installCertbot.sh

#!/bin/bash - 
#
# Copyright (C) 2017  Tetras Libre <admin@tetras-libre.fr>
# Author: Beniamine, David <david.beniamine@tetras-libre.fr>
#
# This program is free software: you can redistribute it and/or modify # it
# under the terms of the GNU General Public License as published by # the Free
# Software Foundation, either version 3 of the License, or # (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, # but WITHOUT
# ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE.  See the # GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License # along
# with this program.  If not, see <http://www.gnu.org/licenses/>.


. `pwd`/main.env

echo "deb http://ftp.debian.org/debian stretch-backports main" > /etc/apt/sources.list.d/backports.list

apt-get update && apt-get -t stretch-backports install certbot python-certbot-apache

if [ -z "$1" ]
then
    DOMAINS="$(echo `echo ${MODS} | tr ' ' '\n' | grep -v 'Base\|MySQL'` \
        | tr [:upper:] [:lower:] | sed -e "s/ /.${DOMAIN},/g" -e "s/tetrasback/tetras-back/" ).${DOMAIN}"
else
    DOMAINS=$1
fi

ARGS="--hsts --email=${SERVER_ADMIN} --domains=${DOMAINS} --text --agree-tos"
line="0 1 * * `date +%u` /usr/bin/certbot renew > /var/log/certbot.log \
    2>&1 > /dev/null"
OPTS="certonly --authenticator standalone"
precmd="systemctl stop ${WEB_SERVER}"
postcmd="systemctl start ${WEB_SERVER}"

DEBIAN_FRONTEND='noninteractive' apt-get -qq install \
    certbot ${additional_packages}

$precmd
/usr/bin/certbot ${OPTS} ${ARGS}
$postcmd

FIRST_DOMAIN=`echo $DOMAINS | cut -f 1 -d ,`
LIVE_DIR="/etc/letsencrypt/live/${FIRST_DOMAIN}"
/usr/bin/certbot install --cert-path ${LIVE_DIR}/cert.pem  \
    --key-path ${LIVE_DIR}/privkey.pem  \
    --fullchain-path ${LIVE_DIR}/fullchain.pem


(crontab -l; echo "${line}") | crontab -