forked from dehydrated-io/dehydrated
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ssh_hook.sh
executable file
·52 lines (40 loc) · 1.03 KB
/
ssh_hook.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/bash
#
# Deploy letsencrypt certificates via ssh.
#
# Use in conjunction with "ssh_filter_letsencrypt.sh".
#
set -e
set -u
set -o pipefail
declare -A rsh
### config section ###
rsh[example.org]="ssh -i /etc/ssh/id_rsa.letsencrypt [email protected]"
rsh[www.example.org]="ssh -i /etc/ssh/id_rsa.letsencrypt [email protected]"
### end config section ###
command=$1
domain=$2
if [[ -z "${domain}" ]]; then
# clean_challenge is sometimes called with empty domain!
echo " * ssh_hook.sh: ERROR: empty domain string! (command=${command})..." >&2
exit 1
fi
echo " * ssh_hook.sh: ${command} for ${domain}..."
case $command in
deploy_challenge|clean_challenge)
${rsh[$domain]} $@
;;
deploy_cert)
privkey=$3
cert=$4
fullchain=$5
cat $privkey | ${rsh[$domain]} deploy_privkey $domain
cat $cert | ${rsh[$domain]} deploy_cert $domain
cat $fullchain | ${rsh[$domain]} deploy_fullchain $domain
;;
*)
echo "ssh_hook.sh: illegal command: ${command}" >&2
exit 1
;;
esac
exit 0