A quick script for obtianing and automatically renewing Let's Encrypt certificates

quick-le

#!/bin/bash
#
# Quick Let's Encrypt Certificate Autoinstaller
#
# Quick script to install a Let's Encrypt certificate on a bunch of domains
# and schedule automatic renewals with at
#
# Assumes that:
#    1. The "certbot-auto" client is available (https://github.com/certbot/certbot, https://certbot.eff.org/)
#    2. All of the domains can handle the /.well-known/acme-challenge request
#    3. The all virtual hosts are already configured to use the cert (the request is made with "certonly")
#    4. at is available on the system

# Configuration:

# Domain list (comma separated, be sure to add both www and non-www variants if you want both to work)
DOMAINS="domain1.com,www.domain1.com,domain2.com"

# Email Address
EMAIL="admin@domain1.com"

# Autorenew period
RENEW_IN="60 days"

# ACME Client Path
ACME_CLIENT="/usr/local/bin/certbot-auto"

# Let's Encrypt Command
CMD="$ACME_CLIENT -t --renew-by-default --agree-tos --webroot -w /etc/letsencrypt/webroot
    --server https://acme-v01.api.letsencrypt.org/directory"

### END OF CONFIG ###

# Make the certificate request
$CMD -m $EMAIL -d $DOMAINS certonly

# Check if it worked
if [[ $? -ne 0 ]]
then
    # Something weny wrong
    echo "The ACME client returned an error status. Aborting."
    exit 143
fi

# Looks like it worked, set autorenewal with at
echo $0 $* | at "now + $RENEW_IN"