You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
1.0 KiB
32 lines
1.0 KiB
#!/bin/bash
|
|
PATH=/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin
|
|
|
|
# PATH to inifiles / letsencrypt dir
|
|
LECONFIGDIR="~/.config/letsencrypt"
|
|
|
|
# Catch missing LECONFIGDIR
|
|
if [ ! -d "${LECONFIGDIR}" ]; then
|
|
echo "$0: ${LECONFIGDIR} does not exists! Maybe letsencrypt is not yet initialised!" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Get all existing inifiles matching namescheme cli-${domain}.ini
|
|
for inifile in "${LECONFIGDIR}/cli-*.ini"; do
|
|
|
|
# Strip domain out of filename
|
|
domain=${inifile:$(( ${#LECONFIGDIR} + 5 )):-4}
|
|
|
|
# sleep for a random time so not all certificates get renewed at the same time
|
|
sleep $(expr $RANDOM % 600)
|
|
|
|
# Check validity of cert for domain
|
|
openssl x509 -checkend $(( 21 * 86400 )) -in "${LECONFIGDIR}/live/${domain}/cert.pem" > /dev/null
|
|
|
|
if [ \$? != 0 ]; then
|
|
# run let's encrypt
|
|
letsencrypt certonly -c "${LECONFIGDIR}/letsencrypt/cli-${domain}.ini"
|
|
# import certificate
|
|
uberspace-add-certificate -k "${LECONFIGDIR}/live/${domain}/privkey.pem" -c "${LECONFIGDIR}/live/${domain}/cert.pem"
|
|
fi
|
|
|
|
done
|
|
|