waja / gist:4cc1e9ca87c0495397c7e51f647bd408

#!/bin/bash CRON="/etc/cron.daily/letsencrypt_autorenew" CONFIGURL="https://gist.githubusercontent.com/waja/8df78afb09691e4f383d818685f48885/raw/local.sh" CONFIGNAME="$(basename ${CONFIGURL})" CONFIGPATH="/etc/letsencrypt.sh/conf.d/" HOOKNAME="hook.sh" HOOKPATH="/etc/letsencrypt.sh/" SUITE="jessie-backports" PACKAGES="letsencrypt.sh letsencrypt.sh-apache2" apt-get install -t ${SUITE} ${PACKAGES} if [ ! -x ${CRON} ]; then echo '#!/bin/bash' > ${CRON} echo 'test -x /usr/bin/letsencrypt.sh && /usr/bin/letsencrypt.sh -c | grep -v -E "(^#|^Processing|Skipping renew|unchanged|Checking expire date of existing cert|^$)"' >> ${CRON} chmod +x ${CRON} fi [ -f ${CONFIGPATH}/${CONFIGNAME} ] || wget ${CONFIGURL} -O ${CONFIGPATH}/${CONFIGNAME} sed -i "s/^CONTACT_EMAIL=*/CONTACT_EMAIL=${1}/" ${CONFIGPATH}/${CONFIGNAME} [ -f ${HOOKPATH}/${HOOKNAME} ] || printf '#!/bin/sh\n[ "$1" != "deploy_cert" ] || /usr/sbin/service apache2 restart' > ${HOOKPATH}/${HOOKNAME}

# Path to certificate authority (default: https://acme-v01.api.letsencrypt.org/directory) #CA="https://acme-v01.api.letsencrypt.org/directory" # Program or function called in certain situations # # After generating the challenge-response, or after failed challenge (in this case altname is empty) # Given arguments: clean_challenge|deploy_challenge altname token-filename token-content # # After successfully signing certificate # Given arguments: deploy_cert domain path/to/privkey.pem path/to/cert.pem path/to/fullchain.pem # # BASEDIR and WELLKNOWN variables are exported and can be used in an external program # default: <unset> HOOK='/etc/letsencrypt.sh/hook.sh' # Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate (default: no) HOOK_CHAIN="yes" # Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1 #KEY_ALGO=rsa # E-mail to use during the registration (default: <unset>) CONTACT_EMAIL=