Last active
October 4, 2018 20:18
-
-
Save bmpandrade/6f19a2761de5e5d94dcdbe550d64a387 to your computer and use it in GitHub Desktop.
update linode ssl certs on nodebalancer with letsencrypt certs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| ### ATTENTION : NOT READY FOR PRODUTION YET ### | |
| ### LINODE ACCEPTS BUT THEN BROWSERS SHOW ### | |
| ### SSL_ERROR_RX_RECORD_TOO_LONG ### | |
| DOMAIN="example.com" | |
| CERT_DIR="/opt/acme/certs/$DOMAIN" | |
| TOKEN="XXXXXXXXXX" | |
| NB_ID=XXXXX | |
| NB_CONFIG_ID=XXXXX | |
| # Check if cert exists | |
| if ! [[ -f $CERT_DIR/fullchain.cer ]]; then | |
| echo "Cert file dont exist on $CERT_DIR" | |
| exit 1 | |
| fi | |
| # Check if key exists | |
| if ! [[ -f $CERT_DIR/$DOMAIN.key ]]; then | |
| echo "Cert key dont exist on $CERT_DIR" | |
| exit 2 | |
| fi | |
| # Prepare cert info | |
| SSL_CERT=$(sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g' $CERT_DIR/fullchain.cer) | |
| SSL_CERT_KEY=$(sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g' $CERT_DIR/$DOMAIN.key) | |
| # Generate json with certificate | |
| if [[ -f $CERT_DIR/nodebalancer_ssl_cert.json ]]; then | |
| mv $CERT_DIR/nodebalancer_ssl_cert.json $CERT_DIR/nodebalancer_ssl_cert.json.bak.$(date -I) | |
| fi | |
| cat <<EOT >> $CERT_DIR/nodebalancer_ssl_cert.json | |
| { | |
| "protocol":"https", | |
| "port": 443, | |
| "ssl_commonname": "$DOMAIN", | |
| "ssl_cert": "$SSL_CERT", | |
| "ssl_key": "$SSL_CERT_KEY" | |
| } | |
| EOT | |
| # Update config on Linode NodeBalancer | |
| curl -X PUT https://api.linode.com/v4/nodebalancers/$NB_ID/configs/$NB_CONFIG_ID \ | |
| -H "Authorization: Bearer $TOKEN" \ | |
| -H "Content-Type: application/json" \ | |
| -d @$CERT_DIR/nodebalancer_ssl_cert.json |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment