X-Git-Url: https://plomlompom.com/repos/berlin_corona.txt?a=blobdiff_plain;f=all_new_2018%2Fletsencrypt_remote.sh;fp=all_new_2018%2Fletsencrypt_remote.sh;h=18f9aa4f0d50d9aa494d97aef328d045ff78387b;hb=8d73bb2af6f64a557ae57c512fa2e097a52f42c1;hp=0000000000000000000000000000000000000000;hpb=dbb2ad6d064a1037213d4631729c08953d43ed87;p=config

diff --git a/all_new_2018/letsencrypt_remote.sh b/all_new_2018/letsencrypt_remote.sh
new file mode 100755
index 0000000..18f9aa4
--- /dev/null
+++ b/all_new_2018/letsencrypt_remote.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+# Install or copy LetsEncrypt certificates on/from server.
+#
+# First argument: server
+# Second argument: "get" or "put"
+#
+# "get" copies the server's /etc/letsencrypt to a local letsencrypt.tar.
+#
+# "set" copies a local letsencrypt.tar to the server's /etc/letsencrypt.
+set -e
+
+# Ensure we have a server name as argument.
+if [ $# -lt 2 ]; then
+    echo "Need server and action as arguments."
+    false
+fi
+server="$1"
+action="$2"
+
+# So we only get asked once for decrypting our key.
+eval $(ssh-agent)
+ssh-add ~/.ssh/id_rsa
+
+if [ "${action}" = "get" ]; then
+    # Get /etc/letsencrypt/ as tar file.
+    ssh -t plom@${server} 'su -c "cd /etc/ && tar cf letsencrypt.tar letsencrypt && chown plom:plom letsencrypt.tar && mv letsencrypt.tar /home/plom/"'
+    scp plom@${server}:~/letsencrypt.tar .
+elif [ "${action}" = "put" ]; then
+    # Expand letsencrypt.tar to /etc/letsencrypt/ on server.
+    scp letsencrypt.tar plom@${server}:~/
+    ssh -t plom@${server} 'su -c "rmdir /etc/letsencrypt && mv letsencrypt.tar /etc/ && cd /etc/ && tar xf letsencrypt.tar && rm letsencrypt.tar"'
+else
+    echo "Action must be 'get', or 'put'."
+    false
+fi