32 lines
1.1 KiB
Plaintext
32 lines
1.1 KiB
Plaintext
|
#!/bin/sh
|
||
|
|
||
|
set -e
|
||
|
|
||
|
apt-get -y install uacme
|
||
|
adduser --system --home /var/lib/acme --group --no-create-home acme
|
||
|
mkdir /var/lib/acme
|
||
|
chown acme: /var/lib/acme
|
||
|
read -p 'ACME account email: ' acme_email
|
||
|
sudo -u acme -g acme uacme -c /var/lib/acme -y new "$acme_email"
|
||
|
|
||
|
hook_program="/usr/share/uacme/uacme.sh"
|
||
|
|
||
|
read -p 'Setup nginx for ACME? (Y/n): ' yn
|
||
|
case $yn in
|
||
|
[nN] )
|
||
|
break;;
|
||
|
* )
|
||
|
apt-get -y install nginx-light
|
||
|
mkdir /var/lib/acme/challenge
|
||
|
chown acme:www-data /var/lib/acme/challenge
|
||
|
chmod 2750 /var/lib/acme/challenge
|
||
|
printf 'location /.well-known/acme-challenge/ {\n\talias /var/lib/acme/challenge/;\n}\n' > /etc/nginx/snippets/acme.conf
|
||
|
mkdir /usr/local/share/uacme
|
||
|
cp /usr/share/uacme/uacme.sh /usr/local/share/uacme
|
||
|
sed -i 's/\/var\/www\/\.well-known\/acme-challenge/\/var\/lib\/acme\/challenge/' /usr/local/share/uacme/uacme.sh
|
||
|
sed -i 's/^E_BADARGS=85$/E_BADARGS=85\n\numask 0027/' /usr/local/share/uacme/uacme.sh
|
||
|
hook_program="/usr/local/share/uacme/uacme.sh"
|
||
|
esac
|
||
|
|
||
|
printf "\nComand to get certs:\nuacme -c /var/lib/acme -h $hook_program issue DOMAIN(s) && RELOADCMD(s)\n"
|