Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- if [ $# -eq 0 ]; then
- clear
- echo "########################################################################"
- echo -e "\n\n"
- echo "No arguments provided! Usage $0 name.com a.name.com b.name.com"
- echo -e "\n\n"
- echo "########################################################################"
- exit 1
- fi
- port_state=$(iptables -nL --line-numbers | grep "^\d*.*ACCEPT.*tcp.*dpt:80.*ctstate.*NEW\,ESTABLISHED$" | awk '{ print $2 }')
- email="info@muffs.ru"
- if [ ${port_state:-0} == "ACCEPT" ];
- then
- echo "port check - OK;"
- else
- echo "opening port 80;"
- iptables -I INPUT 1 -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
- fi
- domains=""
- for i in "${@:1}";
- do
- domains="$domains -d $i"
- done
- echo "Generating certificates for: $(echo $domains | sed 's/\-d//g')"
- certbot-auto certonly --standalone --dry-run --expand --config-dir $(pwd)/certs/config --logs-dir $(pwd)/certs/logs --work-dir $(pwd)/certs/workdir $domains --preferred-challenges http --agree-tos -n -m $email --keep-until-expiring
- dir=$(pwd)/certs_done/$1
- if [ ! -d $dir ];
- then
- mkdir -p $dir
- fi
- cat $(pwd)/certs/config/live/$1/chain.pem > $dir/chain.pem
- cat $(pwd)/certs/config/live/$1/cert.pem $(pwd)/certs/config/live/$1/privkey.pem > $dir/cert-key.pem
- if [ ${port_state:-0} == "ACCEPT" ];
- then
- echo "closing port 80;"
- num=$(iptables -nL --line-numbers | grep "^\d*.*ACCEPT.*tcp.*dpt:80.*ctstate.*NEW\,ESTABLISHED$" | awk '{ print $1 }')
- iptables -D INPUT $num
- fi
- echo "done with $domains"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement