Create temporary cert process so that nginx can start. Still need to figure out if/how certbot will attempt to renew domains in conf.d. Lowered the cert days in case it checks that.

2023-07-05 21:17:14 -07:00
parent 8fa7adb2d3
commit cea611c81c
4 changed files with 33 additions and 10 deletions
--- a/Config/ReverseProxy/create_placeholder_certs.sh
+++ b/Config/ReverseProxy/create_placeholder_certs.sh
@ -0,0 +1,30 @@
+#!/bin/bash
+# Create a fake cert for each file in config/conf.d/.
+
+DIR=`dirname $0`
+if [[ $DIR == \.* ]]; then
+	DIR=`pwd`
+fi
+
+# Where the files need to live.
+CERT_DIR=$DIR/../../Volumes/ReverseProxy/letsencrypt-certs
+echo "CERT_DIR=$CERT_DIR"
+
+# Create the directory if it does not exist.
+mkdir -pv $DIR/../../Volumes/ReverseProxy/letsencrypt-certs
+
+# Loop over the proxy configuration files and ensure they have certs.
+ls $DIR/config/conf.d/*.* | while read file; do
+	filename=`basename $file`
+	echo "Checking $filename:"
+	if [[ ! -d $CERT_DIR/$filename ]]; then
+		echo "  Creating self-signed certs at $CERT_DIR/$filename."
+		mkdir -pv $CERT_DIR/$filename
+		openssl req -new -x509 -days 3 -nodes \
+				-out $CERT_DIR/$filename/fullchain.pem \
+				-keyout $CERT_DIR/$filename/privkey.pem \
+				-subj "/CN=$filename/O=$filename/C=XX"
+	else
+		echo "  Certs already exist!"
+	fi
+done