Rely on distro's LE (#165)

2017-03-10 11:47:48 -06:00 · 2017-03-10 11:47:48 -06:00 · 6b52e4016c
--- a/lets-encrypt/activate-ssl.sh
+++ b/lets-encrypt/activate-ssl.sh
@ -201,16 +201,17 @@ else
   rm *.html
 fi

-# Install git
-    git --version 2> /dev/null
-    GIT_IS_AVAILABLE=$?
-if [ $GIT_IS_AVAILABLE -eq 0 ]
+# Install letsencrypt
+letsencrypt --version 2> /dev/null
+LE_IS_AVAILABLE=$?
+if [ $LE_IS_AVAILABLE -eq 0 ]
 then
-    sleep 1
+    letsencrypt --version
 else
-    echo "Installing git..."
+    echo "Installing letsencrypt..."
+    add-apt-repository ppa:certbot/certbot -y
    apt update -q2
-    apt install git -y -q
+    apt install letsencrypt -y -q
 fi

 #Fix issue #28
@ -287,18 +288,11 @@ fi
 # Stop Apache to aviod port conflicts
 a2dissite 000-default.conf
 sudo service apache2 stop
-# Check if $letsencryptpath exist, and if, then delete.
-if [ -d "$letsencryptpath" ]
-then
-    rm -R $letsencryptpath
-fi
 # Generate certs
-cd $dir_before_letsencrypt
-git clone https://github.com/letsencrypt/letsencrypt
-cd $letsencryptpath
-./letsencrypt-auto certonly --standalone -d $domain
+letsencrypt certonly --standalone --rsa-key-size 4096 -d $domain
+
 # Use for testing
-#./letsencrypt-auto --apache --server https://acme-staging.api.letsencrypt.org/directory -d EXAMPLE.COM
+#letsencrypt --apache --server https://acme-staging.api.letsencrypt.org/directory -d EXAMPLE.COM
 # Activate Apache again (Disabled during standalone)
 service apache2 start
 a2ensite 000-default.conf
@ -317,17 +311,8 @@ else
    echo -e "\e[0m"
 fi
 ##### START SECOND TRY
-
-# Check if $letsencryptpath exist, and if, then delete.
-if [ -d "$letsencryptpath" ]
-then
-    rm -R $letsencryptpath
-fi
 # Generate certs
-cd $dir_before_letsencrypt
-git clone https://github.com/letsencrypt/letsencrypt
-cd $letsencryptpath
-./letsencrypt-auto -d $domain
+letsencrypt --rsa-key-size 4096 -d $domain
 # Check if $certfiles exists
 if [ -d "$certfiles" ]
 then
@ -342,17 +327,8 @@ else
    echo -e "\e[0m"
 fi
 ##### START THIRD TRY
+letsencrypt certonly --agree-tos --webroot -w $NCPATH --rsa-key-size 4096 -d $domain

-# Check if $letsencryptpath exist, and if, then delete.
-if [ -d "$letsencryptpath" ]
-then
-    rm -R $letsencryptpath
-fi
-# Generate certs
-cd $dir_before_letsencrypt
-git clone https://github.com/letsencrypt/letsencrypt
-cd $letsencryptpath
-./letsencrypt-auto certonly --agree-tos --webroot -w $NCPATH -d $domain
 # Check if $certfiles exists
 if [ -d "$certfiles" ]
 then
@ -367,17 +343,8 @@ else
    echo -e "\e[0m"
 fi
 #### START FORTH TRY
-
-# Check if $letsencryptpath exist, and if, then delete.
-if [ -d "$letsencryptpath" ]
-then
-    rm -R $letsencryptpath
-fi
 # Generate certs
-cd $dir_before_letsencrypt
-git clone https://github.com/letsencrypt/letsencrypt
-cd $letsencryptpath
-./letsencrypt-auto --agree-tos --apache -d $domain
+letsencrypt --agree-tos --apache --rsa-key-size 4096 -d $domain
 # Check if $certfiles exists
 if [ -d "$certfiles" ]
 then
@ -408,10 +375,8 @@ ENDMSG
    echo -e "\e[0m"

 # Cleanup
-    rm -R $letsencryptpath
-    rm $SCRIPTS/test-new-config.sh
-    rm $ssl_conf
-    rm -R /root/.local/share/letsencrypt
+apt remove letsencrypt -y
+apt autoremove -y
 # Change ServerName in apache.conf and hostname
    sed -i "s|ServerName $domain|ServerName $(hostname -s)|g" /etc/apache2/apache2.conf
    sudo hostnamectl set-hostname $(hostname -s)
--- a/lets-encrypt/test-new-config.sh
+++ b/lets-encrypt/test-new-config.sh
@ -66,7 +66,7 @@ IF='if [[ $? -eq 0 ]]'
 cat << CRONTAB > "$SCRIPTS/letsencryptrenew.sh"
 #!/bin/sh
 service apache2 stop
-if ! /etc/letsencrypt/letsencrypt-auto renew > /var/log/letsencrypt/renew.log 2>&1 ; then
+if ! letsencrypt renew > /var/log/letsencrypt/renew.log 2>&1 ; then
        echo Automated renewal failed:
        cat /var/log/letsencrypt/renew.log
        exit 1
--- a/nextcloud-startup-script.sh
+++ b/nextcloud-startup-script.sh
@ -714,16 +714,17 @@ else
 fi
 echo
 clear
+NCADMIN=$(sudo -u www-data php $NCPATH/occ user:list | awk '{print $3}')
 echo -e "\e[0m"
-echo "For better security, change the Nextcloud password for [$NCUSER]"
-echo "The current password for $NCUSER is [$NCPASS]"
+echo "For better security, change the Nextcloud password for [$NCADMIN]"
+echo "The current password for $NCADMIN is [$NCPASS]"
 echo -e "\e[32m"
 read -p "Press any key to change password for Nextcloud... " -n1 -s
 echo -e "\e[0m"
-sudo -u www-data php $NCPATH/occ user:resetpassword $NCUSER
+sudo -u www-data php $NCPATH/occ user:resetpassword $NCADMIN
 if [[ $? > 0 ]]
 then
-    sudo -u www-data php $NCPATH/occ user:resetpassword $NCUSER
+    sudo -u www-data php $NCPATH/occ user:resetpassword $NCADMIN
 else
    sleep 2
 fi
--- a/static/collabora.sh
+++ b/static/collabora.sh
@ -163,16 +163,6 @@ else
    service docker restart
 fi

-# Check if Git is installed
-    git --version 2> /dev/null
-    GIT_IS_AVAILABLE=$?
-if [ $GIT_IS_AVAILABLE -eq 0 ]
-then
-    sleep 1
-else
-    apt install git -y
-fi
-
 # Check of docker runs and kill it
 DOCKERPS=$(docker ps -a -q)
 if [[ $DOCKERPS > 0 ]]
@ -286,15 +276,24 @@ fi
 fi

 # Let's Encrypt
+letsencrypt --version 2> /dev/null
+LE_IS_AVAILABLE=$?
+if [ $LE_IS_AVAILABLE -eq 0 ]
+then
+    letsencrypt --version
+else
+    echo "Installing letsencrypt..."
+    add-apt-repository ppa:certbot/certbot -y
+    apt update -q2
+    apt install letsencrypt -y -q
+fi
+
 # Stop Apache to aviod port conflicts
 a2dissite 000-default.conf
 sudo service apache2 stop

 # Generate certs
-cd /etc
-git clone https://github.com/certbot/certbot.git
-cd /etc/certbot
-./letsencrypt-auto certonly --agree-tos --standalone -d $SUBDOMAIN
+letsencrypt certonly --standalone --agree-tos --rsa-key-size 4096 -d $SUBDOMAIN
 if [[ "$?" == "0" ]]
 then
    echo -e "\e[96m"