From 37e5ca6484ab6dd61746a6e049150e23c18be806 Mon Sep 17 00:00:00 2001 From: Nicolas Roman Date: Wed, 10 Jul 2019 16:56:50 +0200 Subject: [PATCH] generate-ssl-certificate and update-ssl-configuration methods for web-add.sh --- scripts/web-add.sh | 52 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/scripts/web-add.sh b/scripts/web-add.sh index bd4571b..2c9c9e6 100755 --- a/scripts/web-add.sh +++ b/scripts/web-add.sh @@ -161,6 +161,20 @@ manage-http-challenge-file [CREATE | DELETE] Create or delete a dummy file for the Let's Encrypt HTTP challenge The default directory is /var/lib/letsencrypt/.well-known/ + +generate-csr LOGIN DOMAINS + + Generate the request for the Let's Encrypt certificate + +generate-ssl-certificate LOGIN [TRUE | FALSE] + + Generate the Let's Encrypt certificate + Run in TEST mode if TRUE + +update-ssl-vhost-configuration LOGIN + + Add the 443 port to the vhost configuration and reload the service + EOT } @@ -856,6 +870,12 @@ arg_processing() { generate-csr) op_makecsr "$@" ;; + generate-ssl-certificate) + op_generatesslcertificate "$@" + ;; + update-ssl-vhost-configuration) + op_updatesslvhost "$@" + ;; *) usage ;; @@ -881,6 +901,38 @@ op_makecsr() { fi } +op_generatesslcertificate() { + if [ $# -gt 1 ]; then + vhost="$1" + test_mode="$2" + + if [ "$test_mode" = "false" ]; then + evoacme "$vhost" + else + TEST=1 evoacme "$vhost" + fi + else usage + fi +} + +op_updatesslvhost() { + if [ $# -eq 1 ]; then + vhostfile="/etc/apache2/sites-enabled/$1.conf" + + sed -i "s/:80>/:80 *:443>/" "$vhostfile" + + configtest_out=$(apache2ctl configtest) + configtest_rc=$? + + if [ "$configtest_rc" = "0" ]; then + /etc/init.d/apache2 force-reload >/dev/null + else + echo $configtest_out >&2 + fi + else usage + fi +} + op_managehttpchallengefile() { if [ $# -eq 1 ]; then folder="/var/lib/letsencrypt/.well-known/acme-challenge"