Browse Source

Simplified LE renew script

Tomas Bedrich 8 years ago
parent
commit
e08acd2deb
1 changed files with 3 additions and 15 deletions
  1. 3
    15
      roles/common/files/etc_cron-monthly_letsencrypt-renew

+ 3
- 15
roles/common/files/etc_cron-monthly_letsencrypt-renew View File

@@ -1,22 +1,10 @@
1 1
 #!/bin/bash
2 2
 set -o errexit
3 3
 # Renew all live certificates with LetsEncrypt.  This needs to run at least
4
-# once every three months.
4
+# once every three months, but recommanded frequency is once a day.
5 5
 
6
-# Given a certificate file returns "domain1,domain2"
7
-# https://community.letsencrypt.org/t/help-me-understand-renewal-config/7115
8
-function getDomains() {
9
-        openssl x509 -text -in "$1" |
10
-        grep -A1 "Subject Alternative Name:" | tail -n1 |
11
-        tr -d ' ' | tr -d 'DNS:'
12
-}
13
-
14
-service apache2 stop
15
-for c in $(find /etc/letsencrypt/live/ -mindepth 1  -type d); do
16
-  domains=$(getDomains "$c"/cert.pem)
17
-  /root/letsencrypt/letsencrypt-auto --renew certonly -c /etc/letsencrypt/cli.conf --domains=$domains
18
-done
19
-service apache2 start
6
+/root/letsencrypt/letsencrypt-auto renew --pre-hook="service apache2 stop" --post-hook="service apache2 start" \
7
+    -c /etc/letsencrypt/cli.conf
20 8
 
21 9
 # Services that rely on LE certificates may need restarted and/or other actions.
22 10
 for script in $(find /etc/letsencrypt/postrenew/ -maxdepth 1 -type f -executable); do

Loading…
Cancel
Save