-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathrenew.sh
executable file
·60 lines (50 loc) · 1.38 KB
/
renew.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
#!/usr/bin/env bash
set -eu
# begin configuration
# domain_subdomains syntax: 2 avaialble
# 1: domain subdomain1 subdomain2 ...
# 2: subdomain.domain
domain_subdomains=( \
"nerdz.eu w ww www mobile static" \
"example.com sub" \
"otherwebsite.net sub1 sub2" \
"domain.duckdns.org" \
)
w_root=/home/nessuno/
user=nessuno
group=nessuno
# end configuration
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit 1
fi
for domain_set_string in "${domain_subdomains[@]}"; do
domain_set=(${domain_set_string// / })
domain=${domain_set[0]}
unset domain_set[0]
all_subdomains="-d $domain"
if [ ${#domain_set[@]} -gt 0 ]; then
for sub_domain in "${domain_set[@]}"; do
all_subdomains="$all_subdomains -d $sub_domain.$domain"
done
fi
/usr/bin/certbot certonly --agree-tos --renew-by-default \
--rsa-key-size 4096 --email $email --webroot -w $w_root$domain \
$all_subdomains
cat /etc/letsencrypt/live/$domain/privkey.pem \
/etc/letsencrypt/live/$domain/cert.pem \
> /etc/lighttpd/$domain.pem
cp /etc/letsencrypt/live/$domain/fullchain.pem \
/etc/lighttpd/
chown -R $user:$group /etc/lighttpd/
chmod 600 /etc/lighttpd/*.pem
done
if pgrep -x "lighttpd" > /dev/null
then
systemctl restart lighttpd
fi
if pgrep -x "nginx" > /dev/null
then
systemctl restart nginx
fi