Renew letsencrypt certs by default

This commit is contained in:
Bob Mottram 2016-01-02 13:14:56 +00:00
parent 2dc6ccebe9
commit d2ab7bbe18
2 changed files with 8 additions and 13 deletions

View File

@ -172,7 +172,7 @@ function add_cert_letsencrypt {
systemctl stop nginx
cd ${INSTALL_DIR}/letsencrypt
./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME
./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default
if [ ! "$?" = "0" ]; then
echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
systemctl start nginx

View File

@ -37,6 +37,7 @@ HOSTNAME=
PROVIDER='startssl'
DH_KEYLENGTH=2048
LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory'
INSTALL_DIR=/root/build
function show_help {
echo ''
@ -54,21 +55,15 @@ function show_help {
function renew_letsencrypt {
if [ ! -f /etc/letsencrypt/live/${HOSTNAME}/fullchain.pem ]; then
echo $"Adding Let's Encrypt certificate"
else
echo $"Renewing Let's Encrypt certificate"
fi
${PROJECT_NAME}-addcert -e $HOSTNAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
if [ ! "$?" = "0" ]; then
echo $"Unable to add Let's encrypt certificate"
exit 6328
fi
else
echo $"Renewing Let's Encrypt certificate"
letsencrypt renew \
--cert-path /etc/letsencrypt/live/${HOSTNAME}/fullchain.pem \
--key-path /etc/letsencrypt/live/${HOSTNAME}/privkey.pem
if [ ! "$?" = "0" ]; then
echo $"Unable to renew Let's encrypt certificate"
exit 2624
fi
fi
# Ensure that links are in place
ln -s /etc/letsencrypt/live/${HOSTNAME}/privkey.pem /etc/ssl/private/${HOSTNAME}.key