2 # This file is part of web-conf which configures web servers
3 # Copyright (C) 2024 Ian Kelling
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation, either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
18 # SPDX-License-Identifier: GPL-3.0-or-later
20 # usage: $0 apache2|nginx
22 if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi
23 shopt -s inherit_errexit
2>/dev
/null ||
: # ignore fail in bash < 4.4
25 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?. PIPESTATUS: ${PIPESTATUS[*]}" >&2' ERR
26 [[ $EUID == 0 ]] ||
exec sudo
-E "${BASH_SOURCE[0]}" "$@"
30 if apt-cache show python3-certbot-apache
&>/dev
/null
; then
33 pkgs
=(certbot python
${pyver}-certbot-${t%2})
34 if ! dpkg
-s -- ${pkgs[@]} 2>&1 |
grep -Fx "Status: install ok installed" &> /dev
/null
; then
35 apt-get
-y install --purge --auto-remove ${pkgs[@]}
37 # Make a version of the certbot timer that emails me.
38 if [[ -e /a
/bin
/log-quiet
/sysd-mail-once
]]; then
39 x
=/systemd
/system
/certbot
40 md5
=$
(md5sum /lib
$x.timer
/lib
$x.service
2>/dev
/null
) ||
:
41 sed -r -f - /lib
$x.timer
<<'EOF' >/etc${x}mail.timer
42 s,^Description.*,\0 mail version,
44 sed -r -f - /lib
$x.service
<<'EOF' > /etc${x}mail.service
45 s,(ExecStart=).*,\1/a/bin/log-quiet/sysd-mail-once certbotmail /usr/bin/certbot renew,
47 if [[ $md5sum != "$(md5sum /lib$x.timer /lib$x.service)" ]]; then
48 systemctl daemon-reload
50 systemctl stop certbot.timer
51 systemctl disable certbot.timer
52 systemctl start certbotmail.timer
53 systemctl
enable certbotmail.timer