32 lines
810 B
Bash
32 lines
810 B
Bash
#!/usr/bin/env sh
|
|
set -eu
|
|
|
|
# Request Let's Encrypt certificates for DOMAINS.
|
|
# Existing valid certificates are kept by certbot because of --keep-until-expiring.
|
|
|
|
ROOT_DIR="$(CDPATH= cd -- "$(dirname -- "$0")/.." && pwd)"
|
|
|
|
cd "$ROOT_DIR"
|
|
|
|
if [ -z "${DOMAINS:-}" ]; then
|
|
echo "错误:必须设置 DOMAINS。" >&2
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${CERT_EMAIL:-}" ]; then
|
|
echo "错误:必须设置 CERT_EMAIL。" >&2
|
|
exit 1
|
|
fi
|
|
|
|
. "$ROOT_DIR/scripts/lib-compose.sh"
|
|
|
|
echo "使用 certbot 申请正式证书..."
|
|
for domain in $DOMAINS; do
|
|
echo "申请正式证书:$domain"
|
|
compose run --rm --entrypoint certbot certbot \
|
|
certonly --webroot -w /var/www -d "$domain" \
|
|
--email "$CERT_EMAIL" --agree-tos --non-interactive --keep-until-expiring
|
|
done
|
|
|
|
echo "证书申请步骤完成。"
|