95 lines
2.6 KiB
Bash
95 lines
2.6 KiB
Bash
#!/bin/bash
|
|
|
|
# Quick setup script for SSL certificate management
|
|
|
|
set -e
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
|
|
echo "SSL Certificate Management Setup"
|
|
echo "==============================="
|
|
echo ""
|
|
|
|
# Check if running as root
|
|
if [[ $EUID -eq 0 ]]; then
|
|
echo "WARNING: Running as root. This is required for system-wide certificate management."
|
|
echo ""
|
|
fi
|
|
|
|
# Check dependencies
|
|
echo "Checking dependencies..."
|
|
missing_deps=()
|
|
|
|
if ! command -v certbot >/dev/null 2>&1; then
|
|
missing_deps+=("certbot")
|
|
fi
|
|
|
|
if ! command -v nginx >/dev/null 2>&1; then
|
|
missing_deps+=("nginx")
|
|
fi
|
|
|
|
if ! command -v openssl >/dev/null 2>&1; then
|
|
missing_deps+=("openssl")
|
|
fi
|
|
|
|
if [[ ${#missing_deps[@]} -gt 0 ]]; then
|
|
echo "❌ Missing dependencies: ${missing_deps[*]}"
|
|
echo ""
|
|
echo "Install them with:"
|
|
echo " sudo apt update"
|
|
echo " sudo apt install ${missing_deps[*]}"
|
|
echo ""
|
|
echo "For DNS challenges (optional):"
|
|
echo " sudo pip install dns-lexicon[full]"
|
|
exit 1
|
|
else
|
|
echo "✅ All dependencies found"
|
|
fi
|
|
|
|
# Make scripts executable
|
|
echo "Making scripts executable..."
|
|
chmod +x "$SCRIPT_DIR/certbot-manager.sh"
|
|
chmod +x "$SCRIPT_DIR/loopia-hook.sh"
|
|
echo "✅ Scripts are now executable"
|
|
|
|
# Setup environment file
|
|
if [[ ! -f "$SCRIPT_DIR/.env" ]]; then
|
|
echo "Creating .env file from template..."
|
|
cp "$SCRIPT_DIR/.env.example" "$SCRIPT_DIR/.env"
|
|
echo "📝 Please edit $SCRIPT_DIR/.env with your configuration:"
|
|
echo " nano $SCRIPT_DIR/.env"
|
|
echo ""
|
|
else
|
|
echo "✅ .env file already exists"
|
|
fi
|
|
|
|
# Create log directory
|
|
sudo mkdir -p /var/log/letsencrypt
|
|
echo "✅ Log directory created"
|
|
|
|
# Setup instructions
|
|
echo ""
|
|
echo "Setup Complete! 🎉"
|
|
echo "=================="
|
|
echo ""
|
|
echo "Next steps:"
|
|
echo "1. Edit configuration: nano $SCRIPT_DIR/.env"
|
|
echo "2. Test certificate: $SCRIPT_DIR/certbot-manager.sh check"
|
|
echo "3. Get certificate: $SCRIPT_DIR/certbot-manager.sh renew"
|
|
echo "4. Setup auto-renewal:"
|
|
echo ""
|
|
echo " Option A - Cron (simple):"
|
|
echo " sudo crontab -e"
|
|
echo " Add: 0 2 * * * cd $SCRIPT_DIR && source .env && ./certbot-manager.sh auto >> /var/log/letsencrypt/cron.log 2>&1"
|
|
echo ""
|
|
echo " Option B - Systemd (recommended):"
|
|
echo " sudo cp $SCRIPT_DIR/ssl-renewal.service /etc/systemd/system/"
|
|
echo " sudo cp $SCRIPT_DIR/ssl-renewal.timer /etc/systemd/system/"
|
|
echo " Edit paths in /etc/systemd/system/ssl-renewal.service"
|
|
echo " sudo systemctl enable ssl-renewal.timer"
|
|
echo " sudo systemctl start ssl-renewal.timer"
|
|
echo ""
|
|
echo "View logs with:"
|
|
echo " tail -f /var/log/letsencrypt/renewal.log"
|