From dc5621cb53caa84d1912866625d6b0b98f06ebc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mika=C3=ABl=20Capelle?= Date: Tue, 24 Dec 2019 14:30:03 +0000 Subject: [PATCH] Split renew and update certificates scripts. --- domains.list | 26 +++++++++++++++++--------- renew_certs.sh | 33 +-------------------------------- update_certs.sh | 31 +++++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+), 41 deletions(-) create mode 100755 update_certs.sh diff --git a/domains.list b/domains.list index 51a77fc..d5e3ea1 100644 --- a/domains.list +++ b/domains.list @@ -1,12 +1,13 @@ # Cloud cloud.typename.fr -# pydio.typename.fr # Docker registry docker.typename.fr # Teaching pl.insa.typename.fr +pages.typename.fr +teaching.typename.fr # Storage data.typename.fr @@ -15,20 +16,23 @@ pdf.typename.fr # Git gitea.typename.fr gitlab.typename.fr -# gituto.typename.fr +drone.typename.fr + +# Jupyter +jupyter.typename.fr + +# Latex +latex.typename.fr # LDAP ldap.typename.fr ldapadmin.typename.fr -# Jupyter -jupyter.typename.fr - # Mail # mail.typename.fr # Messaging -mattermost.typename.fr +# mattermost.typename.fr # Office office.typename.fr @@ -37,8 +41,12 @@ office.typename.fr domain1.typename.fr domain2.typename.fr domain3.typename.fr -zik.typename.fr -zikq.typename.fr # Tools -webtools.typename.fr +tools.typename.fr + +# INSA +zik-insat.fr +q.zik-insat.fr +m.zik-insat.fr +n.zik-insat.fr diff --git a/renew_certs.sh b/renew_certs.sh index 2c97318..e633f35 100755 --- a/renew_certs.sh +++ b/renew_certs.sh @@ -1,36 +1,5 @@ #!/bin/bash -if [ $(id -u) -ne 0 ]; then - echo "This script must be run as root." > /dev/stderr - exit 1 -fi - -domains=$(cat domains.list | grep -v -E '^[[:space:]]*(#.*)?$') - -docker exec -it nginx_proxy mkdir -p /var/www/certbot - -docker run -it --rm --name letsencrypt \ - --volumes-from nginx_proxy \ - -v /etc/letsencrypt:/etc/letsencrypt:rw \ - --network nginxproxy \ - certbot/certbot \ - certonly --webroot --webroot-path /var/www/certbot \ - --config-dir=/etc/letsencrypt \ - --agree-tos --renew-by-default \ - --force-renewal \ - --cert-name typename.fr \ - -d $(echo typename.fr ${domains[*]} | tr ' ' ',') - -for domain in ${domains[*]}; do - echo "Creating symbolic links for ${domain}... " - dir=/etc/letsencrypt/live/${domain} - if [ -e "${dir}" ]; then - rm -rf ${dir} - fi - mkdir ${dir} - for link in /etc/letsencrypt/live/typename.fr/*.pem; do - ln -s $(readlink $link) ${dir}/$(basename $link) - done -done +$(dirname $0)/certbot renew --cert-name typename.fr docker-compose restart diff --git a/update_certs.sh b/update_certs.sh new file mode 100755 index 0000000..71c67f8 --- /dev/null +++ b/update_certs.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ]; then + echo "This script must be run as root." > /dev/stderr + exit 1 +fi + +domains=$(cat domains.list | grep -v -E '^[[:space:]]*(#.*)?$') + +docker exec -it nginx_proxy mkdir -p /var/www/certbot + +$(dirname $0)/certbot \ + certonly \ + --agree-tos --renew-by-default \ + --force-renewal \ + --cert-name typename.fr \ + -d $(echo typename.fr ${domains[*]} | tr ' ' ',') + +for domain in ${domains[*]}; do + echo "Creating symbolic links for ${domain}... " + dir=/etc/letsencrypt/live/${domain} + if [ -e "${dir}" ]; then + rm -rf ${dir} + fi + mkdir ${dir} + for link in /etc/letsencrypt/live/typename.fr/*.pem; do + ln -s $(readlink $link) ${dir}/$(basename $link) + done +done + +docker-compose restart