1234567891011121314151617181920212223242526272829303132333435363738 |
- #!/bin/bash
-
- # Call script like this:
- # letsencrypt-gencert foo.com bar.com baz.com
-
- # Build list of domains and subdomains we need a certificate for
- d=""
- for domain in "$@"; do
- # domain itself - foo.com
- # only add if the DNS entry for the domain does actually exist
- if (getent hosts $domain > /dev/null); then
- if [ -z "$d" ]; then
- d="$domain";
- else
- d="$d,$domain";
- fi
- fi
-
- # subdomains - www.foo.com mail.foo.com ...
- # TODO includes servername (eddie / stage)!
- for sub in stage www mail autoconfig stats news cloud git matrix status social comments iot wiki jitsi kanboard chat; do
- # only add if the DNS entry for the subdomain does actually exist
- if (getent hosts $sub.$domain > /dev/null); then
- if [ -z "$d" ]; then
- d="$sub.$domain";
- else
- d="$d,$sub.$domain";
- fi
- fi
- done
- done
-
- # We are using the "standalone" letsencrypt plugin, which runs its own
- # webserver, so we need to temporarily free up the HTTP(S) ports by stopping
- # our own Apache.
- service apache2 stop
- certbot certonly --standalone -c /etc/letsencrypt/cli.conf --domains $d
- service apache2 start
|