#!/bin/bash # Quick setup script for SSL certificate management set -e SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" echo "SSL Certificate Management Setup" echo "===============================" echo "" # Check if running as root if [[ $EUID -eq 0 ]]; then echo "WARNING: Running as root. This is required for system-wide certificate management." echo "" fi # Check dependencies echo "Checking dependencies..." missing_deps=() if ! command -v certbot >/dev/null 2>&1; then missing_deps+=("certbot") fi if ! command -v nginx >/dev/null 2>&1; then missing_deps+=("nginx") fi if ! command -v openssl >/dev/null 2>&1; then missing_deps+=("openssl") fi if [[ ${#missing_deps[@]} -gt 0 ]]; then echo "❌ Missing dependencies: ${missing_deps[*]}" echo "" echo "Install them with:" echo " sudo apt update" echo " sudo apt install ${missing_deps[*]}" echo "" echo "For DNS challenges (optional):" echo " sudo pip install dns-lexicon[full]" exit 1 else echo "✅ All dependencies found" fi # Make scripts executable echo "Making scripts executable..." chmod +x "$SCRIPT_DIR/certbot-manager.sh" chmod +x "$SCRIPT_DIR/loopia-hook.sh" echo "✅ Scripts are now executable" # Setup environment file if [[ ! -f "$SCRIPT_DIR/.env" ]]; then echo "Creating .env file from template..." cp "$SCRIPT_DIR/.env.example" "$SCRIPT_DIR/.env" echo "📝 Please edit $SCRIPT_DIR/.env with your configuration:" echo " nano $SCRIPT_DIR/.env" echo "" else echo "✅ .env file already exists" fi # Create log directory sudo mkdir -p /var/log/letsencrypt echo "✅ Log directory created" # Setup instructions echo "" echo "Setup Complete! 🎉" echo "==================" echo "" echo "Next steps:" echo "1. Edit configuration: nano $SCRIPT_DIR/.env" echo "2. Test certificate: $SCRIPT_DIR/certbot-manager.sh check" echo "3. Get certificate: $SCRIPT_DIR/certbot-manager.sh renew" echo "4. Setup auto-renewal:" echo "" echo " Option A - Cron (simple):" echo " sudo crontab -e" echo " Add: 0 2 * * * cd $SCRIPT_DIR && source .env && ./certbot-manager.sh auto >> /var/log/letsencrypt/cron.log 2>&1" echo "" echo " Option B - Systemd (recommended):" echo " sudo cp $SCRIPT_DIR/ssl-renewal.service /etc/systemd/system/" echo " sudo cp $SCRIPT_DIR/ssl-renewal.timer /etc/systemd/system/" echo " Edit paths in /etc/systemd/system/ssl-renewal.service" echo " sudo systemctl enable ssl-renewal.timer" echo " sudo systemctl start ssl-renewal.timer" echo "" echo "View logs with:" echo " tail -f /var/log/letsencrypt/renewal.log"