Preparing for letsencrypt

src/freedombone-addcert

@@ -45,6 +45,7 @@ NODH=
 DH_KEYLENGTH=2048
 INSTALL_DIR=/root/build
 LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory'
+LETSENCRYPT_REPO='https://github.com/letsencrypt/letsencrypt'
 
 function show_help {
     echo ''
@@ -155,7 +156,7 @@ if [ $LETSENCRYPT_HOSTNAME ]; then
 
     # obtain the repo
     if [ ! -d ${INSTALL_DIR}/letsencrypt ]; then
-        git clone https://github.com/letsencrypt/letsencrypt
+        git clone $LETSENCRYPT_REPO
         if [ ! -d ${INSTALL_DIR}/letsencrypt ]; then
             exit 76283
         fi
@@ -165,11 +166,15 @@ if [ $LETSENCRYPT_HOSTNAME ]; then
         git pull
     fi
 
+    # stop the web server
+    systemctl stop nginx
+
     cd ${INSTALL_DIR}/letsencrypt
     # TODO this requires user interaction - is there a non-interactive mode?
     ./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME
     if [ ! "$?" = "0" ]; then
         echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
+        systemctl start nginx
         exit 63216
     fi
 
@@ -200,6 +205,7 @@ if [ $LETSENCRYPT_HOSTNAME ]; then
     ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
 
     cp /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/mycerts/${LETSENCRYPT_HOSTNAME}.pem
+    systemctl start nginx
 else
     CERTFILE=$HOSTNAME
     if [[ $ORGANISATION == "Freedombone-CA" ]]; then