Untitled

#!/bin/bash
if [ $# -eq 0 ]; then
    clear
    echo "########################################################################"
    echo -e "\n\n"
    echo "No arguments provided! Usage $0 name.com a.name.com b.name.com"
    echo -e "\n\n"
    echo "########################################################################"
    exit 1
fi

port_state=$(iptables -nL --line-numbers | grep "^\d*.*ACCEPT.*tcp.*dpt:80.*ctstate.*NEW\,ESTABLISHED$" | awk '{ print $2 }')
email="info@muffs.ru"

if [ ${port_state:-0} == "ACCEPT" ];
then
    echo "port check - OK;"
else
    echo "opening port 80;"
    iptables -I INPUT 1 -p tcp --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
fi

domains=""
for i in "${@:1}";
do
 domains="$domains -d $i"
done

echo "Generating certificates for: $(echo $domains | sed 's/\-d//g')"

certbot-auto certonly --standalone --dry-run --expand --config-dir $(pwd)/certs/config --logs-dir $(pwd)/certs/logs --work-dir $(pwd)/certs/workdir $domains --preferred-challenges http --agree-tos -n -m $email --keep-until-expiring

dir=$(pwd)/certs_done/$1
if [ ! -d $dir ];
then
  mkdir -p $dir
fi

cat $(pwd)/certs/config/live/$1/chain.pem > $dir/chain.pem
cat $(pwd)/certs/config/live/$1/cert.pem $(pwd)/certs/config/live/$1/privkey.pem > $dir/cert-key.pem

if [ ${port_state:-0} == "ACCEPT" ];
then
  echo "closing port 80;"
  num=$(iptables -nL --line-numbers | grep "^\d*.*ACCEPT.*tcp.*dpt:80.*ctstate.*NEW\,ESTABLISHED$" | awk '{ print $1 }')
  iptables -D INPUT $num
fi

echo "done with $domains"