Created
December 1, 2016 09:04
-
-
Save alexs77/ac8ae2c0293327e8355eabd68ad902bd to your computer and use it in GitHub Desktop.
Renewal of Let's Encrypt certificates with lego.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
lego_cert_path="/etc/lego" | |
certificates_dir="$lego_cert_path/certificates" | |
lego_bin="/opt/lego/lego" | |
account_email="unix@everyware.ch" | |
well_known_base_dir="/var/www/html/well-known" | |
reload_command="/bin/systemctl reload apache2.service" | |
renew_days="14" | |
# Erzeugen: | |
# /opt/lego/lego --exclude tls-sni-01 --email unix@everyware.ch --accept-tos --key-type rsa4096 --path "/etc/lego" --domains tracy.skwar.me --domains tami.skwar.me --domains teivel.skwar.me --domains toiba.skwar.me --webroot /var/www/html/well-known/tracy.skwar.me/ run | |
for domain in ` awk -F\" '/"domain"/ {print $4}' "$certificates_dir"/*json `; do | |
echo $domain | |
"$lego_bin" --exclude tls-sni-01 --email "$account_email" --accept-tos \ | |
--key-type rsa4096 --path "$lego_cert_path" --domains "$domain" \ | |
--webroot "$well_known_base_dir/$domain/" renew --days "$renew_days" | |
# evtl. mit --no-bundle, auf Apache 2.2 Systemen | |
#"$lego_bin" --exclude tls-sni-01 --email "$account_email" --accept-tos \ | |
# --key-type rsa4096 --path "$lego_cert_path" --domains "$domain" \ | |
# --webroot "$well_known_base_dir/$domain/" renew --no-bundle | |
done | |
$reload_command | |
exit $? | |
# EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment