diff options
| author | crupest <crupest@outlook.com> | 2022-11-23 11:39:43 +0800 |
|---|---|---|
| committer | crupest <crupest@outlook.com> | 2022-11-23 11:39:43 +0800 |
| commit | 8d225386793ae68292308f4c5b429df40b67adb3 (patch) | |
| tree | f228dd85e6c0ac92c6268bc46d72e210987cee2b /docker/auto-certbot/daemon.bash | |
| parent | 6b6f5f78558938284984879bd2f86e4e1f2a45c3 (diff) | |
| download | crupest-8d225386793ae68292308f4c5b429df40b67adb3.tar.gz crupest-8d225386793ae68292308f4c5b429df40b67adb3.tar.bz2 crupest-8d225386793ae68292308f4c5b429df40b67adb3.zip | |
Fix auto-certbot.
Diffstat (limited to 'docker/auto-certbot/daemon.bash')
| -rwxr-xr-x | docker/auto-certbot/daemon.bash | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/docker/auto-certbot/daemon.bash b/docker/auto-certbot/daemon.bash index de21ba8..10b2a25 100755 --- a/docker/auto-certbot/daemon.bash +++ b/docker/auto-certbot/daemon.bash @@ -1,18 +1,23 @@ #!/usr/bin/env bash +set -e + # Check I'm root. if [[ $EUID -ne 0 ]]; then echo "This script must be run as root" 1>&2 exit 1 fi -# Check CRUPEST_CERTBOT_RENEW_COMMAND is defined. -if [ -z "$CRUPEST_CERTBOT_RENEW_COMMAND" ]; then - echo "CRUPEST_CERTBOT_RENEW_COMMAND is not defined or empty" - CRUPEST_CERTBOT_RENEW_COMMAND="certbot renew --webroot -w /var/www/certbot" - printf "Will use:\n%s\n" "$CRUPEST_CERTBOT_RENEW_COMMAND" +# Check certbot version. +certbot --version + +# Check CRUPEST_AUTO_CERTBOT_RENEW_COMMAND is defined. +if [ -z "$CRUPEST_AUTO_CERTBOT_RENEW_COMMAND" ]; then + echo "CRUPEST_AUTO_CERTBOT_RENEW_COMMAND is not defined or empty" + CRUPEST_AUTO_CERTBOT_RENEW_COMMAND="certbot renew --webroot -w /var/www/certbot" + printf "Will use:\n%s\n" "$CRUPEST_AUTO_CERTBOT_RENEW_COMMAND" else - printf "CRUPEST_CERTBOT_RENEW_COMMAND is defined as:\n%s\n" "$CRUPEST_CERTBOT_RENEW_COMMAND" + printf "CRUPEST_AUTO_CERTBOT_RENEW_COMMAND is defined as:\n%s\n" "$CRUPEST_AUTO_CERTBOT_RENEW_COMMAND" fi # Check CRUPEST_CERT_PATH, default to /etc/letsencrypt/live/$CRUPEST_DOMAIN/fullchain.pem @@ -20,6 +25,12 @@ if [ -z "$CRUPEST_CERT_PATH" ]; then CRUPEST_CERT_PATH="/etc/letsencrypt/live/$CRUPEST_DOMAIN/fullchain.pem" fi +# Check CRUPEST_CERT_PATH exists. +if [ ! -f "$CRUPEST_CERT_PATH" ]; then + echo "Cert file does not exist" + exit 1 +fi + function check_and_renew_cert { expire_info=$(openssl x509 -enddate -noout -in "$CRUPEST_CERT_PATH") @@ -48,8 +59,12 @@ function check_and_renew_cert { else # No, renew now. echo "Renewing now..." - # Run CRUPEST_CERTBOT_RENEW_COMMAND - $CRUPEST_CERTBOT_RENEW_COMMAND + # Run CRUPEST_AUTO_CERTBOT_RENEW_COMMAND + if [ -n "$CRUPEST_AUTO_CERTBOT_POST_HOOK" ]; then + $CRUPEST_AUTO_CERTBOT_RENEW_COMMAND --post-hook "$CRUPEST_AUTO_CERTBOT_POST_HOOK" + else + $CRUPEST_AUTO_CERTBOT_RENEW_COMMAND + fi fi } |