31 lines
1.5 KiB
Plaintext
31 lines
1.5 KiB
Plaintext
#!/usr/bin/with-contenv bash
|
|
|
|
if [[ ! -d /mnt/config/ssl/live ]]; then
|
|
s6-setuidgid guardian mkdir -p /mnt/config/ssl/live
|
|
fi
|
|
|
|
if [[ ! -f /mnt/config/etc/domains-configured ]]; then
|
|
echo "" > /mnt/config/etc/domains-configured
|
|
fi
|
|
|
|
echo "$SSLDOMAINS" > /mnt/config/etc/domains-requested
|
|
CURDOMAINS=`head -1 /mnt/config/etc/domains-configured`
|
|
|
|
if [[ "x$SSLDOMAINS" != "x$CURDOMAINS" ]]; then
|
|
if [[ $(ls /mnt/config/ssl/live | wc -l) -gt 0 ]]; then
|
|
ls /mnt/config/ssl/live | xargs -n1 -I{} certbot revoke -n --config-dir /mnt/config/ssl --logs-dir /mnt/config/log --max-log-backups 0 --cert-path "/mnt/config/ssl/live/{}/fullchain.pem" --reason superseded --work-dir /tmp/certbot
|
|
ls /mnt/config/ssl/live | xargs -n1 -I{} certbot delete -n --config-dir /mnt/config/ssl --logs-dir /mnt/config/log --max-log-backups 0 --cert-name "{}" --work-dir /tmp/certbot
|
|
rm -rf /mnt/config/etc/domains-configured
|
|
fi
|
|
fi
|
|
|
|
if [[ $(ls /mnt/config/ssl/live | wc -l) -eq 0 ]]; then
|
|
if [[ ! -z "$SSLDOMAINS" && $SSLEMAIL == *@* ]]; then
|
|
certbot certonly -n --agree-tos --rsa-key-size 4096 --keep --config-dir /mnt/config/ssl --logs-dir /mnt/config/log --max-log-backups 0 --email "$SSLEMAIL" --standalone -d "$SSLDOMAINS" --work-dir /tmp/certbot
|
|
if [[ $(ls /mnt/config/ssl/live | wc -l) -gt 0 ]]; then
|
|
cp /mnt/config/etc/domains-requested /mnt/config/etc/domains-configured
|
|
fi
|
|
fi
|
|
else
|
|
certbot renew -n --agree-tos --rsa-key-size 4096 --config-dir /mnt/config/ssl --logs-dir /mnt/config/log --max-log-backups 0 --work-dir /tmp/certbot
|
|
fi |