Add support for alternative names
This commit is contained in:
daditto
parent
5512b39b46
commit
8e58255bdb
1 changed files with 24 additions and 16 deletions
|
|
@ -18,29 +18,37 @@ update_certs() {
|
||||||
hosts_array=$host_varname[@]
|
hosts_array=$host_varname[@]
|
||||||
email_varname="LETSENCRYPT_${cid}_EMAIL"
|
email_varname="LETSENCRYPT_${cid}_EMAIL"
|
||||||
|
|
||||||
|
params_d_str=""
|
||||||
|
hosts_array_expanded=("${!hosts_array}")
|
||||||
|
# First domain will be our base domain
|
||||||
|
base_domain="${hosts_array_expanded[0]}"
|
||||||
|
|
||||||
|
# Create directorty for the first domain
|
||||||
|
mkdir -p /etc/nginx/certs/$base_domain
|
||||||
|
cd /etc/nginx/certs/$base_domain
|
||||||
|
|
||||||
for domain in "${!hosts_array}"; do
|
for domain in "${!hosts_array}"; do
|
||||||
|
# Add all the domains to certificate
|
||||||
# Create the domain directory
|
params_d_str+=" -d $domain"
|
||||||
mkdir -p /etc/nginx/certs/$domain
|
done
|
||||||
cd /etc/nginx/certs/$domain
|
echo "Creating/renewal $base_domain certificates... (${hosts_array_expanded[*]})"
|
||||||
|
/usr/local/bin/simp_le \
|
||||||
echo "Creating/renewal $domain certificates..."
|
|
||||||
/usr/local/bin/simp_le \
|
|
||||||
-d "$domain" \
|
|
||||||
-f account_key.json -f key.pem -f fullchain.pem \
|
-f account_key.json -f key.pem -f fullchain.pem \
|
||||||
|
$params_d_str \
|
||||||
--email "${!email_varname}" \
|
--email "${!email_varname}" \
|
||||||
--server=https://acme-v01.api.letsencrypt.org/directory \
|
--server=https://acme-v01.api.letsencrypt.org/directory \
|
||||||
--default_root /usr/share/nginx/html/
|
--default_root /usr/share/nginx/html/
|
||||||
|
|
||||||
simp_le_return=$?
|
simp_le_return=$?
|
||||||
|
|
||||||
if [[ $simp_le_return -eq 0 ]]; then
|
if [[ $simp_le_return -eq 0 ]]; then
|
||||||
# Symlink to created certificate and key.
|
for domain in "${!hosts_array}"; do
|
||||||
ln -sf ./$domain/fullchain.pem /etc/nginx/certs/$domain".crt"
|
# Symlink all alternative names to base domain certificate
|
||||||
ln -sf ./$domain/key.pem /etc/nginx/certs/$domain".key"
|
ln -sf ./$base_domain/fullchain.pem /etc/nginx/certs/$domain".crt"
|
||||||
reload_nginx='true'
|
ln -sf ./$base_domain/key.pem /etc/nginx/certs/$domain".key"
|
||||||
fi
|
done
|
||||||
done
|
reload_nginx='true'
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
unset LETSENCRYPT_CONTAINERS
|
unset LETSENCRYPT_CONTAINERS
|
||||||
if [[ "$reload_nginx" == 'true' ]]; then
|
if [[ "$reload_nginx" == 'true' ]]; then
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue