Home Explore Help
Sign In
master
/
auto4certbot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Обновить 'certbot4nginx/auto4certbot.sh'

Кошуба Валерий 2 years ago
parent
b46e17a50b
commit
67dd92c0da
1 changed files with 43 additions and 29 deletions
Split View Show Diff Stats
  1. 43 29
      certbot4nginx/auto4certbot.sh

+ 43 - 29
certbot4nginx/auto4certbot.sh
View File 

@@ -4,7 +4,7 @@
4 4 
 # license: GPL 2.0
5 5 
 # create 2022
6 6 
 #
7 
-version="0.2.3";
7 
+version="0.2.4";
8 8 
 sname="autocertbot";
9 9 
 # необходимы для работы: nginx,certbot
10 10 
 # create new cert
 
@@ -27,10 +27,17 @@ scan_list=();
27 27 
 #
28 28
29 29 
 function createCert() {
30 
+#
30 31 
 for ((dmn=0; dmn != ${#domains[@]}; dmn++))
31 32 
     do
32 33 
 eval local dreg="(" $(echo -e ${domains[$dmn]}) ")";
33 
-certbot --update-registration -m "${dreg[1]}";
34 
+    if [ "$cmd" == "--create" ];
35 
+        then
36 
+            certbot -m "${dreg[1]}";
37 
+        else
38 
+            certbot --update-registration -m "${dreg[1]}";
39 
+    fi
40 
+##
34 41 
 ## example manual: certbot certonly --webroot --webroot-path /tmp/letsencrypt -d mydomen.ru
35 42 
 certbot certonly --webroot --webroot-path $www_root -d ${dreg[0]}
36 43 
 done
 
@@ -54,10 +61,10 @@ for ((dmn=0; dmn != ${#domains[@]}; dmn++))
54 61 
         cat $path_cert/${dreg[0]}/fullchain.pem >> $path_ssl/private/${dreg[0]}.pem;
55 62 
         cat $path_cert/${dreg[0]}/privkey.pem >> $path_ssl/private/${dreg[0]}.pem;
56 63 
 #
57 
-	cp -f $path_ssl/private/${dreg[0]}.pem $path_ssl/certs/${dreg[0]}.pem
58 
-    	cd $path_ssl/certs
59 
-    	chmod 600 ${dreg[0]}.pem
60 
-	ln -sf ${dreg[0]}.pem `openssl x509 -noout -hash < ${dreg[0]}.pem`.0
64 
+        cp -f $path_ssl/private/${dreg[0]}.pem $path_ssl/certs/${dreg[0]}.pem
65 
+        cd $path_ssl/certs
66 
+        chmod 600 ${dreg[0]}.pem
67 
+        ln -sf ${dreg[0]}.pem `openssl x509 -noout -hash < ${dreg[0]}.pem`.0
61 68 
         cd $path_ssl
62 69 
         echo "$(date) - auto4certbot.sh: update cert for  ${domains[$dmn]}">> $log;
63 70 
       fi
 
@@ -74,30 +81,35 @@ fi
74 81
75 82
76 83 
 function toSSL() {
77 
-for ((dmn=0; dmn != ${#domains[@]}; dmn++))
78 
-    do
79 
-    eval local dreg="(" $(echo -e ${domains[$dmn]}) ")";
80 
-         ((valtrue++));
81 
-        cat $path_cert/${dreg[0]}/cert.pem > $path_ssl/private/${dreg[0]}.pem;
82 
-        cat $path_cert/${dreg[0]}/chain.pem >> $path_ssl/private/${dreg[0]}.pem;
83 
-        cat $path_cert/${dreg[0]}/fullchain.pem >> $path_ssl/private/${dreg[0]}.pem;
84 
-        cat $path_cert/${dreg[0]}/privkey.pem >> $path_ssl/private/${dreg[0]}.pem;
84 
+if [ -d $path_cert ];
85 
+    then
86 
+        for ((dmn=0; dmn != ${#domains[@]}; dmn++))
87 
+            do
88 
+                eval local dreg="(" $(echo -e ${domains[$dmn]}) ")";
89 
+                ((valtrue++));
90 
+                cat $path_cert/${dreg[0]}/cert.pem > $path_ssl/private/${dreg[0]}.pem;
91 
+                cat $path_cert/${dreg[0]}/chain.pem >> $path_ssl/private/${dreg[0]}.pem;
92 
+                cat $path_cert/${dreg[0]}/fullchain.pem >> $path_ssl/private/${dreg[0]}.pem;
93 
+                cat $path_cert/${dreg[0]}/privkey.pem >> $path_ssl/private/${dreg[0]}.pem;
85 94 
 #
86 
-        cp -f $path_ssl/private/${dreg[0]}.pem $path_ssl/certs/${dreg[0]}.pem
87 
-        cd $path_ssl/certs
88 
-        chmod 600 ${dreg[0]}.pem
89 
-        ln -sf ${dreg[0]}.pem `openssl x509 -noout -hash < ${dreg[0]}.pem`.0
90 
-        cd $path_ssl
91 
-        echo "$(date) - auto4certbot.sh: update certlist for  ${domains[$dmn]}">> $log;
92 
-done
93 
-if [ $valtrue != 0 ];
94 
-   then
95 
-     echo >/etc/ssl/crt-list.txt
96 
-        for ((icrt=0; icrt != ${#domains[@]}; icrt++))
97 
-         do
98 
-           eval local dcrt="(" $(echo -e ${domains[$icrt]}) ")";
99 
-          echo "$path_ssl/private/${dcrt[0]}.pem">>/etc/ssl/crt-list.txt
95 
+                cp -f $path_ssl/private/${dreg[0]}.pem $path_ssl/certs/${dreg[0]}.pem
96 
+                cd $path_ssl/certs
97 
+                chmod 600 ${dreg[0]}.pem
98 
+                ln -sf ${dreg[0]}.pem `openssl x509 -noout -hash < ${dreg[0]}.pem`.0
99 
+                cd $path_ssl
100 
+                echo "$(date) - auto4certbot.sh: update certlist for  ${domains[$dmn]}">> $log;
100 101 
         done
102 
+        if [ $valtrue != 0 ];
103 
+            then
104 
+                echo >/etc/ssl/crt-list.txt
105 
+            for ((icrt=0; icrt != ${#domains[@]}; icrt++))
106 
+                do
107 
+                eval local dcrt="(" $(echo -e ${domains[$icrt]}) ")";
108 
+                echo "$path_ssl/private/${dcrt[0]}.pem">>/etc/ssl/crt-list.txt
109 
+            done
110 
+        fi
111 
+    else
112 
+        echo "Ошибка - отсутствует $path_cert!"
101 113 
 fi
102 114 
 }
103 115 
 
@@ -182,6 +194,7 @@ case "$cmd" in
182 194
183 195 
 ## create cert
184 196 
 "--create" | "--create" )
197 
+
185 198 
 downSite;
186 199 
 createCert;
187 200 
 upSite;
 
@@ -190,6 +203,7 @@ toSSL;
190 203
191 204 
 ## update cert
192 205 
 "--update" | "--update" )
206 
+
193 207 
 downSite;
194 208 
 renew;
195 209 
 upSite;
 
@@ -211,4 +225,4 @@ echo "auto4certbot.sh --flist; update certificates from ssl;"
211 225 
 ;;
212 226 
 esac
213 227
214 
-exit
228 
+exit