From: Christian Heller <c.heller@plomlompom.de>
Date: Thu, 29 Nov 2018 23:39:55 +0000 (+0100)
Subject: Reduce scope of letsencrypt.sh script.
X-Git-Url: https://plomlompom.com/repos/%7B%7Bprefix%7D%7D/%7B%7Bdb.prefix%7D%7D/%7B%7B%20web_path%20%7D%7D/decks/process?a=commitdiff_plain;h=dbb2ad6d064a1037213d4631729c08953d43ed87;p=config

Reduce scope of letsencrypt.sh script.
---

diff --git a/all_new_2018/letsencrypt.sh b/all_new_2018/letsencrypt.sh
index 2e6a03b..18f9aa4 100755
--- a/all_new_2018/letsencrypt.sh
+++ b/all_new_2018/letsencrypt.sh
@@ -2,13 +2,7 @@
 # Install or copy LetsEncrypt certificates on/from server.
 #
 # First argument: server
-# Second argument: either "set" or "get" or "put"
-#
-# "set" install certbot on remote server and requests a new certificate
-# for it. This needs two more arguments: an e-mail address for future
-# communication with LetsEncrypt, and the domain for which to request
-# the certificate (might plausibly be equivalent to the first argument
-# though). This needs port 80 open on the server.
+# Second argument: "get" or "put"
 #
 # "get" copies the server's /etc/letsencrypt to a local letsencrypt.tar.
 #
@@ -27,16 +21,7 @@ action="$2"
 eval $(ssh-agent)
 ssh-add ~/.ssh/id_rsa
 
-if [ "${action}" = "set" ]; then
-    # Install certificate. This needs port 80 open (443 does not work here).
-    if [ $# -lt 4 ]; then
-        echo "Need mail address and domain as arguments."
-        false
-    fi
-    mail="$3"
-    domain="$4"
-    ssh -t plom@${server} "su -c 'apt update && apt -y install certbot && certbot certonly --standalone --agree-tos -m ${mail} -d ${server}'"
-elif [ "${action}" = "get" ]; then
+if [ "${action}" = "get" ]; then
     # Get /etc/letsencrypt/ as tar file.
     ssh -t plom@${server} 'su -c "cd /etc/ && tar cf letsencrypt.tar letsencrypt && chown plom:plom letsencrypt.tar && mv letsencrypt.tar /home/plom/"'
     scp plom@${server}:~/letsencrypt.tar .
@@ -45,6 +30,6 @@ elif [ "${action}" = "put" ]; then
     scp letsencrypt.tar plom@${server}:~/
     ssh -t plom@${server} 'su -c "rmdir /etc/letsencrypt && mv letsencrypt.tar /etc/ && cd /etc/ && tar xf letsencrypt.tar && rm letsencrypt.tar"'
 else
-    echo "Action must be 'set', 'get', or 'put'."
+    echo "Action must be 'get', or 'put'."
     false
 fi