51 lines
1.2 KiB
Bash
Executable File
51 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
set -x
|
|
# Certbot wrapper with S3 persistence support
|
|
|
|
CERTBOT_CERTNAME=$1
|
|
CERTBOT_EMAIL=$2
|
|
CERTBOT_DOMAIN=$3
|
|
CERTBOT_BACKEND=$4
|
|
|
|
LETSENCRYPT_PATH=/etc/letsencrypt
|
|
|
|
if [ -z "$CERTBOT_BACKEND" -o -z "$CERTBOT_EMAIL" -o -z "$CERTBOT_DOMAIN" -o -z "$CERTBOT_CERTNAME" ]; then
|
|
echo "CertbotBackend, CertbotEmail,Certbot_CertName or CertbotDomain are missing!"
|
|
exit 1
|
|
fi
|
|
|
|
function sync_to_s3 {
|
|
local links="$LETSENCRYPT_PATH/links.txt"
|
|
local expr=$(sed 's@\/@\\\/@g' <<< "'$LETSENCRYPT_PATH/")
|
|
|
|
find /etc/letsencrypt/ -type l | xargs -I% sh -c "echo -n \'; readlink -fn %; echo \"' '%'\"" | sed -e "s/$expr/'/g" > "$links"
|
|
|
|
aws s3 --no-follow-symlinks sync "$LETSENCRYPT_PATH" "$CERTBOT_BACKEND"
|
|
}
|
|
|
|
function sync_from_s3 {
|
|
local s3location=$CERTBOT_BACKEND
|
|
local links="$LETSENCRYPT_PATH/links.txt"
|
|
local currDir=$(pwd)
|
|
|
|
aws s3 sync "$s3location" "$LETSENCRYPT_PATH"
|
|
|
|
if [ -f $links ]; then
|
|
cd "$LETSENCRYPT_PATH"
|
|
xargs -I% sh -c "ln -f -s $LETSENCRYPT_PATH/%" < "$links"
|
|
cd "$currDir"
|
|
fi
|
|
}
|
|
|
|
|
|
sync_from_s3
|
|
|
|
certbot certonly \
|
|
--non-interactive \
|
|
--dns-route53 \
|
|
--agree-tos \
|
|
--email $CERTBOT_EMAIL \
|
|
--domain $CERTBOT_DOMAIN \
|
|
--cert-name $CERTBOT_CERTNAME && \
|
|
sync_to_s3
|