road to v1.2.1

scripts/certbot-new.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+# generate certificate
+certbot certonly --webroot -w /acme-challenge -n -d "$1" --email "$2" --agree-tos
+
+# fix rights
+chown -R root:nginx /etc/letsencrypt
+chmod -R 740 /etc/letsencrypt
+find /etc/letsencrypt -type d -exec chmod 750 {} \;

scripts/certbot-renew.sh

@@ -1,30 +1,9 @@
 #!/bin/sh
 
-function replace_in_file() {
-	# escape slashes
-	pattern=$(echo "$2" | sed "s/\//\\\\\//g")
-	replace=$(echo "$3" | sed "s/\//\\\\\//g")
-	sed -i "s/$pattern/$replace/g" "$1"
-}
-
-# disable HTTP
-servers="$(find /etc/nginx -name server.conf)"
-for f in $servers ; do
-	replace_in_file "$f" "listen" "#listen"
-done
-if [ -f /tmp/nginx.pid ] ; then
-	/usr/sbin/nginx -s reload
-	sleep 10
-fi
-
-# ask a new certificate if needed
+# ask new certificates if needed
 certbot renew
 
-# enable HTTP again
-for f in $servers ; do
-	replace_in_file "$f" "#listen" "listen"
-done
-
+# fix rights
 chown -R root:nginx /etc/letsencrypt
 chmod -R 740 /etc/letsencrypt
 find /etc/letsencrypt -type d -exec chmod 750 {} \;