-#!/bin/bash -l
+#!/bin/bash
# Copyright (C) 2016 Ian Kelling
# Licensed under the Apache License, Version 2.0 (the "License");
EXTRA_SETTINGS_FILE can be - for stdin
-p PORT
--i Insecure, no ssl
--h|--help Print help and exit
--r DocumentRoot
--- Subsequent arguments are never treated as options
+-i Insecure, no ssl
+-c CERT_DIR Default is /p/c/machine_specific/\$HOSTNAME/webservercerts
+-h|--help Print help and exit
+-r DocumentRoot
+-- Subsequent arguments are never treated as options
Note: options and non-options can be in any order.
EOF
##### begin command line parsing ########
+cert_dir=/p/c/machine_specific/$HOSTNAME/webservercerts
ssl=true
extra_settings=
args=()
while [[ $1 ]]; do
case $1 in
-i) ssl=false; shift ;; # i for insecure
+ -c) cert_dir="$2"; shift 2 ;;
-p) port="$2"; shift 2 ;;
-r) root="$2"; shift 2 ;;
--) shift; break ;;
root=/var/www/$h/html
fi
+
##### end command line parsing ########
-cdir=/p/c/machine_specific/$HOSTNAME/webservercerts
# taken from the let's encrypt generated site, using
# ./certbot-auto --apache (should use the test mode to check if there are updates)
sudo rm -f /etc/apache2/sites-enabled/000-default.conf
+sudo mkdir -p $root
sudo dd of=/etc/apache2/sites-enabled/$h.conf <<EOF
<VirtualHost $port>
ServerName $h
EOF
if [[ $extra_settings ]]; then
- cat $extra_settings | sudo tee -a /etc/apache2/sites-enabled/$h.conf
+ cat -- $extra_settings | sudo tee -a /etc/apache2/sites-enabled/$h.conf
fi
if $ssl; then
sudo tee -a /etc/apache2/sites-enabled/$h.conf <<EOF
- SSLCertificateFile $cdir/$h-chained.pem
- SSLCertificateKeyFile $cdir/$h-domain.key
+ SSLCertificateFile $cert_dir/$h-chained.pem
+ SSLCertificateKeyFile $cert_dir/$h-domain.key
Include /etc/letsencrypt/options-ssl-apache.conf
EOF
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
EOF
-s a2enmod ssl rewrite # rewrite needed for httpredir
-ser restart apache2
+sudo a2enmod ssl rewrite # rewrite needed for httpredir
+sudo service apache2 restart
iankelling.org / git / basic-https-conf / commitdiff