Skip to content

Instantly share code, notes, and snippets.

@attiks
Created January 21, 2016 15:28
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save attiks/20091b901d508ad1bdb9 to your computer and use it in GitHub Desktop.
Save attiks/20091b901d508ad1bdb9 to your computer and use it in GitHub Desktop.

Install simp_le as a normal user Inside the simp_le directory create a directory certs Inside certs add generate.sh

directory platform server user remoteuid domains
dir_and_cert_name platform_directory remote_host remote_user remote_userid www.example.com|example.com
#!/bin/bash -vx
EMAIL=me@example.com
INPUT=data.csv
[ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 1; }
{
while IFS=',' read directory platform server user remoteuid domains;
do
echo "directory : $directory"
echo "platform : $platform"
echo "server : $server"
echo "user : $user"
echo "domains : $domains"
if [ "$directory" != "directory" ]; then
mkdir -p "$directory"
cd "$directory"
cp ../../account_key.json .
ssh $user@$server "mkdir -p static/$platform/.well-known/acme-challenge;" < /dev/null
mkdir -p public_html
domain_info=
IFS=\| read -a fields <<<"$domains"
for i in "${fields[@]}";do
domain_info="$domain_info -d $i:public_html"
done
sshfs -o allow_other -o uid=$remoteuid $user@$server:static/$platform public_html
../../venv/bin/simp_le --account_key_size 2048 --email $EMAIL -f account_key.json -f key.pem -f fullchain.pem $domain_info
result=$?
fusermount -u public_html
if [ "$result" -eq "0" ]; then
scp fullchain.pem root@$server:/etc/ssl/private/$directory.crt
scp key.pem root@$server:/etc/ssl/private/$directory.key
ssh root@$server "/etc/init.d/nginx configtest && /etc/init.d/nginx reload"
fi
cd ..
fi
done } < $INPUT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment