Add 'certbot-domain.sh'

2017-11-08 14:43:05 +00:00 · 2017-11-08 14:43:05 +00:00 · f10a76290c
parent dd9c96e4c4
commit f10a76290c
1 changed files with 24 additions and 0 deletions
--- a/certbot-domain.sh
+++ b/certbot-domain.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+# Generate a SSL certificate with certbot 
+
+read -p "Enter your domain name: " domain_name
+certbot certonly --pre-hook "service nginx stop" --standalone --cert-name $domain_name -d $domain_name -d www.$domain_name --post-hook "service nginx start" -n --agree-tos -m contact@$domain_name --rsa-key-size 4096
+
+cat <<EOF >/var/www/$domain_name/conf/nginx/ssl.conf
+listen 443 ssl http2;
+listen [::]:443 ssl http2;
+ssl on;
+    ssl_certificate     /etc/letsencrypt/live/$domain_name/fullchain.pem;
+    ssl_certificate_key     /etc/letsencrypt/live/$domain_name/privkey.pem; 
+EOF
+cat <<EOF >/etc/nginx/conf.d/$domain_name-forcessl.conf
+server {
+	listen 80;
+        listen [::]:80;
+	server_name $domain_name www.$domain_name;
+	return 301 https://$domain_name$request_uri;
+}
+EOF
+nginx -t
+service nginx reload
+