Split renew and update certificates scripts.

2019-12-24 14:30:03 +00:00 · 2019-12-24 14:30:03 +00:00 · dc5621cb53
commit dc5621cb53
parent b4f8a53594
3 changed files with 49 additions and 41 deletions
--- a/domains.list
+++ b/domains.list
@ -1,12 +1,13 @@
 # Cloud
 cloud.typename.fr
-# pydio.typename.fr

 # Docker registry
 docker.typename.fr

 # Teaching
 pl.insa.typename.fr
+pages.typename.fr
+teaching.typename.fr

 # Storage
 data.typename.fr
@ -15,20 +16,23 @@ pdf.typename.fr
 # Git
 gitea.typename.fr
 gitlab.typename.fr
-# gituto.typename.fr
+drone.typename.fr
+
+# Jupyter
+jupyter.typename.fr
+
+# Latex
+latex.typename.fr

 # LDAP
 ldap.typename.fr
 ldapadmin.typename.fr

-# Jupyter
-jupyter.typename.fr
-
 # Mail
 # mail.typename.fr

 # Messaging
-mattermost.typename.fr
+# mattermost.typename.fr

 # Office
 office.typename.fr
@ -37,8 +41,12 @@ office.typename.fr
 domain1.typename.fr
 domain2.typename.fr
 domain3.typename.fr
-zik.typename.fr
-zikq.typename.fr

 # Tools
-webtools.typename.fr
+tools.typename.fr
+
+# INSA
+zik-insat.fr
+q.zik-insat.fr
+m.zik-insat.fr
+n.zik-insat.fr
--- a/renew_certs.sh
+++ b/renew_certs.sh
@ -1,36 +1,5 @@
 #!/bin/bash

-if [ $(id -u) -ne 0 ]; then
-    echo "This script must be run as root." > /dev/stderr
-    exit 1
-fi
-
-domains=$(cat domains.list | grep -v -E '^[[:space:]]*(#.*)?$')
-
-docker exec -it nginx_proxy mkdir -p /var/www/certbot
-
-docker run -it --rm --name letsencrypt \
-       --volumes-from nginx_proxy \
-       -v /etc/letsencrypt:/etc/letsencrypt:rw \
-       --network nginxproxy \
-       certbot/certbot \
-       certonly --webroot --webroot-path /var/www/certbot \
-       --config-dir=/etc/letsencrypt \
-       --agree-tos --renew-by-default \
-       --force-renewal \
-       --cert-name typename.fr \
-       -d $(echo typename.fr ${domains[*]} | tr ' ' ',')
-
-for domain in ${domains[*]}; do
-    echo "Creating symbolic links for ${domain}... "
-    dir=/etc/letsencrypt/live/${domain}
-    if [ -e "${dir}" ]; then
-        rm -rf ${dir}
-    fi
-    mkdir ${dir}
-    for link in /etc/letsencrypt/live/typename.fr/*.pem; do
-        ln -s $(readlink $link) ${dir}/$(basename $link)
-    done
-done
+$(dirname $0)/certbot renew --cert-name typename.fr

 docker-compose restart
--- a/update_certs.sh
+++ b/update_certs.sh
@ -0,0 +1,31 @@
+#!/bin/bash
+
+if [ $(id -u) -ne 0 ]; then
+    echo "This script must be run as root." > /dev/stderr
+    exit 1
+fi
+
+domains=$(cat domains.list | grep -v -E '^[[:space:]]*(#.*)?$')
+
+docker exec -it nginx_proxy mkdir -p /var/www/certbot
+
+$(dirname $0)/certbot \
+             certonly \
+             --agree-tos --renew-by-default \
+             --force-renewal \
+             --cert-name typename.fr \
+             -d $(echo typename.fr ${domains[*]} | tr ' ' ',')
+
+for domain in ${domains[*]}; do
+    echo "Creating symbolic links for ${domain}... "
+    dir=/etc/letsencrypt/live/${domain}
+    if [ -e "${dir}" ]; then
+        rm -rf ${dir}
+    fi
+    mkdir ${dir}
+    for link in /etc/letsencrypt/live/typename.fr/*.pem; do
+        ln -s $(readlink $link) ${dir}/$(basename $link)
+    done
+done
+
+docker-compose restart