Renew letsencrypt certs by default
This commit is contained in:
parent
2dc6ccebe9
commit
d2ab7bbe18
|
@ -172,7 +172,7 @@ function add_cert_letsencrypt {
|
|||
systemctl stop nginx
|
||||
|
||||
cd ${INSTALL_DIR}/letsencrypt
|
||||
./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME
|
||||
./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default
|
||||
if [ ! "$?" = "0" ]; then
|
||||
echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
|
||||
systemctl start nginx
|
||||
|
|
|
@ -37,6 +37,7 @@ HOSTNAME=
|
|||
PROVIDER='startssl'
|
||||
DH_KEYLENGTH=2048
|
||||
LETSENCRYPT_SERVER='https://acme-v01.api.letsencrypt.org/directory'
|
||||
INSTALL_DIR=/root/build
|
||||
|
||||
function show_help {
|
||||
echo ''
|
||||
|
@ -54,21 +55,15 @@ function show_help {
|
|||
function renew_letsencrypt {
|
||||
if [ ! -f /etc/letsencrypt/live/${HOSTNAME}/fullchain.pem ]; then
|
||||
echo $"Adding Let's Encrypt certificate"
|
||||
else
|
||||
echo $"Renewing Let's Encrypt certificate"
|
||||
fi
|
||||
|
||||
${PROJECT_NAME}-addcert -e $HOSTNAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
|
||||
if [ ! "$?" = "0" ]; then
|
||||
echo $"Unable to add Let's encrypt certificate"
|
||||
exit 6328
|
||||
fi
|
||||
else
|
||||
echo $"Renewing Let's Encrypt certificate"
|
||||
letsencrypt renew \
|
||||
--cert-path /etc/letsencrypt/live/${HOSTNAME}/fullchain.pem \
|
||||
--key-path /etc/letsencrypt/live/${HOSTNAME}/privkey.pem
|
||||
if [ ! "$?" = "0" ]; then
|
||||
echo $"Unable to renew Let's encrypt certificate"
|
||||
exit 2624
|
||||
fi
|
||||
fi
|
||||
|
||||
# Ensure that links are in place
|
||||
ln -s /etc/letsencrypt/live/${HOSTNAME}/privkey.pem /etc/ssl/private/${HOSTNAME}.key
|
||||
|
|
Loading…
Reference in New Issue