |
|
|
|
# Copyright 2019 Jonathan Golder <jonathan@golderweb.de> |
|
|
|
# |
|
|
|
# Derived from: |
|
|
|
# https://wiki.uberspace.de/webserver:https#automatisieren_von_let_s_encrypt |
|
|
@ -63,6 +63,13 @@ import_certificate() { |
|
|
|
fi |
|
|
|
} |
|
|
|
|
|
|
|
while getopts f opt |
|
|
|
do |
|
|
|
case $opt in |
|
|
|
f): force=1;; |
|
|
|
esac |
|
|
|
done |
|
|
|
|
|
|
|
# Get all existing inifiles matching namescheme cli-${domain}.ini |
|
|
|
for inifile in "${LECONFIGDIR}"/cli-*.ini; do |
|
|
|
|
|
|
@ -80,8 +87,10 @@ for inifile in "${LECONFIGDIR}"/cli-*.ini; do |
|
|
|
sleep $(expr $RANDOM % 600) |
|
|
|
fi |
|
|
|
|
|
|
|
# Check validity of cert for domain |
|
|
|
openssl x509 -checkend $(( 21 * 86400 )) -in "${LECONFIGDIR}/live/${domain}/cert.pem" > /dev/null && continue |
|
|
|
if [[ -z $force ]]; then |
|
|
|
# Check validity of cert for domain |
|
|
|
openssl x509 -checkend $(( 21 * 86400 )) -in "${LECONFIGDIR}/live/${domain}/cert.pem" > /dev/null && continue |
|
|
|
fi |
|
|
|
|
|
|
|
# run let's encrypt |
|
|
|
FIRSTITER=0 |
|
|
|