letsencrypt

2026-01-09 14:42:01 -03:30 · 2017-03-15 08:05:27 +01:00 · 2017-03-15 08:05:27 +01:00 · 8b9cf4f00d
commit 8b9cf4f00d
parent 71cfa60d22
3 changed files with 72 additions and 2 deletions
--- a/batch.sh
+++ b/batch.sh
@ -9,6 +9,7 @@
 # Usage:
 #

+source library.sh       # initializes $IMGNAME

 IP=$1                   # First argument is the QEMU Raspbian IP address

@ -20,7 +21,10 @@ NO_CONFIG=1 NO_CFG_STEP=1  ./installer.sh no-ip.sh        $IP $( ls -1t *.img |
 NO_CONFIG=1 NO_CFG_STEP=1  ./installer.sh dnsmasq.sh      $IP $( ls -1t *.img | head -1 ) 
 NO_CONFIG=1 NO_CFG_STEP=1  ./installer.sh letsencrypt.sh  $IP $( ls -1t *.img | head -1 ) 

-cp -v "$( ls -1t *.img | head -1 )" $( basename "$IMGFILE" .img )_FULL.img
+IMGOUT=$( ls -1t *.img | head -1 )
+IMGFULL=$( basename "$IMGFILE" .img )_FULL.img
+
+pack_image "$IMGOUT" "$IMGFULL" 

 # License
 #
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@ -0,0 +1,66 @@
+#!/bin/bash
+
+# Let's encrypt certbot installation on Raspbian 
+# Tested with 2017-03-02-raspbian-jessie-lite.img
+#
+# Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
+# GPL licensed (see end of file) * Use at your own risk!
+#
+# Usage:
+# 
+#   ./installer.sh letsencrypt.sh <IP> (<img>)
+#
+# See installer.sh instructions for details
+#
+
+DOMAIN_=mycloud.ownyourbits.com
+EMAIL_=mycloud@ownyourbits.com
+VHOSTCFG_=/etc/apache2/sites-available/nextcloud.conf
+DESCRIPTION="Let's Encrypt: automatic signed SSL certificates"
+
+install()
+{
+  apt-get update
+  apt install -y --no-install-recommends git 
+  cd /etc
+  git clone https://github.com/letsencrypt/letsencrypt
+  /etc/letsencrypt/letsencrypt-auto --help # do not actually run certbot, only install packages
+}
+
+# tested with git version v0.11.0-71-g018a304
+configure() 
+{
+  grep -q ServerName $VHOSTCFG_ && \
+    sed -i "s|ServerName .*|ServerName $DOMAIN_|" $VHOSTCFG_ || \
+    sed -i "/DocumentRoot/aServerName $DOMAIN_" $VHOSTCFG_ 
+
+  /etc/letsencrypt/letsencrypt-auto -n --no-self-upgrade --apache --agree-tos -m $EMAIL_ -d $DOMAIN_
+  echo "* 1 * * 1 root /etc/letsencrypt/certbot-auto renew --quiet" > /etc/cron.d/letsencrypt-ncp
+}
+
+cleanup()
+{
+  apt-get autoremove -y
+  apt-get clean
+  rm /var/lib/apt/lists/* -r
+  rm -f /home/pi/.bash_history
+  systemctl disable ssh
+}
+
+# License
+#
+# This script is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This script is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this script; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+# Boston, MA  02111-1307  USA
+
--- a/library.sh
+++ b/library.sh
@ -221,7 +221,7 @@ function copy_to_image()
  [ -f "$IMG" ] || { echo "no image"; return 1; }
  mkdir -p tmpmnt
  sudo mount $IMG -o offset=$OFFSET tmpmnt || return 1
-  sudo cp $SRC tmpmnt/$DST || return 1
+  sudo cp -v $SRC tmpmnt/$DST || return 1
  sudo umount -l tmpmnt
  rmdir tmpmnt &>/dev/null
 }