|
|
@ -0,0 +1,30 @@ |
|
|
|
#!/bin/bash |
|
|
|
|
|
|
|
#Configuration variables |
|
|
|
certbot_bin="/usr/bin/certbot" |
|
|
|
postfix_pem_path="/etc/ssl/" |
|
|
|
mail_server="192.168.201.172" |
|
|
|
|
|
|
|
if [ ! $# -ge 1 ] ; then |
|
|
|
echo "$(date +%c) Please give domain name as parameter" |
|
|
|
exit 1 |
|
|
|
fi |
|
|
|
|
|
|
|
DOMAIN_OPTION="" |
|
|
|
|
|
|
|
for domain in "${@}"; do |
|
|
|
DOMAIN_OPTION="${DOMAIN_OPTION} -d mail.${domain} -d smtp.${domain} -d imap.${domain}" |
|
|
|
done |
|
|
|
|
|
|
|
echo "$(date +%c) Generate certificat for ${@}" |
|
|
|
|
|
|
|
${certbot_bin} certonly ${DOMAIN_OPTION} --renew-by-default --http-01-port 63443 --agree-tos |
|
|
|
if [ $? -eq 0 ]; then |
|
|
|
echo "$(date +%c) Success!" |
|
|
|
rsync -az -L /etc/letsencrypt/live/mail.$1/cert.pem /etc/letsencrypt/live/mail.$1/privkey.pem /etc/letsencrypt/live/mail.$1/chain.pem ssl-san@${mail_server}:${postfix_pem_path} |
|
|
|
ssh ssl-san@${mail_server} "sudo systemctl reload postfix" |
|
|
|
else |
|
|
|
echo "$(date +%c) Error creating certificate with error code $?, exit script..." |
|
|
|
exit 1 |
|
|
|
fi |
|
|
|
exit 0 |