Skip to content

Instantly share code, notes, and snippets.

@alexs77

alexs77/renew-lego.sh

Created December 1, 2016 09:04
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save alexs77/ac8ae2c0293327e8355eabd68ad902bd to your computer and use it in GitHub Desktop.
Save alexs77/ac8ae2c0293327e8355eabd68ad902bd to your computer and use it in GitHub Desktop.
Download ZIP
Renewal of Let's Encrypt certificates with lego.
Raw
renew-lego.sh
#!/bin/sh
lego_cert_path="/etc/lego"
certificates_dir="$lego_cert_path/certificates"
lego_bin="/opt/lego/lego"
account_email="unix@everyware.ch"
well_known_base_dir="/var/www/html/well-known"
reload_command="/bin/systemctl reload apache2.service"
renew_days="14"
# Erzeugen:
# /opt/lego/lego --exclude tls-sni-01 --email unix@everyware.ch --accept-tos --key-type rsa4096 --path "/etc/lego" --domains tracy.skwar.me --domains tami.skwar.me --domains teivel.skwar.me --domains toiba.skwar.me --webroot /var/www/html/well-known/tracy.skwar.me/ run
for domain in ` awk -F\" '/"domain"/ {print $4}' "$certificates_dir"/*json `; do
echo $domain
"$lego_bin" --exclude tls-sni-01 --email "$account_email" --accept-tos \
--key-type rsa4096 --path "$lego_cert_path" --domains "$domain" \
--webroot "$well_known_base_dir/$domain/" renew --days "$renew_days"
# evtl. mit --no-bundle, auf Apache 2.2 Systemen
#"$lego_bin" --exclude tls-sni-01 --email "$account_email" --accept-tos \
# --key-type rsa4096 --path "$lego_cert_path" --domains "$domain" \
# --webroot "$well_known_base_dir/$domain/" renew --no-bundle
done
$reload_command
exit $?
# EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment