Let's Encrypt v2 with wildcard support

2025-08-14 10:37:42 -07:00 · 2018-12-26 12:54:33 +02:00 · 2018-12-26 12:54:33 +02:00 · f8b4d42b74
commit f8b4d42b74
parent 4327a3d1bc
5 changed files with 257 additions and 472 deletions
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@ -22,51 +22,32 @@ source $VESTA/conf/vesta.conf
 #                       Action                             #
 #----------------------------------------------------------#

-# Defining user list
-users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }')
-
-lecounter=0
-
-# Checking users
-for user in $users; do
+# Checking user certificates
+for user in $($BIN/v-list-users plain |cut -f 1); do
    USER_DATA=$VESTA/data/users/$user
-    # Checking user certificates
+    lecounter=0
+
    for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
-        # Working on Web domain check - if is suspended
-        webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes")
-        if [ ! -z "$webSuspended" ]; then
-                continue;
-        fi;
-        crt="$VESTA/data/users/$user/ssl/$domain.crt"
-        crt_data=$(openssl x509 -text -in "$crt")
-        expire=$(echo "$crt_data" |grep "Not After")
-        expire=$(echo "$expire" |cut -f 2,3,4 -d :)
-        expire=$(date -d "$expire" +%s)
+        crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
+        not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
+        expiration=$(date -d "$not_after" +%s)
        now=$(date +%s)
-        expire=$((expire - now))
-        expire=$((expire / 86400))
-        domain=$(basename $crt |sed -e "s/.crt$//")
-        if [[ "$expire" -lt 31 ]]; then
-            if [ $lecounter -gt 0 ]; then
-                sleep 10
-            fi
-            ((lecounter++))
+        seconds_valid=$((expiration - now))
+        days_valid=$((seconds_valid / 86400))
+        if [[ "$days_valid" -lt 31 ]]; then
            aliases=$(echo "$crt_data" |grep DNS:)
            aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
            aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
            aliases=$(echo "$aliases" |grep -v "^$domain$")
-            if [ ! -z "$aliases" ]; then
-                aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
-                msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
-                if [ $? -ne 0 ]; then
-                    echo "$domain $msg"
-                fi
-            else
-                msg==$($BIN/v-add-letsencrypt-domain $user $domain)
-                if [ $? -ne 0 ]; then
-                    echo "$domain $msg"
-                fi
+            aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
+            msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
+            if [ $? -ne 0 ]; then
+                echo "$domain $msg"
            fi
+            if [ $lecounter -gt 0 ]; then
+                sleep 10
+            fi
+            ((lecounter++))
        fi
    done
 done