thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
726 Commits
1 Branch
Tree: a636a43948
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a636a43948'
${ noResults }
sovereign/roles/common/files/etc_cron-monthly_letsencryp...

etc_cron-monthly_letsencrypt-renew 883B
History Raw

12345678910111213141516171819202122232425 
  1. #!/bin/bash

  2. set -o errexit

  3. # Renew all live certificates with LetsEncrypt.  This needs to run at least

  4. # once every three months.

  5. 

  6. # Given a certificate file returns "domain1,domain2"

  7. # https://community.letsencrypt.org/t/help-me-understand-renewal-config/7115

  8. function getDomains() {

  9.         openssl x509 -text -in "$1" |

  10.         grep -A1 "Subject Alternative Name:" | tail -n1 |

  11.         tr -d ' ' | tr -d 'DNS:'

  12. }

  13. 

  14. service apache2 stop

  15. for c in $(find /etc/letsencrypt/live/ -mindepth 1  -type d); do

  16.   domains=$(getDomains "$c"/cert.pem)

  17.   /root/letsencrypt/letsencrypt-auto --renew certonly -c /etc/letsencrypt/cli.conf --domains=$domains

  18. done

  19. service apache2 start

  20. 

  21. # Services that rely on LE certificates may need restarted and/or other actions.

  22. for script in $(find /etc/letsencrypt/postrenew/ -maxdepth 1 -type f -executable); do

  23.   echo "Executing ${script}."

  24.   $script

  25. done