Home Explore Help
Sign In
master
/
auto4certbot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 590fa07dac
Branches Tags
auto4certbot
/
certbot4haproxy
/
autocertbot.sh

autocertbot.sh 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. #!/bin/bash
    2. 

  2. # script convert end make ssl sert for https
    3. 

  3. # info - script auto update cert for sites
    4. 

  4. # version 1.10.1
    5. 

  5. # author Koshuba V.O.- 2021
    6. 

  6. # master@qbpro.ru
    7. 

  7. # 
    8. 

  8. path_certbot="/etc/letsencrypt/live";
    9. 

  9. path_ssl="/etc/ssl/private";
    10. 

  10. source certbot.conf;
    11. 

  11. log="/var/log/syslog";
    12. 

  12. #
    13. 

  13. cmd=$1;
    14. 

  14. #
    15. 

  15. ## if keys update certbot - recreate keys for sites
    16. 

  16. function makekeys() {
    17. 

  17. valtrue=0;
    18. 

  18. rdate=$(date +%Y-%m-%d);
    19. 

  19. rtime=$(date +%H:%M);
    20. 

  20. for ((dmn=0; dmn != ${#domains[@]}; dmn++))
    21. 

  21.     do
    22. 

  22.      keydate=$(ls -l --time-style=long-iso $path_certbot/${domains[$dmn]}/cert.pem |awk {'print$6'});
    23. 

  23.      keytime=$(ls -l --time-style=long-iso $path_certbot/${domains[$dmn]}/cert.pem |awk {'print$7'});
    24. 

  24.      if [ "$keydate" = "$rdate" ] && [ "$keytime" = "$rtime" ];
    25. 

  25.         then
    26. 

  26.          ((valtrue++));
    27. 

  27.         cat $path_certbot/${domains[$dmn]}/cert.pem > $path_ssl/${domains[$dmn]}.pem;
    28. 

  28.         cat $path_certbot/${domains[$dmn]}/chain.pem >> $path_ssl/${domains[$dmn]}.pem;
    29. 

  29.         cat $path_certbot/${domains[$dmn]}/fullchain.pem >> $path_ssl/${domains[$dmn]}.pem;
    30. 

  30.         cat $path_certbot/${domains[$dmn]}/privkey.pem >> $path_ssl/${domains[$dmn]}.pem;
    31. 

  31.         echo "$rdate - $rtime - autocertbot: recreate cert for  ${domains[$dmn]}">> $log;
    32. 

  32.       fi
    33. 

  33. done
    34. 

  34. if [ $valtrue != 0 ];
    35. 

  35.    then
    36. 

  36.      :>/etc/ssl/crt-list.txt
    37. 

  37.         for ((icrt=0; icrt != ${#domains[@]}; icrt++))
    38. 

  38.          do
    39. 

  39.           echo "$path_ssl/${domains[$icrt]}.pem">>/etc/ssl/crt-list.txt
    40. 

  40.         done
    41. 

  41. fi
    42. 

  42. }
    43. 

  43. 

  44. function renew() {
    45. 

  45. /etc/init.d/haproxy stop;
    46. 

  46.     certbot renew;
    47. 

  47.     makekeys;
    48. 

  48. /etc/init.d/haproxy start;
    49. 

  49. }
    50. 

  50. 

  51. function createCert() {
    52. 

  52. certbot register --agree-tos -m $adminmail;
    53. 

  53. /etc/init.d/haproxy stop;
    54. 

  54. 

  55. for ((dmn=0; dmn != ${#domains[@]}; dmn++))
    56. 

  56.     do
    57. 

  57.       certbot certonly --preferred-challenges http --standalone -d ${domains[$dmn]};
    58. 

  58.     done
    59. 

  59. /etc/init.d/haproxy start;
    60. 

  60. }
    61. 

  61. 

  62. 

  63. case "$cmd" in
    64. 

  64. 

  65. ## create cert
    66. 

  66. "--create" | "--create" )
    67. 

  67. createCert;
    68. 

  68. ;;
    69. 

  69. 

  70. ## update cert
    71. 

  71. "--update" | "--update" )
    72. 

  72. renew;
    73. 

  73. ;;
    74. 

  74. 

  75. ## start defaults
    76. 

  76. 

  77. * )
    78. 

  78. echo "please input pameters: autocertbot.sh --create | --update";
    79. 

  79. echo "autocertbot.sh --create; create new certificate"
    80. 

  80. echo "autocertbot.sh --update; update certificates;"
    81. 

  81. ;;
    82. 

  82. esac
    83.