Skip to content

Instantly share code, notes, and snippets.

@thiagolcks

thiagolcks/letsencrypt.sh

Last active October 5, 2016 16:02
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save thiagolcks/485a9f8c50a7a6ff8385cb240a647844 to your computer and use it in GitHub Desktop.
Save thiagolcks/485a9f8c50a7a6ff8385cb240a647844 to your computer and use it in GitHub Desktop.
Download ZIP
Script to generate the SSL certificate via Letsencrypt
Raw
letsencrypt.sh
#!/bin/sh
if [ ! -d "/opt/letsencrypt" ]
then
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
fi
if [ ! -f "/etc/nginx/snippets/letsencrypt.conf" ]
then
echo "location '/.well-known/acme-challenge' {\n default_type 'text/plain';\n root /tmp/letsencrypt;\n}" | sudo tee /etc/nginx/snippets/letsencrypt.conf
fi
echo "\nAdd this snippet to your nginx site config:"
echo "include snippets/letsencrypt.conf;\n"
read -p "Done?" v
sudo service nginx restart
sudo rm -fR /tmp/letsencrypt && sudo mkdir /tmp/letsencrypt && sudo /opt/letsencrypt/certbot-auto certonly --webroot -w /tmp/letsencrypt -d $1
echo "If it worked, you can add this snippet to your nginx site config:"
echo "
listen 443 ssl http2;
...
ssl on;
ssl_certificate /etc/letsencrypt/live/$1/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/$1/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AESGCM:HIGH:!aNULL:!MD5;"
echo "\n"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment