Last active
May 5, 2020 13:21
-
-
Save AntouanK/9c0ce5899e6554a1956198acc6155094 to your computer and use it in GitHub Desktop.
letsencrypt certificates script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
PARAMS="" | |
DOMAIN=foo.com | |
PORTS_80_443_CONTAINER=my-nginx-container | |
# get parameters | |
while (( "$#" )); do | |
case "$1" in | |
-a|--my-boolean-flag) | |
MY_FLAG=0 | |
shift | |
;; | |
-s|--sub-domain) | |
if [ -n "$2" ] && [ ${2:0:1} != "-" ]; then | |
SUB_DOMAIN=$2 | |
shift 2 | |
else | |
echo "Error: Argument for $1 is missing" >&2 | |
exit 1 | |
fi | |
;; | |
-*|--*=) # unsupported flags | |
echo "Error: Unsupported flag $1" >&2 | |
exit 1 | |
;; | |
*) # preserve positional arguments | |
PARAMS="$PARAMS $1" | |
shift | |
;; | |
esac | |
done | |
# set positional arguments in their proper place | |
eval set -- "$PARAMS" | |
# check if we got the sub-domain | |
if [ "x$SUB_DOMAIN" = "x" ]; then | |
echo '--sub-domain [subdomain] argument is missing' | |
exit; | |
fi | |
FULL_DOMAIN=$SUB_DOMAIN.$DOMAIN | |
docker pull certbot/certbot; | |
docker stop $PORTS_80_443_CONTAINER; | |
docker rm -f $PORTS_80_443_CONTAINER; | |
sudo docker run \ | |
-it \ | |
--rm \ | |
-p 443:443 \ | |
-p 80:80 \ | |
--name certbot \ | |
-v "/etc/letsencrypt:/etc/letsencrypt" \ | |
-v "/var/lib/letsencrypt:/var/lib/letsencrypt" \ | |
certbot/certbot certonly \ | |
--rsa-key-size 4096 \ | |
--keep-until-expiring \ | |
--standalone \ | |
--preferred-challenges http \ | |
-n \ | |
--agree-tos \ | |
-m foo@foo.com \ | |
-d $FULL_DOMAIN ; | |
mkdir -p certs/$SUB_DOMAIN | |
sudo cp -v \ | |
/etc/letsencrypt/live/$FULL_DOMAIN/fullchain.pem \ | |
/etc/letsencrypt/live/$FULL_DOMAIN/privkey.pem \ | |
./certs/$SUB_DOMAIN/ | |
#re-start whatever you want to start again | |
bash ./start.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment