ECHONET/certbot-init.sh at main · Saurabh-0312/ECHONET · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/usr/bin/env bash
# certbot-init.sh
# Helper script to obtain Let's Encrypt certificates using the certbot Docker image
# Usage: ./certbot-init.sh -d example.com -d www.example.com -m your@email.com --staging

set -euo pipefail

DOMAINS=()
EMAIL=""
STAGING=0

usage() {
  echo "Usage: $0 -d domain [-d domain2 ...] -m email [--staging]"
  exit 1
}

while [[ $# -gt 0 ]]; do
  case "$1" in
    -d|--domain)
      shift
      DOMAINS+=("$1")
      ;;
    -m|--email)
      shift
      EMAIL="$1"
      ;;
    --staging)
      STAGING=1
      ;;
    -h|--help)
      usage
      ;;
    *)
      echo "Unknown arg: $1"
      usage
      ;;
  esac
  shift
done

if [ ${#DOMAINS[@]} -eq 0 ] || [ -z "$EMAIL" ]; then
  usage
fi

STAGING_ARG=""
if [ "$STAGING" -eq 1 ]; then
  STAGING_ARG="--staging"
fi

# Build domain args for certbot
DOMAIN_ARGS=()
for d in "${DOMAINS[@]}"; do
  DOMAIN_ARGS+=("-d" "$d")
done

# Run certbot using docker compose service
# This will use the webroot plugin and place challenge files under ./certbot-www (mapped to /var/www/certbot)

docker compose run --rm certbot certonly --webroot -w /var/www/certbot ${STAGING_ARG} --agree-tos --no-eff-email --email "$EMAIL" ${DOMAIN_ARGS[@]}

echo "Certificate request completed. Certificates stored in the certbot-etc volume (mounted at /etc/letsencrypt in the certbot container)."

echo "To copy certificates to your host for inspection:"
echo "  docker compose run --rm certbot cat /etc/letsencrypt/live/${DOMAINS[0]}/fullchain.pem > fullchain.pem"

exit 0