#shell script to manage rpplication ecurring homeworking task
#---------------------------------------------------
#to update lets encrypt certificate
-#1 1 1 * * mailleur PATH=/usr/sbin:$PATH /usr/lib/mailleur/support/do_dns_tlsa.sh
+#1 1 1 * * root PATH=/usr/sbin:$PATH /usr/lib/mailleur/support/do_dns_tlsa.sh
#-------------------------------------------------------------------
#comment in if working in production
DRY_RUN="--dry-run"
+STAGGING="--staging"
+MRKR=`date +"%F"`
APPNAME=mailleur
#-------------------------------------------------------------------
WRKDIR=/etc/certbot/$APPNAME
#Request certificate (with a steady key) via cerbot
#Note" this is done in dry-run mode (remove it to
#pass in production mode)
+
+#removing previous
+rm -f ./$MKKR-*
certbot certonly \
--apache \
--force-renewal \
--csr ./request.csr \
- --fullchain-path ./$APPNAME-fullchain.pem \
- --chain-path ./$APPNAME-chain.pem \
- --cert-path ./$APPNAME-cert.pem \
+ --fullchain-path ./$MKKR-fullchain.pem \
+ --chain-path ./$MKKR-chain.pem \
+ --cert-path ./$MKKR-cert.pem \
--work-dir . \
--logs-dir ./logs \
- $DRY_RUN
+ $STAGING
+
+ln -nsf \
+ ./$MKKR-fullchain.pem \
+ ./$APPNAME-fullchain.pem
+
+ln -nsf \
+ ./$MKKR-chain.pem \
+ ./$APPNAME-chain.pem
+
+ln -nsf \
+ ./$MKKR-cert.pem \
+ ./$APPNAME-cert.pem
+
}
gen_dane ()
{
-SUM=`openssl ec -in ./ec_key.pem -pubout -outform DER | sha256sum`
+SUM=`openssl ec -in ./ec_key.pem -pubout -outform DER 2>/dev/null | sha256sum`
(
echo ";--------------------------------------------"
vps2: / jmp / mailleur / commitdiff