From 170e4887651865798d8e2b1f6469dc8c3cde473b Mon Sep 17 00:00:00 2001 From: Andrej Vitez Date: Fri, 10 Jun 2022 17:25:54 +0200 Subject: [PATCH] Add non-interactive script options and fix nginx container name (#12) * Add non-interactive script options and fix nginx container name Nginx container name was hardcoded even though a different name is defined in docker-composer.yml. Script will now detect proper name from docker-compose file. * Fix invalid boolean variable comparisons * Refactor user confirmation prompt logic Co-authored-by: Jesus Federico --- init-letsencrypt.sh | 52 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 42 insertions(+), 10 deletions(-) diff --git a/init-letsencrypt.sh b/init-letsencrypt.sh index d526610..513698d 100755 --- a/init-letsencrypt.sh +++ b/init-letsencrypt.sh @@ -10,8 +10,35 @@ if [[ ! -f ./.env ]]; then exit 1 fi +usage() { + echo -e "Initializes letsencrypt certificates for Nginx proxy container\n" + echo -e "Usage: $0 [-z|-r|-h]\n" + echo " -n|--non-interactive Enable non interactive mode" + echo " -r|--replace Replace existing certificates without asking" + echo " -h|--help Show usage information" + exit 1 +} + +interactive=1 +replaceExisting=0 + +while [[ $# -gt 0 ]] +do + case "$1" in + -n|--non-interactive) interactive=0;shift;; + -r|--replace) replaceExisting=1;shift;; + -h|--help) usage;; + -*) echo "Unknown option: \"$1\"\n";usage;; + *) echo "Script does not accept arguments\n";usage;; + esac +done + URL_HOST=$(grep URL_HOST .env | cut -d '=' -f2) echo $URL_HOST +NGINX_CONTAINER_NAME=$(grep DOCKER_PROXY_NGINX_TEMPLATE .env | cut -d '=' -f2) +if [[ -z "$NGINX_CONTAINER_NAME" ]]; then + NGINX_CONTAINER_NAME=scalelite-proxy +fi domains=($URL_HOST) rsa_key_size=4096 @@ -19,13 +46,17 @@ data_path="./data/certbot" email="$LETSENCRYPT_EMAIL" # Adding a valid address is strongly recommended staging=${LETSENCRYPT_STAGING:-0} # Set to 1 if you're testing your setup to avoid hitting request limits -if [ -d "$data_path" ]; then - read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision - if [ "$decision" != "Y" ] && [ "$decision" != "y" ]; then - exit - fi -fi +if [ -d "$data_path" ] && [ "$replaceExisting" -eq 0 ]; then + if [ "$interactive" -eq 0 ]; then + echo "Certificates already exist." + exit + fi + read -p "Existing data found for $domains. Continue and replace existing certificate? (y/N) " decision + if [ "$decision" != "Y" ] && [ "$decision" != "y" ]; then + exit + fi +fi if [ ! -e "$data_path/conf/options-ssl-nginx.conf" ] || [ ! -e "$data_path/conf/ssl-dhparams.pem" ]; then echo "### Downloading recommended TLS parameters ..." @@ -46,8 +77,8 @@ docker-compose run --rm --entrypoint "\ echo -echo "### Starting scalelite-proxy ..." -docker-compose up --force-recreate -d scalelite-proxy +echo "### Starting $NGINX_CONTAINER_NAME ..." +docker-compose up --force-recreate -d $NGINX_CONTAINER_NAME echo echo "### Deleting dummy certificate for $domains ..." @@ -77,6 +108,7 @@ if [ $staging != "0" ]; then staging_arg="--staging"; fi docker-compose run --rm --entrypoint "\ certbot certonly --webroot -w /var/www/certbot \ $staging_arg \ + $([ "$interactive" -ne 1 ] && echo '--non-interactive') \ $email_arg \ $domain_args \ --rsa-key-size $rsa_key_size \ @@ -85,5 +117,5 @@ docker-compose run --rm --entrypoint "\ --force-renewal" certbot echo -echo "### Reloading scalelite-proxy ..." -docker-compose exec scalelite-proxy nginx -s reload +echo "### Reloading $NGINX_CONTAINER_NAME..." +docker-compose exec $([ "$interactive" -ne 1 ] && echo "-T") $NGINX_CONTAINER_NAME nginx -s reload