"Fossies" - the Fresh Open Source Software Archive

Member "jitsi-meet-7312/resources/install-letsencrypt-cert.sh" (1 Jun 2023, 3392 Bytes) of package /linux/misc/jitsi-meet-7312.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 #!/bin/bash
    2 
    3 set -e
    4 
    5 echo "-------------------------------------------------------------------------"
    6 echo "This script will:"
    7 echo "- Need a working DNS record pointing to this machine(for hostname ${DOMAIN})"
    8 echo "- Install additional dependencies in order to request Let’s Encrypt certificate (acme.sh)"
    9 echo "- Configure and reload nginx or apache2, whichever is used"
   10 echo "- Configure the coturn server to use Let's Encrypt certificate and add required deploy hooks"
   11 echo "- Configure renew of certificate"
   12 echo ""
   13 
   14 EMAIL=$1
   15 
   16 if [ -z "$EMAIL" ]; then
   17   echo "You need to agree to the ACME server's Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf) "
   18   echo "by providing an email address for important account notifications"
   19 
   20   echo -n "Enter your email and press [ENTER]: "
   21   read EMAIL
   22 fi
   23 
   24 DOMAIN=$2
   25 if [ -z "$DOMAIN" ]; then
   26   DEB_CONF_RESULT=$(debconf-show jitsi-meet-web-config | grep jitsi-meet/jvb-hostname)
   27   DOMAIN="${DEB_CONF_RESULT##*:}"
   28 fi
   29 # remove whitespace
   30 DOMAIN="$(echo -e "${DOMAIN}" | tr -d '[:space:]')"
   31 
   32 
   33 export HOME=/opt/acmesh
   34 curl https://get.acme.sh | sh -s email=$EMAIL
   35 
   36 # Checks whether nginx or apache is installed
   37 NGINX_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx' 2>/dev/null | awk '{print $3}' || true)"
   38 NGINX_FULL_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx-full' 2>/dev/null | awk '{print $3}' || true)"
   39 NGINX_EXTRAS_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'nginx-extras' 2>/dev/null | awk '{print $3}' || true)"
   40 OPENRESTY_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'openresty' 2>/dev/null | awk '{print $3}' || true)"
   41 APACHE_INSTALL_CHECK="$(dpkg-query -f '${Status}' -W 'apache2' 2>/dev/null | awk '{print $3}' || true)"
   42 
   43 RELOAD_CMD=""
   44 if [ "$NGINX_INSTALL_CHECK" = "installed" ] || [ "$NGINX_INSTALL_CHECK" = "unpacked" ] \
   45    || [ "$NGINX_FULL_INSTALL_CHECK" = "installed" ] || [ "$NGINX_FULL_INSTALL_CHECK" = "unpacked" ] \
   46    || [ "$NGINX_EXTRAS_INSTALL_CHECK" = "installed" ] || [ "$NGINX_EXTRAS_INSTALL_CHECK" = "unpacked" ]; then
   47     RELOAD_CMD="systemctl force-reload nginx.service"
   48 elif [ "$OPENRESTY_INSTALL_CHECK" = "installed" ] || [ "$OPENRESTY_INSTALL_CHECK" = "unpacked" ] ; then
   49     RELOAD_CMD="systemctl force-reload openresty.service"
   50 elif [ "$APACHE_INSTALL_CHECK" = "installed" ] || [ "$APACHE_INSTALL_CHECK" = "unpacked" ] ; then
   51     RELOAD_CMD="systemctl force-reload apache2.service"
   52 else
   53     RELOAD_CMD="echo 'No webserver found'"
   54 fi
   55 
   56 RELOAD_CMD+=" && /usr/share/jitsi-meet/scripts/coturn-le-update.sh ${DOMAIN}"
   57 
   58 ISSUE_FAILED_CODE=0
   59 ISSUE_CERT_CMD="/opt/acmesh/.acme.sh/acme.sh -f --issue -d ${DOMAIN} -w /usr/share/jitsi-meet --server letsencrypt"
   60 eval "${ISSUE_CERT_CMD}" || ISSUE_FAILED_CODE=$?
   61 
   62 INSTALL_CERT_CMD="/opt/acmesh/.acme.sh/acme.sh -f --install-cert -d ${DOMAIN} --key-file /etc/jitsi/meet/${DOMAIN}.key --fullchain-file /etc/jitsi/meet/${DOMAIN}.crt --reloadcmd \"${RELOAD_CMD}\""
   63 if [ ${ISSUE_FAILED_CODE} -ne 0 ] ; then
   64     # it maybe this certificate already exists (code 2 - skip, no need to renew)
   65     if [ ${ISSUE_FAILED_CODE} -eq 2 ]; then
   66         eval "$INSTALL_CERT_CMD"
   67     else
   68         echo "Issuing the certificate from Let's Encrypt failed, continuing ..."
   69         echo "You can retry later by executing:"
   70         echo "/usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh $EMAIL"
   71     fi
   72 else
   73     eval "$INSTALL_CERT_CMD"
   74 fi