From: Christian Heller Date: Mon, 10 Dec 2018 01:31:22 +0000 (+0100) Subject: Replace letsencrypt remote getting script. X-Git-Url: https://plomlompom.com/repos/%7B%7B%20web_path%20%7D%7D/decks/static/error?a=commitdiff_plain;h=11bffd0f15dcda9cb8520f925ffbc22143635743;p=config Replace letsencrypt remote getting script. --- diff --git a/all_new_2018/letsencrypt_get.sh b/all_new_2018/letsencrypt_get.sh new file mode 100755 index 0000000..c2b3e9f --- /dev/null +++ b/all_new_2018/letsencrypt_get.sh @@ -0,0 +1,20 @@ +#!/bin/sh +# Copy over LetsEncrypt certificates from another server. +set -e + +# Ensure we have a server name as argument. +if [ $# -lt 1 ]; then + echo "Need server as argument." + false +fi +server="$1" + +# Copy over. +ssh -t plom@${server} 'su -c "cd /etc/ && tar cf letsencrypt.tar letsencrypt && chown plom:plom letsencrypt.tar && mv letsencrypt.tar /home/plom/"' +scp plom@${server}:~/letsencrypt.tar . +apt -y install certbot +rmdir /etc/letsencrypt +mv letsencrypt.tar /etc/ +cd /etc/ +tar xf letsencrypt.tar +rm letsencrypt.tar diff --git a/all_new_2018/letsencrypt_remote.sh b/all_new_2018/letsencrypt_remote.sh deleted file mode 100755 index 6b7b54f..0000000 --- a/all_new_2018/letsencrypt_remote.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/sh -# Install or copy LetsEncrypt certificates on/from server. -# -# First argument: server -# Second argument: "get" or "put" -# -# "get" copies the server's /etc/letsencrypt to a local letsencrypt.tar. -# -# "set" copies a local letsencrypt.tar to the server's /etc/letsencrypt. -set -e - -# Ensure we have a server name as argument. -if [ $# -lt 2 ]; then - echo "Need server and action as arguments." - false -fi -server="$1" -action="$2" - -# So we only get asked once for decrypting our key. -eval $(ssh-agent) -ssh-add ~/.ssh/id_rsa - -if [ "${action}" = "get" ]; then - # Get /etc/letsencrypt/ as tar file. - ssh -t plom@${server} 'su -c "cd /etc/ && tar cf letsencrypt.tar letsencrypt && chown plom:plom letsencrypt.tar && mv letsencrypt.tar /home/plom/"' - scp plom@${server}:~/letsencrypt.tar . -elif [ "${action}" = "put" ]; then - # Expand letsencrypt.tar to /etc/letsencrypt/ on server. - scp letsencrypt.tar plom@${server}:~/ - ssh -t plom@${server} 'su -c "apt -y install certbot && rmdir /etc/letsencrypt && mv letsencrypt.tar /etc/ && cd /etc/ && tar xf letsencrypt.tar && rm letsencrypt.tar"' -else - echo "Action must be 'get', or 'put'." - false -fi