diff --git a/src/freedombone b/src/freedombone index 399d9419..42850c29 100755 --- a/src/freedombone +++ b/src/freedombone @@ -4804,7 +4804,7 @@ function configure_imap_client_certs { if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then ${PROJECT_NAME}-addcert -h $DEFAULT_DOMAIN_NAME --ca "" --dhkey $DH_KEYLENGTH else - ${PROJECT_NAME}-addcert -e $DEFAULT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --ca "" --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $DEFAULT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --ca "" --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS fi fi fi @@ -6379,7 +6379,7 @@ quit" > $INSTALL_DIR/batch.sql if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then ${PROJECT_NAME}-addcert -h $OWNCLOUD_DOMAIN_NAME --dhkey $DH_KEYLENGTH else - ${PROJECT_NAME}-addcert -e $OWNCLOUD_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $OWNCLOUD_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS fi check_certificates $OWNCLOUD_DOMAIN_NAME fi @@ -6722,7 +6722,7 @@ quit" > $INSTALL_DIR/batch.sql if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then ${PROJECT_NAME}-addcert -h $GIT_DOMAIN_NAME --dhkey $DH_KEYLENGTH else - ${PROJECT_NAME}-addcert -e $GIT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $GIT_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS fi check_certificates $GIT_DOMAIN_NAME fi @@ -7660,7 +7660,7 @@ function install_wiki { if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then ${PROJECT_NAME}-addcert -h $WIKI_DOMAIN_NAME --dhkey $DH_KEYLENGTH else - ${PROJECT_NAME}-addcert -e $WIKI_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $WIKI_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS fi check_certificates $WIKI_DOMAIN_NAME fi @@ -8022,7 +8022,7 @@ function install_blog { if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then ${PROJECT_NAME}-addcert -h $FULLBLOG_DOMAIN_NAME --dhkey $DH_KEYLENGTH else - ${PROJECT_NAME}-addcert -e $FULLBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $FULLBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS fi check_certificates $FULLBLOG_DOMAIN_NAME fi @@ -8311,7 +8311,7 @@ quit" > $INSTALL_DIR/batch.sql if [[ $ONION_ONLY == "no" ]]; then if [ ! -f /etc/ssl/certs/$MICROBLOG_DOMAIN_NAME.dhparam ]; then - ${PROJECT_NAME}-addcert -e $MICROBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $MICROBLOG_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS check_certificates $MICROBLOG_DOMAIN_NAME fi fi @@ -8709,7 +8709,7 @@ quit" > $INSTALL_DIR/batch.sql if [[ $ONION_ONLY == "no" ]]; then if [ ! -f /etc/ssl/certs/$HUBZILLA_DOMAIN_NAME.dhparam ]; then - ${PROJECT_NAME}-addcert -e $HUBZILLA_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $HUBZILLA_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS check_certificates $HUBZILLA_DOMAIN_NAME fi fi @@ -9033,7 +9033,7 @@ function install_mediagoblin { if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then ${PROJECT_NAME}-addcert -h $MEDIAGOBLIN_DOMAIN_NAME --dhkey $DH_KEYLENGTH else - ${PROJECT_NAME}-addcert -e $MEDIAGOBLIN_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH + ${PROJECT_NAME}-addcert -e $MEDIAGOBLIN_DOMAIN_NAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH --email $MY_EMAIL_ADDRESS fi check_certificates $MEDIAGOBLIN_DOMAIN_NAME fi diff --git a/src/freedombone-addcert b/src/freedombone-addcert index 3c60c713..9abc1621 100755 --- a/src/freedombone-addcert +++ b/src/freedombone-addcert @@ -33,6 +33,9 @@ PROJECT_NAME='freedombone' export TEXTDOMAIN=${PROJECT_NAME}-addcert export TEXTDOMAINDIR="/usr/share/locale" +CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg +COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt + HOSTNAME= LETSENCRYPT_HOSTNAME= COUNTRY_CODE="US" @@ -46,6 +49,7 @@ DH_KEYLENGTH=2048 INSTALL_DIR=/root/build LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory' LETSENCRYPT_REPO='https://github.com/letsencrypt/letsencrypt' +MY_EMAIL_ADDRESS= function show_help { echo '' @@ -63,6 +67,7 @@ function show_help { echo $' -l --location [locn] Optional location name' echo $' -o --organisation [name] Optional organisation name' echo $' -u --unit [name] Optional unit name' + echo $' --email [address] Email address for letsencrypt' echo $' --dhkey [bits] DH key length in bits' echo $' --nodh "" Do not calculate DH params' echo $' --ca "" Certificate authority cert' @@ -86,6 +91,10 @@ case $key in shift LETSENCRYPT_HOSTNAME="$1" ;; + --email) + shift + MY_EMAIL_ADDRESS="$1" + ;; -s|--server) shift LETSENCRYPT_SERVER="$1" @@ -151,6 +160,23 @@ CERTFILE=$HOSTNAME function add_cert_letsencrypt { CERTFILE=$LETSENCRYPT_HOSTNAME + # obtain the email address for the admin user + if [ ! $MY_EMAIL_ADDRESS ]; then + if [ -f $CONFIG_FILE ]; then + if grep -q "MY_EMAIL_ADDRESS=" $CONFIG_FILE; then + MY_EMAIL_ADDRESS=$(cat $CONFIG_FILE | grep "MY_EMAIL_ADDRESS=" | awk -F '=' '{print $2}') + fi + fi + fi + if [ ! $MY_EMAIL_ADDRESS ]; then + if [ -f $COMPLETION_FILE ]; then + if grep -q "Admin user:" $COMPLETION_FILE; then + ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}') + MY_EMAIL_ADDRESS=$ADMIN_USER@$HOSTNAME + fi + fi + fi + if [ ! -d $INSTALL_DIR ]; then mkdir -p $INSTALL_DIR fi @@ -172,7 +198,7 @@ function add_cert_letsencrypt { systemctl stop nginx cd ${INSTALL_DIR}/letsencrypt - ./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default + ./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default --agree-tos --email $MY_EMAIL_ADDRESS if [ ! "$?" = "0" ]; then echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME" systemctl start nginx