24 lines
857 B
Bash
Executable file
24 lines
857 B
Bash
Executable file
#!/bin/sh
|
|
|
|
# Initial check for certificates
|
|
certbot certonly --manual --preferred-challenges dns --manual-auth-hook \
|
|
/scripts/auth.sh --manual-cleanup-hook /scripts/cleanup.sh \
|
|
-m "${LETSENCRYPT_EMAIL}" --no-eff-email -d "${LETSENCRYPT_DOMAIN}" \
|
|
--agree-tos --manual-public-ip-logging-ok --keep
|
|
|
|
# Basic check for successful certificate generation
|
|
if [ ! -d "/etc/letsencrypt/live" ]; then
|
|
echo ERROR: Failed to create SSL certificates
|
|
exit 1
|
|
fi
|
|
|
|
# Check if certificates require renewal twice a day
|
|
while :; do
|
|
# Wait for a random period within the next 12 hours
|
|
LETSENCRYPT_DELAY=$(shuf -i 1-720 -n 1)
|
|
echo Sleeping for $(($LETSENCRYPT_DELAY / 60)) hour\(s\) and $(($LETSENCRYPT_DELAY % 60)) minute\(s\)
|
|
sleep $((${LETSENCRYPT_DELAY} * 60))
|
|
|
|
echo Attempting SSL certificate renewal
|
|
certbot --manual-public-ip-logging-ok renew
|
|
done
|