Last active
December 28, 2015 11:50
-
-
Save jkellerer/d279f69782e28c4a028e to your computer and use it in GitHub Desktop.
Ready-made script for creating or renewing certificates using letsencrypt running in docker (docker & git installation required).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
www.my-domain.org,my-domain.org,another-domain.org |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
CERT_PATH=/etc/letsencrypt | |
DOMAINS_FILE=conf/domains | |
ADMIN_EMAIL=admin@my-email.org | |
LETSENCRYPT_SOURCE=https://github.com/letsencrypt/letsencrypt.git | |
LETSENCRYPT_SOURCE_TAG=v0.1.1-corrected | |
CONTAINER_NAME=letsencrypt | |
PROCESS_NAME=letsencrypt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Create or renew certificates for "conf/domains" using Letsencrypt Client (in Docker container). | |
# | |
# Usage: get-or-renew-domains.sh [staging] | |
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" | |
. "${SCRIPT_DIR}/conf/setup" | |
read -r DOMAINS < "${SCRIPT_DIR}/${DOMAINS_FILE}" | |
# Check if Letsencrypt docker image exists and build it from sources when not. | |
DOCKER_IMAGE_ID=${CONTAINER_NAME}:${LETSENCRYPT_SOURCE_TAG} | |
DOCKER_IMAGE=$(docker images ${DOCKER_IMAGE_ID} | grep ${CONTAINER_NAME}) | |
if [ "${DOCKER_IMAGE}" == "" ] ; then | |
echo "Letsencrypt image not found, building it from sources." | |
docker build -t ${DOCKER_IMAGE_ID} \ | |
"${LETSENCRYPT_SOURCE}#${LETSENCRYPT_SOURCE_TAG}" | |
fi | |
# Ensuring that ${CERT_PATH} exists. | |
[ ! -d "${CERT_PATH}" ] && mkdir "${CERT_PATH}" | |
# Choosing letsencrpt server (use staging for tests to avoid rate limit) | |
if [ "$1" == "staging" ] ; then | |
STAGING_OPTION="--staging" | |
else | |
STAGING_OPTION="" | |
fi | |
# Calling Letsencrypt client to create or update all certs. | |
echo Creating or Renewing certs for $DOMAINS in ${CERT_PATH} | |
docker run --rm -ti \ | |
-p 443:443 \ | |
-v "${CERT_PATH}:/etc/letsencrypt" \ | |
--name ${PROCESS_NAME} ${DOCKER_IMAGE_ID} \ | |
--renew-by-default certonly ${STAGING_OPTION}\ | |
--domains "${DOMAINS}" \ | |
--email "${ADMIN_EMAIL}" | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment