Docker-PHP/php/nginx/letsencrypt.runit

#!/usr/bin/env bash
if [ -z "$LETSENCRYPT_DOMAINS" ]; then
  echo "LetsEncrypt not enabled"
  while true; do
    sleep infinity
  done
fi

if [ -z "$LETSENCRYPT_EMAIL" ]; then
  echo "LetsEncrypt not enabled - You must set LETSENCRYPT_EMAIL"
  while true; do
    sleep infinity
  done
fi

if [ "${LETSENCRYPT_MODE,,}" = "production" ]; then
    echo -e "LetsEncrypt is running against the \e[32mPRODUCTION\e[0m servers."
    LETSENCRYPT_MODE=""
else
    echo -e "LetsEncrypt is running against the \e[31mSTAGING\e[0m servers."
    LETSENCRYPT_MODE="--test-cert"
fi
echo -e "To change this, change the value of LETSENCRYPT_MODE"

# Give Nginx a moment to start before we kill it again.
sleep 30;

echo -e "Certbot is running for \e[33m${LETSENCRYPT_EMAIL}\e[0m / \e[33m${LETSENCRYPT_DOMAINS}\e[0m..."
( \
  set -x; \
  certbot \
    certonly \
      --nginx \
      $LETSENCRYPT_MODE \
      -d $LETSENCRYPT_DOMAINS \
      -n \
      -m $LETSENCRYPT_EMAIL \
      --agree-tos \
)

echo -e "Certbot complete!"

# replace the self-certs with these lovely new certs.
if [ -f "/etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/fullchain.pem" ]; then
  sed -i     "s|ssl_certificate .*|ssl_certificate     /etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/fullchain.pem;|g" /etc/nginx/sites-enabled/default-ssl
  sed -i "s|ssl_certificate_key .*|ssl_certificate_key /etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/privkey.pem;|g" /etc/nginx/sites-enabled/default-ssl

  echo "Reloading Nginx"
  nginx -s reload
  # Sleep for 24 hours and try again tomorrow with a renewal, just in case.
  sleep 86400
else
  echo -e "LetsEncrypt \e[31mFAILED TO GENERATE CERTS\e[0m. Will try again in an hour."
  sleep 3600
fi
Letsencrypt. 2021-05-30 12:40:12 +00:00			`#!/usr/bin/env bash`
			`if [ -z "$LETSENCRYPT_DOMAINS" ]; then`
			`echo "LetsEncrypt not enabled"`
			`while true; do`
			`sleep infinity`
			`done`
			`fi`

			`if [ -z "$LETSENCRYPT_EMAIL" ]; then`
			`echo "LetsEncrypt not enabled - You must set LETSENCRYPT_EMAIL"`
			`while true; do`
			`sleep infinity`
			`done`
			`fi`

			`if [ "${LETSENCRYPT_MODE,,}" = "production" ]; then`
Pretty colours, better output. 2021-05-30 17:05:44 +00:00			`echo -e "LetsEncrypt is running against the \e[32mPRODUCTION\e[0m servers."`
improved letsencrypt script 2021-05-30 21:04:42 +00:00			`LETSENCRYPT_MODE=""`
Letsencrypt. 2021-05-30 12:40:12 +00:00			`else`
Pretty colours, better output. 2021-05-30 17:05:44 +00:00			`echo -e "LetsEncrypt is running against the \e[31mSTAGING\e[0m servers."`
improved letsencrypt script 2021-05-30 21:04:42 +00:00			`LETSENCRYPT_MODE="--test-cert"`
Letsencrypt. 2021-05-30 12:40:12 +00:00			`fi`
Pretty colours, better output. 2021-05-30 17:05:44 +00:00			`echo -e "To change this, change the value of LETSENCRYPT_MODE"`
Letsencrypt. 2021-05-30 12:40:12 +00:00
Give Nginx a moment to respond. 2021-05-30 17:10:47 +00:00			`# Give Nginx a moment to start before we kill it again.`
Nginx/letsencrypt fiddling 2021-05-30 19:25:14 +00:00			`sleep 30;`
Give Nginx a moment to respond. 2021-05-30 17:09:16 +00:00
Nginx/letsencrypt fiddling 2021-05-30 19:25:14 +00:00			`echo -e "Certbot is running for \e[33m${LETSENCRYPT_EMAIL}\e[0m / \e[33m${LETSENCRYPT_DOMAINS}\e[0m..."`
Wrap certbot call in a subshell and set -x 2021-05-30 18:39:40 +00:00			`( \`
			`set -x; \`
			`certbot \`
			`certonly \`
			`--nginx \`
improved letsencrypt script 2021-05-30 21:04:42 +00:00			`$LETSENCRYPT_MODE \`
Wrap certbot call in a subshell and set -x 2021-05-30 18:39:40 +00:00			`-d $LETSENCRYPT_DOMAINS \`
			`-n \`
			`-m $LETSENCRYPT_EMAIL \`
			`--agree-tos \`
			`)`

Nginx/letsencrypt fiddling 2021-05-30 19:25:14 +00:00			`echo -e "Certbot complete!"`
Give Nginx a moment to respond. 2021-05-30 17:12:37 +00:00
			`# replace the self-certs with these lovely new certs.`
Retry certificates later automatically. Say when failed. 2021-05-30 18:42:18 +00:00			`if [ -f "/etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/fullchain.pem" ]; then`
			`sed -i "s\|ssl_certificate .*\|ssl_certificate /etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/fullchain.pem;\|g" /etc/nginx/sites-enabled/default-ssl`
			`sed -i "s\|ssl_certificate_key .*\|ssl_certificate_key /etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/privkey.pem;\|g" /etc/nginx/sites-enabled/default-ssl`
Give Nginx a moment to respond. 2021-05-30 17:12:37 +00:00
Retry certificates later automatically. Say when failed. 2021-05-30 18:42:18 +00:00			`echo "Reloading Nginx"`
			`nginx -s reload`
			`# Sleep for 24 hours and try again tomorrow with a renewal, just in case.`
			`sleep 86400`
			`else`
Nginx/letsencrypt fiddling 2021-05-30 19:25:14 +00:00			`echo -e "LetsEncrypt \e[31mFAILED TO GENERATE CERTS\e[0m. Will try again in an hour."`
Retry certificates later automatically. Say when failed. 2021-05-30 18:42:18 +00:00			`sleep 3600`
			`fi`