29 lines
740 B
Bash
29 lines
740 B
Bash
|
#!/bin/sh
|
||
|
|
||
|
MASQUERADE=${MASQUERADE:-127.0.0.1}
|
||
|
ACME_SERVER=${ACME_SERVER:-letsencrypt}
|
||
|
ACME_DNS=${ACME_DNS:-myapi}
|
||
|
|
||
|
if [ ! -d /acme/cert ] ; then
|
||
|
mkdir -p /acme/cert
|
||
|
fi
|
||
|
|
||
|
if [ -n "${ACME_EMAIL}" ] ; then
|
||
|
ACME_EMAIL="--accountemail ${ACME_EMAIL}"
|
||
|
fi
|
||
|
|
||
|
if [ ! -f "/acme/cert/cert.pem" ] ; then
|
||
|
echo "Initializing certificate with acme.sh"
|
||
|
# shellcheck disable=SC2086
|
||
|
acme.sh --issue -d "${MASQUERADE}" \
|
||
|
--home /acme \
|
||
|
--dns "${ACME_DNS}" \
|
||
|
--server "${ACME_SERVER}" \
|
||
|
--cert-file /acme/cert/cert.pem \
|
||
|
--key-file /acme/cert/privkey.pem \
|
||
|
--fullchain-file /acme/cert/chain.pem \
|
||
|
--reloadcmd /app/acme-refresh-cert.sh ${ACME_EMAIL}
|
||
|
else
|
||
|
echo "Certificate ready"
|
||
|
fi
|