Renewal of letsencrypt certs as a cron job
This commit is contained in:
parent
0318ca8edf
commit
6ce7fc8a94
|
@ -1506,6 +1506,40 @@ function get_cjdns_password {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# script to automatically renew any Let's Encrypt certificates
|
||||||
|
function letsencrypt_renewals {
|
||||||
|
renewals_script=/etc/cron.monthly/letsencrypt
|
||||||
|
renewal_failure_msg=$'The certificate for $LETSENCRYPT_DOMAIN could not be renewed'
|
||||||
|
renewal_email_title=$'${PROJECT_NAME} Lets Encrypt certificate renewal'
|
||||||
|
|
||||||
|
echo '#!/bin/bash' > $renewals_script
|
||||||
|
echo '' >> $renewals_script
|
||||||
|
echo "PROJECT_NAME='freedombone'" >> $renewals_script
|
||||||
|
echo 'COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt' >> $renewals_script
|
||||||
|
echo '' >> $renewals_script
|
||||||
|
echo 'if [ -d /etc/letsencrypt ]; then' >> $renewals_script
|
||||||
|
echo -n ' ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | ' >> $renewals_script
|
||||||
|
echo -n "awk -F ':' '{print " >> $renewals_script
|
||||||
|
echo -n '$2' >> $renewals_script
|
||||||
|
echo "}')" >> $renewals_script
|
||||||
|
echo ' ADMIN_EMAIL_ADDRESS=$ADMIN_USERNAME@$HOSTNAME' >> $renewals_script
|
||||||
|
echo ' for d in /etc/letsencrypt/live/*/ ; do' >> $renewals_script
|
||||||
|
echo -n ' LETSENCRYPT_DOMAIN=$(echo "$d" | ' >> $renewals_script
|
||||||
|
echo -n "awk -F '/' '{print " >> $renewals_script
|
||||||
|
echo -n '$5' >> $renewals_script
|
||||||
|
echo "}')" >> $renewals_script
|
||||||
|
echo ' if [ -f /etc/nginx/sites-available/$LETSENCRYPT_DOMAIN ]; then' >> $renewals_script
|
||||||
|
echo ' ${PROJECT_NAME}-renew-cert -h $LETSENCRYPT_DOMAIN -p letsencrypt' >> $renewals_script
|
||||||
|
echo ' if [ ! "$?" = "0" ]; then' >> $renewals_script
|
||||||
|
echo -n " echo '$renewal_failure_msg' | mail -s '$renewal_email_title' " >> $renewals_script
|
||||||
|
echo '$ADMIN_EMAIL_ADDRESS' >> $renewals_script
|
||||||
|
echo ' fi' >> $renewals_script
|
||||||
|
echo ' fi' >> $renewals_script
|
||||||
|
echo ' done' >> $renewals_script
|
||||||
|
echo 'fi' >> $renewals_script
|
||||||
|
chmod +x renewals_script
|
||||||
|
}
|
||||||
|
|
||||||
function save_firewall_settings {
|
function save_firewall_settings {
|
||||||
iptables-save > /etc/firewall.conf
|
iptables-save > /etc/firewall.conf
|
||||||
ip6tables-save > /etc/firewall6.conf
|
ip6tables-save > /etc/firewall6.conf
|
||||||
|
@ -8946,6 +8980,7 @@ check_hwrng
|
||||||
search_for_attached_usb_drive
|
search_for_attached_usb_drive
|
||||||
regenerate_ssh_keys
|
regenerate_ssh_keys
|
||||||
create_upgrade_script
|
create_upgrade_script
|
||||||
|
letsencrypt_renewals
|
||||||
install_zeronet
|
install_zeronet
|
||||||
install_watchdog_script
|
install_watchdog_script
|
||||||
configure_avahi
|
configure_avahi
|
||||||
|
|
Loading…
Reference in New Issue