Created
July 9, 2020 04:19
-
-
Save espro/33166f74f4ca9fc6621e474e2dc7a34a to your computer and use it in GitHub Desktop.
Replace Bitwarden's run.sh default certbot HTTP challenge method with dns-cloudflare
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
*** run.sh 2020-07-09 00:18:13.829515273 -0400 | |
--- bwdata/scripts/run.sh 2020-07-09 00:18:06.925540167 -0400 | |
*************** function install() { | |
*** 68,78 **** | |
read EMAIL | |
echo "" | |
mkdir -p $OUTPUT_DIR/letsencrypt | |
! docker pull certbot/certbot | |
! docker run -it --rm --name certbot -p 80:80 -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot \ | |
! certonly --standalone --noninteractive --agree-tos --preferred-challenges http \ | |
! --email $EMAIL -d $DOMAIN --logs-dir /etc/letsencrypt/logs | |
fi | |
fi | |
--- 68,101 ---- | |
read EMAIL | |
echo "" | |
+ echo -e -n "${CYAN}(!)${NC} Enter your CloudFlare email address: " | |
+ read CFEMAIL | |
+ echo "" | |
+ | |
+ echo -e -n "${CYAN}(!)${NC} Enter your CloudFlare API key: " | |
+ read CFAPI | |
+ echo "" | |
+ | |
+ mkdir -p "$ENV_DIR" | |
+ touch "$ENV_DIR/cloudflare.ini" | |
+ chmod 600 "$ENV_DIR/cloudflare.ini" | |
+ echo "dns_cloudflare_email = $CFEMAIL" > "$ENV_DIR/cloudflare.ini" | |
+ echo "dns_cloudflare_api_key = $CFAPI" >> "$ENV_DIR/cloudflare.ini" | |
+ | |
mkdir -p $OUTPUT_DIR/letsencrypt | |
! docker run -ti --rm \ | |
! -v "$OUTPUT_DIR/letsencrypt:/etc/letsencrypt/" \ | |
! -v "$ENV_DIR/cloudflare.ini:/cloudflare.ini" \ | |
! certbot/dns-cloudflare:latest \ | |
! certonly \ | |
! --dns-cloudflare \ | |
! --dns-cloudflare-credentials "/cloudflare.ini" \ | |
! -d "$DOMAIN" \ | |
! --email "$EMAIL" \ | |
! --agree-tos \ | |
! --logs-dir /etc/letsencrypt/logs \ | |
! --server https://acme-v02.api.letsencrypt.org/directory | |
! | |
fi | |
fi | |
*************** function dockerPrune() { | |
*** 141,160 **** | |
function updateLetsEncrypt() { | |
if [ -d "${OUTPUT_DIR}/letsencrypt/live" ] | |
then | |
! docker pull certbot/certbot | |
! docker run -i --rm --name certbot -p 443:443 -p 80:80 \ | |
! -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot \ | |
! renew --logs-dir /etc/letsencrypt/logs | |
fi | |
} | |
function forceUpdateLetsEncrypt() { | |
if [ -d "${OUTPUT_DIR}/letsencrypt/live" ] | |
then | |
! docker pull certbot/certbot | |
! docker run -i --rm --name certbot -p 443:443 -p 80:80 \ | |
! -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot \ | |
! renew --logs-dir /etc/letsencrypt/logs --force-renew | |
fi | |
} | |
--- 164,194 ---- | |
function updateLetsEncrypt() { | |
if [ -d "${OUTPUT_DIR}/letsencrypt/live" ] | |
then | |
! docker run -ti --rm \ | |
! -v "$OUTPUT_DIR/letsencrypt:/etc/letsencrypt/" \ | |
! -v "$ENV_DIR/cloudflare.ini:/cloudflare.ini" \ | |
! certbot/dns-cloudflare:latest \ | |
! renew \ | |
! --dns-cloudflare \ | |
! --dns-cloudflare-credentials /cloudflare.ini \ | |
! --logs-dir /etc/letsencrypt/logs | |
! | |
fi | |
} | |
function forceUpdateLetsEncrypt() { | |
if [ -d "${OUTPUT_DIR}/letsencrypt/live" ] | |
then | |
! docker run -ti --rm \ | |
! -v "$OUTPUT_DIR/letsencrypt:/etc/letsencrypt/" \ | |
! -v "$ENV_DIR/cloudflare.ini:/cloudflare.ini" \ | |
! certbot/dns-cloudflare:latest \ | |
! renew \ | |
! --dns-cloudflare \ | |
! --dns-cloudflare-credentials /cloudflare.ini \ | |
! --logs-dir /etc/letsencrypt/logs \ | |
! --force-renew | |
! | |
fi | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This applies against
~/bwdata/scripts/run.sh
. You'll likely need to run./bitwarden.sh install
to generate the initial downloads. After patching you'll need to comment out any calls todownloadRunFile
inbitwarden.sh
as well.