add deploy tools
This commit is contained in:
Matthew Saunders Brown
parent
31035d8a47
commit
80db965dbf
34
sbin/letsencrypt-deploy.sh
Executable file
34
sbin/letsencrypt-deploy.sh
Executable file
|
|
@ -0,0 +1,34 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# letsencrypt-tools
|
||||
# https://git.stack-source.com/msb/letsencrypt-tools
|
||||
# Copyright (c) 2023 Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
|
||||
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
#
|
||||
# must be root
|
||||
if [ "$USER" != "root" ]; then
|
||||
exec sudo -u root $0 $@
|
||||
fi
|
||||
|
||||
if [[ -d /var/tmp/letsencrypt/ ]]; then
|
||||
domainArray=(`ls -1 /var/tmp/letsencrypt/`)
|
||||
for domain in "${domainArray[@]}"
|
||||
do
|
||||
rm /var/tmp/letsencrypt/$domain
|
||||
if /usr/local/bin/letsencrypt-certonly.sh -d $domain ; then
|
||||
if [[ "$domain" =~ ^mail.* ]]; then
|
||||
vmaildomain="${domain/mail./}"
|
||||
if [[ -d /var/vmail/$vmaildomain ]]; then
|
||||
/usr/local/bin/vmail-dovecot-enable.sh -d $domain
|
||||
/usr/local/bin/vhost-enable.sh -d $domain -m VMailHTTPS
|
||||
fi
|
||||
elif [[ -d /srv/www/$domain ]]; then
|
||||
/usr/local/bin/vhost-enable.sh -d $domain -m VHostHTTPS
|
||||
fi
|
||||
fi
|
||||
# add code to check for aliases and redirects?
|
||||
# run once and exit, script will be restarted if additional domains are still queued for cert deployment
|
||||
exit 0
|
||||
done
|
||||
fi
|
||||
|
||||
13
systemd/letsencrypt-deploy.path
Normal file
13
systemd/letsencrypt-deploy.path
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description="Monitor /var/tmp/letsencrypt/ for cert names to deploy."
|
||||
After=apache2.service
|
||||
|
||||
[Path]
|
||||
# TriggerLimitIntervalSec=60 - not available until next version of systemd (250)
|
||||
MakeDirectory=true
|
||||
DirectoryMode=0777
|
||||
DirectoryNotEmpty=/var/tmp/letsencrypt
|
||||
Unit=letsencrypt-deploy.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
7
systemd/letsencrypt-deploy.service
Normal file
7
systemd/letsencrypt-deploy.service
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
[Unit]
|
||||
Description="Deploy Let's Encrypt Certificate"
|
||||
ConditionDirectoryNotEmpty=/var/tmp/letsencrypt
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/local/sbin/letsencrypt-deploy.sh
|
||||
Loading…
Reference in New Issue
Block a user