LecygneNoir
/
letsencrypt-haproxy
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Some scripts to create and renew all your certificates, and concatenate fullchain and privkey so haproxy is able to use it
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commits
1 Branch
232 KiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
letsencrypt-haproxy/renew-certificates

26 lines
773 B
Raw Permalink Normal View History

adding renew-certificates script
7 years ago
use certbot from packages as it is now available
6 years ago
adding renew-certificates script
7 years ago
typo in the concatenate line, sorry
7 years ago
add some date in the log output for better logging
7 years ago
typo in the concatenate line, sorry
7 years ago
adding renew-certificates script
7 years ago
better listing of existing certificate from /etc/letsencrypt/renewal/
7 years ago
adding renew-certificates script
7 years ago
add some date in the log output for better logging
7 years ago
typo in the concatenate line, sorry
7 years ago
adding renew-certificates script
7 years ago
add some date in the log output for better logging
7 years ago
use systemctl instead of service, as systemctl is now massively used..
6 years ago
adding renew-certificates script
7 years ago
 
  1. #!/bin/bash
  2. 

  3. #Configuration variables
  4. certbot_bin="/usr/local/bin/certbot"
  5. haproxy_pem_path="/etc/haproxy/cert"
  6. 

  7. #Renew all certificates that needed it 
  8. ${certbot_bin} renew
  9. if [ $? -eq 0 ]; then
  10. 	echo "$(date +%c)Certificates renewed ! Now creating .pem"
  11. else
  12. 	echo "$(date +%c) Error renewing certificates with error code $?, exit script..."
  13. 	exit 1
  14. fi
  15. 

  16. #Then, create domain.pem containing fullchain et privkey for haproxy
  17. for domainconf in $(ls /etc/letsencrypt/renewal/); do
  18. 	domain=${domainconf%.conf}
  19. 	echo "$(date +%c)create ${domain}.pem"
  20. 	cat /etc/letsencrypt/live/${domain}/fullchain.pem /etc/letsencrypt/live/${domain}/privkey.pem > ${haproxy_pem_path}/${domain}.pem
  21. done
  22. 

  23. # At the end, reload haproxy
  24. echo "$(date +%c) Reload haproxy"
  25. systemctl reload haproxy
  26.