msb/letsencrypt-tools
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add deploy tools

Browse Source
This commit is contained in:
Matthew Saunders Brown 2023-06-16 11:25:12 -07:00
parent 31035d8a47
commit 80db965dbf
3 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
sbin/letsencrypt-deploy.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
#
# letsencrypt-tools
# https://git.stack-source.com/msb/letsencrypt-tools
# Copyright (c) 2023 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
#
# must be root
if [ "$USER" != "root" ]; then
exec sudo -u root $0 $@
fi
if [[ -d /var/tmp/letsencrypt/ ]]; then
domainArray=(`ls -1 /var/tmp/letsencrypt/`)
for domain in "${domainArray[@]}"
do
rm /var/tmp/letsencrypt/$domain
if /usr/local/bin/letsencrypt-certonly.sh -d $domain ; then
if [[ "$domain" =~ ^mail.* ]]; then
vmaildomain="${domain/mail./}"
if [[ -d /var/vmail/$vmaildomain ]]; then
/usr/local/bin/vmail-dovecot-enable.sh -d $domain
/usr/local/bin/vhost-enable.sh -d $domain -m VMailHTTPS
fi
elif [[ -d /srv/www/$domain ]]; then
/usr/local/bin/vhost-enable.sh -d $domain -m VHostHTTPS
fi
fi
# add code to check for aliases and redirects?
# run once and exit, script will be restarted if additional domains are still queued for cert deployment
exit 0
done
fi

13
systemd/letsencrypt-deploy.path Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description="Monitor /var/tmp/letsencrypt/ for cert names to deploy."
After=apache2.service
[Path]
# TriggerLimitIntervalSec=60 - not available until next version of systemd (250)
MakeDirectory=true
DirectoryMode=0777
DirectoryNotEmpty=/var/tmp/letsencrypt
Unit=letsencrypt-deploy.service
[Install]
WantedBy=multi-user.target

7
systemd/letsencrypt-deploy.service Normal file
View File

@ -0,0 +1,7 @@
[Unit]
Description="Deploy Let's Encrypt Certificate"
ConditionDirectoryNotEmpty=/var/tmp/letsencrypt
[Service]
Type=oneshot
ExecStart=/usr/local/sbin/letsencrypt-deploy.sh