43 lines
1.5 KiB
Bash
Executable File
43 lines
1.5 KiB
Bash
Executable File
#!/bin/sh
|
|
set -eu
|
|
touch /var/log/letsencrypt/letsencrypt.log
|
|
echo "Initializing certbot..."
|
|
rsa_key_size=4096
|
|
email=${ADMIN_EMAIL:-'admin@example.com'} # Adding a valid address is strongly recommended
|
|
|
|
# Enable staging mode if needed
|
|
staging_arg=$(test $CB_STAGING && echo "--staging" || echo "")
|
|
|
|
if [ $staging_arg ]; then
|
|
echo "Staging enabled! Will generate test certs!"
|
|
fi
|
|
|
|
echo "dns_digitalocean_token = ${DIGITALOCEAN_TOKEN}" | tee /opt/certbot/credentials.ini
|
|
chmod 600 /opt/certbot/credentials.ini
|
|
|
|
echo ""
|
|
echo "Generating initial domain mapping..."
|
|
if [ -n "$DOMAINS" ]; then
|
|
_IFS=$IFS
|
|
IFS="|"
|
|
for group in $DOMAINS; do
|
|
IFS=$_IFS
|
|
service=$(echo $group | head -n 1 | cut -d " " -f 1)
|
|
domains=$(echo $group | head -n 1 | cut -d " " -f 2-)
|
|
echo "### Requesting Let's Encrypt certificate for $service containing '$domains' domains..."
|
|
command="certbot certonly --dns-digitalocean --dns-digitalocean-credentials /opt/certbot/credentials.ini $staging_arg --email $email --rsa-key-size $rsa_key_size --agree-tos -n"
|
|
for domain in $domains; do command="$command -d $domain"; done
|
|
echo "executing: '$command'"
|
|
/bin/sh -c "$command"
|
|
done
|
|
else
|
|
echo "Domain mapping not found!" 1>&2
|
|
exit 1
|
|
fi
|
|
|
|
echo "### Let's Encrypt certificate initialization completed!"
|
|
|
|
SLEEPTIME=$(awk 'BEGIN{srand(); print int(rand()*(3600+1))}')
|
|
echo "0 0,12 * * * sleep $SLEEPTIME && certbot ${staging_arg} renew -q" | tee -a /var/spool/cron/crontabs/root > /dev/null
|
|
tail -fn 0 /var/log/letsencrypt/letsencrypt.log
|