letsencrypt certificates script

update.cert.sh

#!/bin/bash


PARAMS=""
DOMAIN=foo.com
PORTS_80_443_CONTAINER=my-nginx-container

# get parameters
while (( "$#" )); do
  case "$1" in
    -a|--my-boolean-flag)
      MY_FLAG=0
      shift
      ;;
    -s|--sub-domain)
      if [ -n "$2" ] && [ ${2:0:1} != "-" ]; then
        SUB_DOMAIN=$2
        shift 2
      else
        echo "Error: Argument for $1 is missing" >&2
        exit 1
      fi
      ;;
    -*|--*=) # unsupported flags
      echo "Error: Unsupported flag $1" >&2
      exit 1
      ;;
    *) # preserve positional arguments
      PARAMS="$PARAMS $1"
      shift
      ;;
  esac
done

# set positional arguments in their proper place
eval set -- "$PARAMS"

# check if we got the sub-domain
if [ "x$SUB_DOMAIN" = "x" ]; then
  echo '--sub-domain [subdomain] argument is missing'
  exit;
fi

FULL_DOMAIN=$SUB_DOMAIN.$DOMAIN

docker pull certbot/certbot;

docker stop $PORTS_80_443_CONTAINER;
docker rm -f $PORTS_80_443_CONTAINER;

sudo docker run \
    -it \
    --rm \
    -p 443:443 \
    -p 80:80 \
    --name certbot \
    -v "/etc/letsencrypt:/etc/letsencrypt" \
    -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
    certbot/certbot certonly \
            --rsa-key-size 4096 \
            --keep-until-expiring \
            --standalone \
            --preferred-challenges http \
            -n \
            --agree-tos \
            -m foo@foo.com \
            -d $FULL_DOMAIN ;

mkdir -p certs/$SUB_DOMAIN

sudo cp -v \
    /etc/letsencrypt/live/$FULL_DOMAIN/fullchain.pem \
    /etc/letsencrypt/live/$FULL_DOMAIN/privkey.pem \
    ./certs/$SUB_DOMAIN/

#re-start whatever you want to start again
bash ./start.sh