New sequence certbot for install and update of certificates

2019-12-13 23:48:06 +01:00
parent 91f9f8a8da
commit bc5d30f400
2 changed files with 108 additions and 0 deletions
--- a/seqs/certbot.cfg.example
+++ b/seqs/certbot.cfg.example
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# Web root path where certbot will place the ACME challenge files
+#
+# A nginx example location which needs to placed in the server config listening on port 80 
+# for the first time and also in the config listeing on port 443 for renewals:
+#
+# location ^~ /.well-known/acme-challenge/ {
+#   default_type "text/plain";
+#   root /var/www/letsencrypt;
+# }
+CERTBOT_WEBROOT="/var/www/letsencrypt"
+
+# Email address for important account notifications
+CERTBOT_MAIL="postmaster@mydomain.eu"
+
+# List you domains here.
+# The first will be the subject CN and all other will be listed as Subject Alternative Names.
+CERTBOT_DOMAINS=(\
+ mydomain.eu \
+ www.mydomain.eu \
+ )
--- a/seqs/certbot.sh
+++ b/seqs/certbot.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+
+# Certbot installation and creation supporting Raspbian and Ubuntu.
+# Certificate can be created/updated as "certonly" only.
+
+toolName=certbot
+
+# Get script working directory
+# (when called from a different directory)
+WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
+CONFIG_FILE="$WDIR/${toolName}.cfg"
+CONFIG_FILE_DEFAULT="${CONFIG_FILE}.example"
+
+step_config() {
+  if [ ! -s "$CONFIG_FILE" ] && [ ! -s "$CONFIG_FILE_DEFAULT" ] ; then
+    echoerr " [E] No configuration \"$CONFIG_FILE_DEFAULT\" or \"$CONFIG_FILE\" found"
+    exit 1;
+  fi
+  if [ -s "$CONFIG_FILE" ] ; then
+    . "$CONFIG_FILE"
+  else
+    echoerr " [E] No user configuration \"$CONFIG_FILE\" found. (See template $CONFIG_FILE_DEFAULT)"
+  fi
+}
+
+step_1_info() { echo "Install $toolName for letsencrypt"; }
+step_1_alias() { ALIAS="install"; }
+step_1() {
+  local osName=
+  local distName=
+
+  if [ "$(which lsb_release)" == "" ] ; then
+    echoerr " [W] Cannot detect OS. Assuming Ubuntu"
+    osName="Ubuntu"
+  else  
+    osName=$(lsb_release -is)
+    distName=$(lsb_release -cs)
+  fi
+
+  if [ "$osName" == "" ] ; then
+    echoerr " [W] Error dedecting OS. Assuming Ubuntu"
+    osName="Ubuntu"
+  fi
+
+  echo " [I] Detected OS: $osName $distName"
+  
+  local aptOption=
+  if [ $QUIET -ne 0 ] ; then
+    aptOption="-y"
+  else
+    aptOption=""
+  fi
+
+  if [ "$osName" == "Ubuntu" ] ; then
+    exe apt-get update
+    exe apt-get install software-properties-common $aptOption
+    saveReturn $?
+    exe add-apt-repository universe $aptOption
+    saveReturn $?
+    exe add-apt-repository ppa:certbot/certbot $aptOption
+    saveReturn $?
+    exe apt-get update
+
+    exe apt-get install $toolName $aptOption
+    saveReturn $?
+    endReturn "$toolName installation for $osName failed"
+  elif [ "$osName" == "Raspbian" ] ; then
+    exe apt update
+    exe apt install certbot
+    endReturn "$toolName installation for $osName failed"
+  fi
+}
+
+step_2_info() { echo "Create or update letsencrypt certificate"; }
+step_2_alias() { ALIAS="update"; }
+step_2() {
+  endCheckEmpty CERTBOT_DOMAINS "Invalid domain list"
+  endCheckEmpty CERTBOT_WEBROOT "Invalid web root"
+  endCheckEmpty CERTBOT_MAIL "Invalid mail address"
+
+  exe certbot certonly --webroot -w "$CERTBOT_WEBROOT" --rsa-key-size 4096 --expand --agree-tos \
+    -m "$CERTBOT_MAIL" ${CERTBOT_DOMAINS[@]/#/-d }
+}
+
+VERSION_SEQREV=8
+. /usr/local/bin/sequencer.sh