mirror of
https://github.com/joglomedia/LEMPer.git
synced 2026-04-13 08:28:21 +00:00
52 lines
1.7 KiB
Bash
Executable File
52 lines
1.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Certbot Let's Encrypt installer
|
|
# Min. Requirement : GNU/Linux Ubuntu 14.04
|
|
# Last Build : 01/07/2019
|
|
# Author : ESLabs.ID (eslabs.id@gmail.com)
|
|
# Since Version : 1.0.0
|
|
|
|
# Include decorator
|
|
if [ "$(type -t run)" != "function" ]; then
|
|
BASEDIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )
|
|
. ${BASEDIR}/helper.sh
|
|
fi
|
|
|
|
# Make sure only root can run this installer script
|
|
if [ $(id -u) -ne 0 ]; then
|
|
error "You need to be root to run this script"
|
|
exit 1
|
|
fi
|
|
|
|
echo -en "\nDo you want to install Certbot Let's Encrypt SSL? [Y/n]: "
|
|
read certbotInstall
|
|
|
|
if [[ "${certbotInstall}" == Y* || "${certbotInstall}" == y* ]]; then
|
|
echo -e "\nInstalling Certbot Let's Encrypt..."
|
|
|
|
if [[ ! -n $(which certbot) ]]; then
|
|
run add-apt-repository -y ppa:certbot/certbot
|
|
run apt-get -y update
|
|
run apt-get -y install certbot
|
|
|
|
# Add this certbot renew command to cron
|
|
#15 3 * * * /usr/bin/certbot renew --quiet --renew-hook "/bin/systemctl reload nginx"
|
|
|
|
croncmd='15 3 * * * /usr/bin/certbot renew --quiet --renew-hook "/usr/sbin/service nginx reload -s"'
|
|
crontab -l > mycronjob
|
|
echo "$croncmd" >> mycronjob
|
|
crontab mycronjob
|
|
rm -f mycronjob
|
|
else
|
|
echo -e "Certbot Let's Encrypt already installed"
|
|
fi
|
|
|
|
# Generate Diffie-Hellman parameter
|
|
if [ ! -f /etc/letsencrypt/ssl-dhparam-4096.pem ]; then
|
|
echo "Generating Diffie-Hellman parameter for enhanced security..."
|
|
|
|
#openssl dhparam -out /etc/letsencrypt/ssl-dhparam-2048.pem 2048
|
|
openssl dhparam -out /etc/letsencrypt/ssl-dhparam-4096.pem 4096
|
|
fi
|
|
fi
|