Update letsencrypt.sh
This commit is contained in:
FusionPBX
GitHub
parent
c64d34a675
commit
864698db9f
|
|
@ -12,6 +12,7 @@ cd "$(dirname "$0")"
|
||||||
. ./config.sh
|
. ./config.sh
|
||||||
|
|
||||||
#remove dehyrdated letsencrypt script
|
#remove dehyrdated letsencrypt script
|
||||||
|
#pkg remove dehydrated
|
||||||
#rm -R /usr/local/etc/dehydrated/
|
#rm -R /usr/local/etc/dehydrated/
|
||||||
#rm /usr/local/sbin/dehydrated
|
#rm /usr/local/sbin/dehydrated
|
||||||
#rm -R /usr/src/dehydrated
|
#rm -R /usr/src/dehydrated
|
||||||
|
|
@ -31,11 +32,12 @@ else
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#get and install dehydrated
|
#get and install dehydrated
|
||||||
cd /usr/src && git clone https://github.com/lukas2511/dehydrated.git
|
pkg install dehydrated
|
||||||
cd /usr/src/dehydrated
|
#cd /usr/src && git clone https://github.com/lukas2511/dehydrated.git
|
||||||
cp dehydrated /usr/local/sbin
|
#cd /usr/src/dehydrated
|
||||||
mkdir -p /usr/local/www/dehydrated
|
#cp dehydrated /usr/local/sbin
|
||||||
mkdir -p /usr/local/etc/dehydrated/certs
|
#mkdir -p /usr/local/www/dehydrated
|
||||||
|
#mkdir -p /usr/local/etc/dehydrated/certs
|
||||||
|
|
||||||
#remove the wildcard and period
|
#remove the wildcard and period
|
||||||
if [ .$wilcard_domain = ."y" ]; then
|
if [ .$wilcard_domain = ."y" ]; then
|
||||||
|
|
@ -62,9 +64,6 @@ cp docs/examples/config /usr/local/etc/dehydrated
|
||||||
#vim /usr/local/etc/dehydrated/config
|
#vim /usr/local/etc/dehydrated/config
|
||||||
#sed "s#CONTACT_EMAIL=#CONTACT_EMAIL=$email_address" -i /usr/local/etc/dehydrated/config
|
#sed "s#CONTACT_EMAIL=#CONTACT_EMAIL=$email_address" -i /usr/local/etc/dehydrated/config
|
||||||
|
|
||||||
#make sure the nginx ssl directory exists
|
|
||||||
mkdir -p /usr/local/etc/nginx/ssl
|
|
||||||
|
|
||||||
#accept the terms
|
#accept the terms
|
||||||
dehydrated --register --accept-terms --config /usr/local/etc/dehydrated/config
|
dehydrated --register --accept-terms --config /usr/local/etc/dehydrated/config
|
||||||
|
|
||||||
|
|
@ -78,9 +77,15 @@ if [ .$wilcard_domain = ."n" ]; then
|
||||||
dehydrated --cron --domain $domain_name --config /usr/local/etc/dehydrated/config --config /usr/local/etc/dehydrated/config --out /usr/local/etc/dehydrated/certs --challenge dns-01 --hook /usr/local/etc/dehydrated/hook.sh
|
dehydrated --cron --domain $domain_name --config /usr/local/etc/dehydrated/config --config /usr/local/etc/dehydrated/config --out /usr/local/etc/dehydrated/certs --challenge dns-01 --hook /usr/local/etc/dehydrated/hook.sh
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#update nginx config
|
#remove the old backups
|
||||||
sed "s@ssl_certificate /etc/ssl/certs/nginx.crt;@ssl_certificate /usr/local/etc/dehydrated/certs/$domain_name/fullchain.pem;@g" -i /usr/local/etc/nginx/sites-available/fusionpbx
|
rm /usr/local/etc/nginx/server.crt.backup
|
||||||
sed "s@ssl_certificate_key /etc/ssl/private/nginx.key;@ssl_certificate_key /usr/local/etc/dehydrated/certs/$domain_name/privkey.pem;@g" -i /usr/local/etc/nginx/sites-available/fusionpbx
|
rm /usr/local/etc/nginx/server.key.backup
|
||||||
|
|
||||||
|
#nginx config - backup the original certificates and copy the news ones for nginx
|
||||||
|
mv /usr/local/etc/nginx/server.crt /usr/local/etc/nginx/server.crt.backup
|
||||||
|
mv /usr/local/etc/nginx/server.key /usr/local/etc/nginx/server.key.backup
|
||||||
|
cp /usr/local/etc/dehydrated/certs/$domain_name/fullchain.pem /usr/local/etc/nginx/server.crt
|
||||||
|
cp /usr/local/etc/dehydrated/certs/$domain_name/privkey.pem /usr/local/etc/nginx/server.key
|
||||||
|
|
||||||
#read the config
|
#read the config
|
||||||
/usr/local/sbin/nginx -t && /usr/local/sbin/nginx -s reload
|
/usr/local/sbin/nginx -t && /usr/local/sbin/nginx -s reload
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue