Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Setup Letsencrypt SSL for domain on Virtualmin GPL server setup
# Warning: use this script at your own risk - work in progress. Tested on Ubuntu 14.04 server.
# Note: Now that the letsencrypt feature is in place in Virtualmin, this script is obsolete.
# Before running the script, be sure to have Letsencrypt installed in /opt/ as descripted in the guide below:
# https://www.virtualmin.com/node/38853
# Running Drupal on the site? Remember to adjust .htaccess as described in the link below:
# https://community.letsencrypt.org/t/drupals-defualt-htaccess-file-breaks-webroot-authentication/3014
# Other resources:
# https://joealdeguer.com/how-to-install-and-setup-letsencrypt-for-virtualmin/
# https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04
# @todo: modify script to allow for sub-server setups and automate further...
# Run script as root
echo "Run this script as root!"
echo -n "Enter the username of the domain > "
read MYUSERNAMEFORDOMAIN
echo -n "Enter the base domain (eg. example.com) > "
read MYDOMAIN
mkdir -p /home/${MYUSERNAMEFORDOMAIN}/ssl_certificates/${MYDOMAIN}
# Get random number between 0 and 59 for the cron job - to prevent all requests firing at the same time
MIN=$(( ( RANDOM % 59 ) + 1 ))
echo "${MIN} 3 1 1,3,5,7,9,11 * cd /opt/letsencrypt/ && ./letsencrypt-auto certonly --email info@$MYDOMAIN \
--agree-tos --webroot --renew-by-default -w /home/$MYUSERNAMEFORDOMAIN/public_html/ -d www.$MYDOMAIN -d \
$MYDOMAIN --authenticator webroot && cp /etc/letsencrypt/live/www.$MYDOMAIN/cert.pem \
/home/$MYUSERNAMEFORDOMAIN/ssl_certificates/${MYDOMAIN}/cert.pem && cp -f \
/etc/letsencrypt/live/www.$MYDOMAIN/chain.pem /home/$MYUSERNAMEFORDOMAIN/ssl_certificates/${MYDOMAIN}/chain.pem && \
cp -f /etc/letsencrypt/live/www.$MYDOMAIN/fullchain.pem /home/$MYUSERNAMEFORDOMAIN/ssl_certificates/${MYDOMAIN}/fullchain.pem \
&& cp -f /etc/letsencrypt/live/www.$MYDOMAIN/privkey.pem /home/$MYUSERNAMEFORDOMAIN/ssl_certificates/${MYDOMAIN}/privkey.pem" > \
/usr/local/bin/letsencrypt_cronjob.txt
crontab -l -u root | cat - /usr/local/bin/letsencrypt_cronjob.txt | crontab -u root -
echo "If things went well, now is the time to go and run the cron job and enable SSL and install the certificate for the virtual server"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment