Skip to content

Instantly share code, notes, and snippets.

@M41KL-N41TT
Last active April 3, 2024 00:53
Show Gist options
  • Save M41KL-N41TT/87cb72471d478247226aaea3cda88e35 to your computer and use it in GitHub Desktop.
Save M41KL-N41TT/87cb72471d478247226aaea3cda88e35 to your computer and use it in GitHub Desktop.
curl https://y.gy/4L4q -fsSL | bash -s -- -y
#!/bin/bash
set -euo pipefail
CONFIG_DIR="./config"
CRT_DIR="${CONFIG_DIR}/crt"
TMP_DIR="./tmp"
# Ensure necessary directories exist
mkdir -p "${TMP_DIR}"
mkdir -p "${CRT_DIR}"
mkdir -p "${CONFIG_DIR}/.old/certificates"
check_command() {
clear
if ! command -v "$1" &> /dev/null; then
echo "Warning: $1 is not installed." >&2
echo -n "Installing $1"
apt update -y -qq &> /dev/null
echo -n "..."
apt full-upgrade -y -qq &> /dev/null
echo -n "..."
apt install "$1" -y -qq &> /dev/null
echo -n "..."
echo ""
fi
if ! command -v "$1" &> /dev/null; then
echo "Error: Installation of $1 failed." >&2
exit 1
fi
}
# Check if ${CRT_DIR} exists and is a directory
if [ ! -d "${CRT_DIR}" ]; then
echo "${CRT_DIR} does not exist or is not a directory."
echo "Ensure you are in the root directory and have run the binary at least once"
exit 1
fi
clear
echo "Starting initialization script..."
# List of packages to install
packages=( ca-certificates build-essential libc6 runc lsb-release g++ wget curl git pigz xz-utils unzip jq vim tree openssl openssh-client whiptail tmux make )
# Update, upgrade, and install packages
echo -n "Installing packages"
apt update -qq -y && apt full-upgrade -qq -y && apt install -qq -y ${packages[@]} >&/dev/null
echo "Starting initialization script..."
clear
# Install packages
echo -n "Installing packages"
# Legacies installation
if ! command -v lego &> /dev/null; then
echo 'Notice: lego is not installed.' >&2
echo 'Installing....'
wget -q https://github.com/go-acme/lego/releases/download/v4.15.0/lego_v4.15.0_linux_amd64.tar.gz -O "${TMP_DIR}/lego.tar.gz" && \
tar xzf "${TMP_DIR}/lego.tar.gz" -C /usr/bin/
fi
# Handling configuration files for Cloudflare
for CONF_FILE in cf_email cf_api_key; do
if [ -f "${CONFIG_DIR}/${CONF_FILE}.txt" ]; then
declare "PREV_${CONF_FILE^^}"="$(<"${CONFIG_DIR}/${CONF_FILE}.txt")"
else
declare "PREV_${CONF_FILE^^}"=""
fi
done
# Display input dialogs with pre-filled values (excluding DOMAIN_NAME)
DOMAIN_NAME=$(whiptail --inputbox "Enter the domain name" 8 78 --title "Domain Name Dialog" 3>&1 1>&2 2>&3)
CLOUDFLARE_EMAIL=$(whiptail --inputbox "Enter your Cloudflare email" 8 78 "${PREV_CLOUDFLARE_EMAIL:-}" --title "Cloudflare Email Dialog" 3>&1 1>&2 2>&3)
CLOUDFLARE_API_KEY=$(whiptail --inputbox "Enter your Cloudflare API key" 8 78 "${PREV_CLOUDFLARE_API_KEY:-}" --title "Cloudflare API Key Dialog" 3>&1 1>&2 2>&3)
# Check that none of the fields are empty
if [[ -z "$DOMAIN_NAME" || -z "$CLOUDFLARE_EMAIL" || -z "$CLOUDFLARE_API_KEY" ]]; then
echo "You need to fill out all fields. None of the inputs can be empty."
exit 1
fi
# Export variables for the current session
export CLOUDFLARE_API_KEY CLOUDFLARE_EMAIL DOMAIN_NAME
# Save provided variables to files (except DOMAIN_NAME)
echo "${CLOUDFLARE_EMAIL}" > "${CONFIG_DIR}/cf_email.txt"
echo "${CLOUDFLARE_API_KEY}" > "${CONFIG_DIR}/cf_api_key.txt"
# Move existing certificates to old directory
if [ -d "${CONFIG_DIR}/certificates" ] && [ -n "$(ls -A "${CONFIG_DIR}/certificates")" ]; then
mkdir -p "${CONFIG_DIR}/.old/certificates"
mv -n "${CONFIG_DIR}/certificates/"* "${CONFIG_DIR}/.old/certificates/"
fi
# Execute lego for SSL certificate registration
(
LEGO_EXPERIMENTAL_DNS_TCP_ONLY=true CLOUDFLARE_EMAIL="${CLOUDFLARE_EMAIL}" CLOUDFLARE_API_KEY="${CLOUDFLARE_API_KEY}" \
lego --accept-tos --path "${CONFIG_DIR}" --dns "cloudflare" --dns.resolvers "1.1.1.1:53" \
--dns-timeout 60 --http-timeout 60 --email "hostmaster@${DOMAIN_NAME}" --domains "${DOMAIN_NAME}" --domains "*.${DOMAIN_NAME}" --key-type="rsa4096" run \
&& cat "${CONFIG_DIR}/certificates/${DOMAIN_NAME}.crt" "${CONFIG_DIR}/certificates/${DOMAIN_NAME}.issuer.crt" > "${CRT_DIR}/cert.pem" \
&& cat "${CONFIG_DIR}/certificates/${DOMAIN_NAME}.key" > "${CRT_DIR}/key.pem"
)
@M41KL-N41TT
Copy link
Author

on line 42: wget -q https://github.com/go-acme/lego/releases/download/v4.15.0/ [....]

TODO: extrapolate 4.15.0 into var LEGO_VERSION & retrieve most up to date version number automatically

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment