free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Additional options for letsencrypt 

These are used to create an initial account
This commit is contained in:
Bob Mottram 2016-01-08 11:18:52 +00:00
parent 77669098a6
commit bd0acd2af5
2 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/freedombone
View File

@ -4804,7 +4804,7 @@ function configure_imap_client_certs {
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --ca "" --dhkey $DH_KEYLENGTH
else
${PROJECT_NAME}-addcert -e $DEFAULT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --ca "" --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $DEFAULT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --ca "" --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
fi
fi
fi
@ -6379,7 +6379,7 @@ quit" > $INSTALL_DIR/batch.sql
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
${PROJECT_NAME}-addcert -h $OWNCLOUD_DOMAIN_NAME --dhkey $DH_KEYLENGTH
else
${PROJECT_NAME}-addcert -e $OWNCLOUD_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $OWNCLOUD_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
fi
check_certificates $OWNCLOUD_DOMAIN_NAME
fi
@ -6722,7 +6722,7 @@ quit" > $INSTALL_DIR/batch.sql
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
${PROJECT_NAME}-addcert -h $GIT_DOMAIN_NAME --dhkey $DH_KEYLENGTH
else
${PROJECT_NAME}-addcert -e $GIT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $GIT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
fi
check_certificates $GIT_DOMAIN_NAME
fi
@ -7660,7 +7660,7 @@ function install_wiki {
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
${PROJECT_NAME}-addcert -h $WIKI_DOMAIN_NAME --dhkey $DH_KEYLENGTH
else
${PROJECT_NAME}-addcert -e $WIKI_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $WIKI_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
fi
check_certificates $WIKI_DOMAIN_NAME
fi
@ -8022,7 +8022,7 @@ function install_blog {
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
${PROJECT_NAME}-addcert -h $FULLBLOG_DOMAIN_NAME --dhkey $DH_KEYLENGTH
else
${PROJECT_NAME}-addcert -e $FULLBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $FULLBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
fi
check_certificates $FULLBLOG_DOMAIN_NAME
fi
@ -8311,7 +8311,7 @@ quit" > $INSTALL_DIR/batch.sql
if [[ $ONION_ONLY == "no" ]]; then
if [ ! -f /etc/ssl/certs/$MICROBLOG_DOMAIN_NAME.dhparam ]; then
${PROJECT_NAME}-addcert -e $MICROBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $MICROBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
check_certificates $MICROBLOG_DOMAIN_NAME
fi
fi
@ -8709,7 +8709,7 @@ quit" > $INSTALL_DIR/batch.sql
if [[ $ONION_ONLY == "no" ]]; then
if [ ! -f /etc/ssl/certs/$HUBZILLA_DOMAIN_NAME.dhparam ]; then
${PROJECT_NAME}-addcert -e $HUBZILLA_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $HUBZILLA_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
check_certificates $HUBZILLA_DOMAIN_NAME
fi
fi
@ -9033,7 +9033,7 @@ function install_mediagoblin {
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
${PROJECT_NAME}-addcert -h $MEDIAGOBLIN_DOMAIN_NAME --dhkey $DH_KEYLENGTH
else
${PROJECT_NAME}-addcert -e $MEDIAGOBLIN_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
${PROJECT_NAME}-addcert -e $MEDIAGOBLIN_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS
fi
check_certificates $MEDIAGOBLIN_DOMAIN_NAME
fi

28
src/freedombone-addcert
View File

@ -33,6 +33,9 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-addcert
export TEXTDOMAINDIR="/usr/share/locale"
CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
HOSTNAME=
LETSENCRYPT_HOSTNAME=
COUNTRY_CODE="US"
@ -46,6 +49,7 @@ DH_KEYLENGTH=2048
INSTALL_DIR=/root/build
LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory'
LETSENCRYPT_REPO='https://github.com/letsencrypt/letsencrypt'
MY_EMAIL_ADDRESS=
function show_help {
echo ''
@ -63,6 +67,7 @@ function show_help {
echo $' -l --location [locn] Optional location name'
echo $' -o --organisation [name] Optional organisation name'
echo $' -u --unit [name] Optional unit name'
echo $' --email [address] Email address for letsencrypt'
echo $' --dhkey [bits] DH key length in bits'
echo $' --nodh "" Do not calculate DH params'
echo $' --ca "" Certificate authority cert'
@ -86,6 +91,10 @@ case $key in
shift
LETSENCRYPT_HOSTNAME="$1"
;;
--email)
shift
MY_EMAIL_ADDRESS="$1"
;;
-s|--server)
shift
LETSENCRYPT_SERVER="$1"
@ -151,6 +160,23 @@ CERTFILE=$HOSTNAME
function add_cert_letsencrypt {
CERTFILE=$LETSENCRYPT_HOSTNAME
# obtain the email address for the admin user
if [ ! $MY_EMAIL_ADDRESS ]; then
if [ -f $CONFIG_FILE ]; then
if grep -q "MY_EMAIL_ADDRESS=" $CONFIG_FILE; then
MY_EMAIL_ADDRESS=$(cat $CONFIG_FILE | grep "MY_EMAIL_ADDRESS=" | awk -F '=' '{print $2}')
fi
fi
fi
if [ ! $MY_EMAIL_ADDRESS ]; then
if [ -f $COMPLETION_FILE ]; then
if grep -q "Admin user:" $COMPLETION_FILE; then
ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
MY_EMAIL_ADDRESS=$ADMIN_USER@$HOSTNAME
fi
fi
fi
if [ ! -d $INSTALL_DIR ]; then
mkdir -p $INSTALL_DIR
fi
@ -172,7 +198,7 @@ function add_cert_letsencrypt {
systemctl stop nginx
cd ${INSTALL_DIR}/letsencrypt
./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default
./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default --agree-tos --email $MY_EMAIL_ADDRESS
if [ ! "$?" = "0" ]; then
echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
systemctl start nginx