-
Notifications
You must be signed in to change notification settings - Fork 33
/
install.sh
104 lines (79 loc) · 2.47 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
#!/bin/bash
{
while getopts ":a:h" opt; do
case $opt in
a) ARCH="$OPTARG";;
h) echo "Usage: $0 [-a <arch>]"
echo " -a <arch> Architecture of lego to install (default: $(dpkg --print-architecture))"
exit 0
;;
:) echo "Error: -${OPTARG} requires an argument.";;
\?) echo "Invalid option -$OPTARG" >&2
;;
esac
done
ARCH=${ARCH:-$(dpkg --print-architecture)}
permissions() {
local mod="$1"
local path="$2"
sudo chown root:root "$path"
sudo chmod "$mod" "$path"
}
install_lego() {
local path="/usr/local/bin/lego"
local url
url="$(
curl -sSL "https://api.github.com/repos/go-acme/lego/releases/latest" \
| jq --unbuffered -r --arg arch "$ARCH" '.assets[].browser_download_url | select(.|endswith("linux_\($arch).tar.gz"))'
)"
if [[ -z $url ]]; then
echo "Could not find lego download URL for architecture '$ARCH'! Try a different architecture maybe? See '$0 -h'" >&2
exit 1
fi
curl -sSL "$url" \
| sudo tar -zx -C "${path%/*}" -- "${path##*/}"
permissions 755 "$path"
printf "installed: %s\n" "$path"
}
install_script() {
local name="$1"
local path="/usr/local/bin/$name"
sudo curl -sSL -o "$path" "https://raw.githubusercontent.com/JessThrysoee/synology-letsencrypt/master/$name"
permissions 755 "$path"
printf "installed: %s\n" "$path"
}
install_configuration() {
local dir="/usr/local/etc/synology-letsencrypt"
local env="$dir/env"
sudo mkdir -p "$dir"
permissions 700 "$dir"
if [[ ! -s $env ]]; then
sudo tee "$env" > /dev/null <<EOF
DOMAINS=(--domains "example.com" --domains "*.example.com")
EMAIL="[email protected]"
# Specify DNS Provider (this example is from https://go-acme.github.io/lego/dns/simply/)
DNS_PROVIDER="simply"
export SIMPLY_ACCOUNT_NAME=XXXXXXX
export SIMPLY_API_KEY=XXXXXXXXXX
export SIMPLY_PROPAGATION_TIMEOUT=1800
export SIMPLY_POLLING_INTERVAL=30
# Should you need it; additional options can be passed directly to lego
#LEGO_OPTIONS=(--key-type "rsa4096" --server "https://acme-staging-v02.api.letsencrypt.org/directory")
EOF
fi
permissions 600 "$env"
printf "installed: %s\n" "$env"
cat << EOF
All done!
Check $env and edit as needed.
EOF
}
install() {
install_lego
install_script "synology-letsencrypt.sh"
install_script "synology-letsencrypt-reload-services.sh"
install_script "synology-letsencrypt-make-cert-id.sh"
install_configuration
}
install
}