Vesta letsencrypt acme.sh backend

v-add-letsencrypt-domain

#!/bin/bash
# info: check letsencrypt domain
# options: USER DOMAIN [ALIASES]
#
# The function check and validates domain with Let's Encript


#----------------------------------------------------------#
#                    Variable&Function                     #
#----------------------------------------------------------#

# Argument definition
user=$1
domain=$2
aliases=$3

# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf

#----------------------------------------------------------#
#                    Verifications                         #
#----------------------------------------------------------#

check_args '2' "$#" 'USER DOMAIN [ALIASES]'
is_format_valid 'user' 'domain' 'aliases'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
get_domain_values 'web'
# check if alias is the letsencrypt wildcard domain, if not, make the normal checks
if [[ "$aliases" != "*.$domain" ]]; then
    for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
        check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
        if [ -z "$check_alias" ]; then
            check_result $E_NOTEXIST "domain alias $alias doesn't exist"
        fi
    done
fi;

#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

# Registering LetsEncrypt user account
$BIN/v-add-letsencrypt-user $user
if [ "$?" -ne 0  ]; then
    touch $VESTA/data/queue/letsencrypt.pipe
    sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
    send_notice "LETSENCRYPT" "Account registration failed"
    check_result $E_CONNECT "LE account registration" >/dev/null
fi

# Parsing LetsEncrypt account data
source $USER_DATA/ssl/le.conf

workdir=$(mktemp -d)
# TODO: aliases support by splitting $aliases # --domain-alias "$aliases"
$USER_DATA/ssl/acme.sh/acme.sh --issue -d $domain -w $HOMEDIR/$user/web/$domain/public_html --home $USER_DATA/ssl/acme.sh \
    --cert-file $workdir/$domain.crt --key-file $workdir/$domain.key --ca-file $workdir/$domain.ca --fullchain-file $workdir/$domain.pem

# Adding SSL
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
$BIN/v-add-web-domain-ssl $user $domain $workdir $ssl_home
if [ "$?" -ne '0' ]; then
    touch $VESTA/data/queue/letsencrypt.pipe
    sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
    send_notice 'LETSENCRYPT' "$domain certificate installation failed"
    check_result $? "SSL install" >/dev/null
fi

# Adding LE autorenew cronjob
if [ -z "$(grep v-update-lets $VESTA/data/users/admin/cron.conf)" ]; then
    min=$(generate_password '012345' '2')
    hour=$(generate_password '1234567' '1')
    cmd="sudo $BIN/v-update-letsencrypt-ssl"
    $BIN/v-add-cron-job admin "$min" "$hour" '*' '*' '*' "$cmd" > /dev/null
fi

# Updating letsencrypt key
if [ -z "$LETSENCRYPT" ]; then
    add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER'
fi
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'


#----------------------------------------------------------#
#                       Vesta                              #
#----------------------------------------------------------#

# Deleteing task from queue
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe

# Notifying user
send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"


# Logging
log_event "$OK" "$ARGUMENTS"

exit

v-add-letsencrypt-user

#!/bin/bash
# info: register letsencrypt user account
# options: USER
#
# The function creates and register LetsEncript account 


#----------------------------------------------------------#
#                    Variable&Function                     #
#----------------------------------------------------------#

# Argument definition
user=$1

# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf

#----------------------------------------------------------#
#                    Verifications                         #
#----------------------------------------------------------#

check_args '1' "$#" 'USER'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"

# Defining user email
if [[ -z "$EMAIL" ]]; then
    EMAIL=$(get_user_value '$CONTACT')
fi

if [ -e "$USER_DATA/ssl/le.conf" ]; then
    source "$USER_DATA/ssl/le.conf"
fi
if [ -d "$USER_DATA/ssl/acme.sh/" ]; then
    if [ -f "$USER_DATA/ssl/acme.sh/acme.sh" ]; then
        if [ "$EMAIL" == "$(cat $USER_DATA/ssl/mail.txt)" ]; then
            exit
        fi
        echo "$EMAIL differs from $(cat $USER_DATA/ssl/mail.txt)"
    fi
    #log_event "$OK" "$ARGUMENTS"
    #exit
fi


#----------------------------------------------------------#
#                       Action                             #
#----------------------------------------------------------#

mkdir -p $USER_DATA/ssl/acme.sh/
curl https://raw.githubusercontent.com/acmesh-official/acme.sh/master/acme.sh | sh -s -- --install-online --home $USER_DATA/ssl/acme.sh --config-home $USER_DATA/ssl/acme.sh --accountkey $USER_DATA/ssl/user.key --accountemail $EMAIL
echo $EMAIL > $USER_DATA/ssl/mail.txt

#----------------------------------------------------------#
#                       Vesta                              #
#----------------------------------------------------------#

# Adding le.conf
if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
    echo "EMAIL='$EMAIL'" >> $USER_DATA/ssl/le.conf
    echo "KID='E'" >> $USER_DATA/ssl/le.conf
    chmod 660  $USER_DATA/ssl/le.conf
else
    sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
    echo "KID='E'" >> $USER_DATA/ssl/le.conf
fi

# Logging
log_event "$OK" "$ARGUMENTS"

exit

The implementation does not support aliases at the moment