From bbc1247c8dfdf2899a6c256645d162255d54d3cf Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Fri, 3 Feb 2017 10:13:18 -0700
Subject: [PATCH] Update letsencrypt.sh

Update the lets encrypt install.
---
 debian/resources/letsencrypt.sh | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/debian/resources/letsencrypt.sh b/debian/resources/letsencrypt.sh
index 06e5f2d..8492a01 100644
--- a/debian/resources/letsencrypt.sh
+++ b/debian/resources/letsencrypt.sh
@@ -2,7 +2,7 @@
 
 #request the domain and email
 read -p 'Domain Name: ' domain_name
-read -p 'Email Address: ' email
+read -p 'Email Address: ' email_address
 #domain_name=subdomain.domain.com
 #email=username@domain.com
 
@@ -14,8 +14,10 @@ rm -R /etc/letsencrypt
 cp nginx/fusionpbx /etc/nginx/sites-available/fusionpbx
 #ln -s /etc/nginx/sites-available/fusionpbx /etc/nginx/sites-enabled/fusionpbx
 
+#read the config
 /usr/sbin/nginx -t && /usr/sbin/nginx -s reload
 
+#install letsencrypt
 git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
 chmod 755 /opt/letsencrypt/certbot-auto
 /opt/letsencrypt/./certbot-auto
@@ -25,17 +27,33 @@ mkdir -p /var/www/letsencrypt/
 #cd $pwd
 #cd "$(dirname "$0")"
 
+#copy the domain conf
 cp letsencrypt/domain_name.conf /etc/letsencrypt/configs/$domain_name.conf
 
+#update the domain_name and email_address
 sed "s#{domain_name}#$domain_name#g" -i /etc/letsencrypt/configs/$domain_name.conf
-sed "s#{email_address}#$email#g" -i /etc/letsencrypt/configs/$domain_name.conf
+sed "s#{email_address}#$email_address#g" -i /etc/letsencrypt/configs/$domain_name.conf
 
 #letsencrypt
 #sed "s@#letsencrypt@location /.well-known/acme-challenge { root /var/www/letsencrypt; }@g" -i /etc/nginx/sites-available/fusionpbx
 
+#get the certs from letsencrypt
 cd /opt/letsencrypt && ./letsencrypt-auto --config /etc/letsencrypt/configs/$domain_name.conf certonly
 
+#update nginx config
 sed "s@ssl_certificate         /etc/ssl/certs/nginx.crt;@ssl_certificate /etc/letsencrypt/live/$domain_name/fullchain.pem;@g" -i /etc/nginx/sites-available/fusionpbx
 sed "s@ssl_certificate_key     /etc/ssl/private/nginx.key;@ssl_certificate_key /etc/letsencrypt/live/$domain_name/privkey.pem;@g" -i /etc/nginx/sites-available/fusionpbx
 
+#read the config
 /usr/sbin/nginx -t && /usr/sbin/nginx -s reload
+
+#combine the certs into all.pem
+cat /opt/letsencrypt/live/$domain_name/cert.pem > /opt/letsencrypt/live/$domain_name/all.pem
+cat /opt/letsencrypt/live/$domain_name/privkey.pem >> /opt/letsencrypt/live/$domain_name/all.pem
+cat /opt/letsencrypt/live/$domain_name/chain.pem >> /opt/letsencrypt/live/$domain_name/all.pem
+
+#copy the certs to the switch tls directory
+mkdir -p /etc/freeswitch/tls
+cp /etc/letsencrypt/live/$domain_name/*.pem /etc/freeswitch/tls
+cp /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/wss.pem
+chown -R www-data:www-data /etc/freeswitch