thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1086 Commits
1 Branch
Tree: e6bd74153d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e6bd74153d'
${ noResults }
sovereign/roles/sslletsencrypt/templates/root_letsencrypt_gencert.j2

root_letsencrypt_gencert.j2 1005B
History Raw

12345678910111213141516171819202122232425262728293031323334 
  1. #!/bin/bash

  2. 

  3. # Build list of domains and subdomains we need a certificate for

  4. d=""

  5. for domain in {{ virtual_domains | json_query('[*].name') | join(' ') }}; do

  6.   # domain itself - foo.com

  7.   # only add if the DNS entry for the domain does actually exist

  8.   if (getent hosts $domain > /dev/null); then

  9.     if [ -z "$d" ]; then

  10.       d="$domain";

  11.     else

  12.       d="$d,$domain";

  13.     fi

  14.   fi

  15. 

  16.   # subdomains - www.foo.com mail.foo.com ...

  17.   for sub in {{ subdomains | join(' ') }}; do

  18.     # only add if the DNS entry for the subdomain does actually exist

  19.     if (getent hosts $sub.$domain > /dev/null); then

  20.       if [ -z "$d" ]; then

  21.         d="$sub.$domain";

  22.       else

  23.         d="$d,$sub.$domain";

  24.       fi

  25.     fi

  26.   done

  27. done

  28. 

  29. # We are using the "standalone" letsencrypt plugin, which runs its own

  30. # webserver, so we need to temporarily free up the HTTP(S) ports by stopping

  31. # our own Apache.

  32. service apache2 stop

  33. certbot certonly --standalone -c /etc/letsencrypt/cli.conf --domains $d

  34. service apache2 start