From dbb2ad6d064a1037213d4631729c08953d43ed87 Mon Sep 17 00:00:00 2001 From: Christian Heller Date: Fri, 30 Nov 2018 00:39:55 +0100 Subject: [PATCH] Reduce scope of letsencrypt.sh script. --- all_new_2018/letsencrypt.sh | 21 +++------------------ 1 file changed, 3 insertions(+), 18 deletions(-) diff --git a/all_new_2018/letsencrypt.sh b/all_new_2018/letsencrypt.sh index 2e6a03b..18f9aa4 100755 --- a/all_new_2018/letsencrypt.sh +++ b/all_new_2018/letsencrypt.sh @@ -2,13 +2,7 @@ # Install or copy LetsEncrypt certificates on/from server. # # First argument: server -# Second argument: either "set" or "get" or "put" -# -# "set" install certbot on remote server and requests a new certificate -# for it. This needs two more arguments: an e-mail address for future -# communication with LetsEncrypt, and the domain for which to request -# the certificate (might plausibly be equivalent to the first argument -# though). This needs port 80 open on the server. +# Second argument: "get" or "put" # # "get" copies the server's /etc/letsencrypt to a local letsencrypt.tar. # @@ -27,16 +21,7 @@ action="$2" eval $(ssh-agent) ssh-add ~/.ssh/id_rsa -if [ "${action}" = "set" ]; then - # Install certificate. This needs port 80 open (443 does not work here). - if [ $# -lt 4 ]; then - echo "Need mail address and domain as arguments." - false - fi - mail="$3" - domain="$4" - ssh -t plom@${server} "su -c 'apt update && apt -y install certbot && certbot certonly --standalone --agree-tos -m ${mail} -d ${server}'" -elif [ "${action}" = "get" ]; then +if [ "${action}" = "get" ]; then # Get /etc/letsencrypt/ as tar file. ssh -t plom@${server} 'su -c "cd /etc/ && tar cf letsencrypt.tar letsencrypt && chown plom:plom letsencrypt.tar && mv letsencrypt.tar /home/plom/"' scp plom@${server}:~/letsencrypt.tar . @@ -45,6 +30,6 @@ elif [ "${action}" = "put" ]; then scp letsencrypt.tar plom@${server}:~/ ssh -t plom@${server} 'su -c "rmdir /etc/letsencrypt && mv letsencrypt.tar /etc/ && cd /etc/ && tar xf letsencrypt.tar && rm letsencrypt.tar"' else - echo "Action must be 'set', 'get', or 'put'." + echo "Action must be 'get', or 'put'." false fi -- 2.30.2