Strona główna Odkrywaj Pomoc
Zaloguj się
yosoyhendrix
/
vesta
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Drzewo: ebe14052d2
Gałęzie Tagi
vesta
/
bin
/
v-add-letsencrypt-domain

v-add-letsencrypt-domain 3.0 KB
Historia Czysty

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697 
  1. #!/bin/bash
    2. 

  2. # info: adding letsencrypt ssl cetificate for domain
    3. 

  3. # options: USER DOMAIN [ALIASES] [RESTART]
    4. 

  4. #
    5. 

  5. # The function turns on SSL support for a domain. Parameter ssl_dir is a path
    6. 

  6. # to directory where 2 or 3 ssl files can be found. Certificate file 
    7. 

  7. # domain.tld.crt and its key domain.tld.key  are mandatory. Certificate
    8. 

  8. # authority domain.tld.ca file is optional. If home directory  parameter
    9. 

  9. # (ssl_home) is not set, https domain uses public_shtml as separate
    10. 

  10. # documentroot directory.
    11. 

  11. 

  12. 

  13. #----------------------------------------------------------#
    14. 

  14. #                    Variable&Function                     #
    15. 

  15. #----------------------------------------------------------#
    16. 

  16. 

  17. # Argument definition
    18. 

  18. user=$1
    19. 

  19. domain=$2
    20. 

  20. aliases=$3
    21. 

  21. restart=$4
    22. 

  22. 

  23. # Includes
    24. 

  24. source $VESTA/func/main.sh
    25. 

  25. source $VESTA/func/domain.sh
    26. 

  26. source $VESTA/conf/vesta.conf
    27. 

  27. 

  28. 

  29. #----------------------------------------------------------#
    30. 

  30. #                    Verifications                         #
    31. 

  31. #----------------------------------------------------------#
    32. 

  32. 

  33. check_args '2' "$#" 'USER DOMAIN [ALIASES] [RESTART]'
    34. 

  34. is_format_valid 'user' 'domain'
    35. 

  35. is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
    36. 

  36. is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
    37. 

  37. is_object_valid 'user' 'USER' "$user"
    38. 

  38. is_object_unsuspended 'user' 'USER' "$user"
    39. 

  39. is_object_valid 'web' 'DOMAIN' "$domain"
    40. 

  40. is_object_unsuspended 'web' 'DOMAIN' "$domain"
    41. 

  41. 

  42. 

  43. #----------------------------------------------------------#
    44. 

  44. #                       Action                             #
    45. 

  45. #----------------------------------------------------------#
    46. 

  46. 

  47. # Registering LetsEncrypt user account
    48. 

  48. $BIN/v-add-letsencrypt-user $user
    49. 

  49. check_result $? "LE account registration" >/dev/null
    50. 

  50. source $USER_DATA/ssl/le.conf
    51. 

  51. email=$EMAIL
    52. 

  52. 

  53. # Validating domain and aliases
    54. 

  54. i=1
    55. 

  55. for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
    56. 

  56.     $BIN/v-check-letsencrypt-domain $user $alias
    57. 

  57.     check_result $? "LE domain validation" >/dev/null
    58. 

  58.     if [ "$i" -gt 6 ]; then
    59. 

  59.         check_result $E_LIMIT "LE can't sign more than 6 domains"
    60. 

  60.     fi
    61. 

  61.     i=$((i++))
    62. 

  62. done
    63. 

  63. 

  64. # Generating CSR
    65. 

  65. ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "$email" "US" "California" \
    66. 

  66.     "San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
    67. 

  67. 

  68. # Signing CSR
    69. 

  69. crt=$($BIN/v-sign-letsencrypt-csr $user $domain $ssl_dir)
    70. 

  70. check_result $? "$crt"
    71. 

  71. echo "$crt" > $ssl_dir/$domain.crt
    72. 

  72. 

  73. # Dowloading CA certificate
    74. 

  74. le_certs='https://letsencrypt.org/certs'
    75. 

  75. x1='lets-encrypt-x1-cross-signed.pem.txt'
    76. 

  76. x3='lets-encrypt-x3-cross-signed.pem.txt'
    77. 

  77. issuer=$(openssl x509 -text -in $ssl_dir/$domain.crt |grep "Issuer:")
    78. 

  78. if [ -z "$(echo $issuer|grep X3)" ]; then
    79. 

  79.     curl -s $le_certs/$x1 > $ssl_dir/$domain.ca
    80. 

  80. else
    81. 

  81.     curl -s $le_certs/$x3 > $ssl_dir/$domain.ca
    82. 

  82. fi
    83. 

  83. 

  84. # Adding SSL
    85. 

  85. $BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
    86. 

  86. $BIN/v-add-web-domain-ssl $user $domain $ssl_dir
    87. 

  87. check_result $? "SSL install" >/dev/null
    88. 

  88. 

  89. 

  90. #----------------------------------------------------------#
    91. 

  91. #                       Vesta                              #
    92. 

  92. #----------------------------------------------------------#
    93. 

  93. 

  94. # Logging
    95. 

  95. log_event "$OK" "$ARGUMENTS"
    96. 

  96. 

  97. exit
    98.