mikael.capelle/nginx-proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Split renew and update certificates scripts.

Browse Source
This commit is contained in:
Mikaël Capelle 2019-12-24 14:30:03 +00:00
parent b4f8a53594
commit dc5621cb53
3 changed files with 49 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
domains.list
View File

@ -1,12 +1,13 @@
# Cloud # Cloud
cloud.typename.fr cloud.typename.fr
# pydio.typename.fr
# Docker registry # Docker registry
docker.typename.fr docker.typename.fr
# Teaching # Teaching
pl.insa.typename.fr pl.insa.typename.fr
pages.typename.fr
teaching.typename.fr
# Storage # Storage
data.typename.fr data.typename.fr
@ -15,20 +16,23 @@ pdf.typename.fr
# Git # Git
gitea.typename.fr gitea.typename.fr
gitlab.typename.fr gitlab.typename.fr
# gituto.typename.fr drone.typename.fr
# Jupyter
jupyter.typename.fr
# Latex
latex.typename.fr
# LDAP # LDAP
ldap.typename.fr ldap.typename.fr
ldapadmin.typename.fr ldapadmin.typename.fr
# Jupyter
jupyter.typename.fr
# Mail # Mail
# mail.typename.fr # mail.typename.fr
# Messaging # Messaging
mattermost.typename.fr # mattermost.typename.fr
# Office # Office
office.typename.fr office.typename.fr
@ -37,8 +41,12 @@ office.typename.fr
domain1.typename.fr domain1.typename.fr
domain2.typename.fr domain2.typename.fr
domain3.typename.fr domain3.typename.fr
zik.typename.fr
zikq.typename.fr
# Tools # Tools
webtools.typename.fr tools.typename.fr
# INSA
zik-insat.fr
q.zik-insat.fr
m.zik-insat.fr
n.zik-insat.fr

33
renew_certs.sh
View File

@ -1,36 +1,5 @@
#!/bin/bash #!/bin/bash
if [ $(id -u) -ne 0 ]; then $(dirname $0)/certbot renew --cert-name typename.fr
echo "This script must be run as root." > /dev/stderr
exit 1
fi
domains=$(cat domains.list | grep -v -E '^[[:space:]]*(#.*)?$')
docker exec -it nginx_proxy mkdir -p /var/www/certbot
docker run -it --rm --name letsencrypt \
--volumes-from nginx_proxy \
-v /etc/letsencrypt:/etc/letsencrypt:rw \
--network nginxproxy \
certbot/certbot \
certonly --webroot --webroot-path /var/www/certbot \
--config-dir=/etc/letsencrypt \
--agree-tos --renew-by-default \
--force-renewal \
--cert-name typename.fr \
-d $(echo typename.fr ${domains[*]} | tr ' ' ',')
for domain in ${domains[*]}; do
echo "Creating symbolic links for ${domain}... "
dir=/etc/letsencrypt/live/${domain}
if [ -e "${dir}" ]; then
rm -rf ${dir}
fi
mkdir ${dir}
for link in /etc/letsencrypt/live/typename.fr/*.pem; do
ln -s $(readlink $link) ${dir}/$(basename $link)
done
done
docker-compose restart docker-compose restart

31
update_certs.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
if [ $(id -u) -ne 0 ]; then
echo "This script must be run as root." > /dev/stderr
exit 1
fi
domains=$(cat domains.list | grep -v -E '^[[:space:]]*(#.*)?$')
docker exec -it nginx_proxy mkdir -p /var/www/certbot
$(dirname $0)/certbot \
certonly \
--agree-tos --renew-by-default \
--force-renewal \
--cert-name typename.fr \
-d $(echo typename.fr ${domains[*]} | tr ' ' ',')
for domain in ${domains[*]}; do
echo "Creating symbolic links for ${domain}... "
dir=/etc/letsencrypt/live/${domain}
if [ -e "${dir}" ]; then
rm -rf ${dir}
fi
mkdir ${dir}
for link in /etc/letsencrypt/live/typename.fr/*.pem; do
ln -s $(readlink $link) ${dir}/$(basename $link)
done
done
docker-compose restart