gonssal · January 5, 2019 04:25
diff --git a/acme-cpanel.sh b/acme-cpanel.sh
 #!/usr/bin/env sh

 # Basically packs all the instructions in https://github.com/Neilpang/acme.sh/wiki/Simple-guide-to-add-TLS-cert-to-cpanel
 # into a single command, while adding all the default cPanel subdomains. If this is useful to you, consider donating to 
 # the acme.sh creator here: https://donate.acme.sh/.

 ### Change the following variables with your info.
 EMAIL="[email protected]"
 DOMAIN="example.com"
 WEBROOT="${HOME}/public_html/" # Trailing slash required!
 CPANEL_USERNAME="cpuser"

 # Install acme.sh.
 curl https://get.acme.sh | sh
 # Reload bashrc.
 source ~/.bashrc

 # Set your email as contact for the certificate.
 acme.sh --update-account --accountemail $EMAIL

 # Issue the cert.
 acme.sh --issue --webroot "${WEBROOT}" -d "${DOMAIN}" -d "www.${DOMAIN}" --force

 # Add the cert to the cPanel database.
 export DEPLOY_cPanel_USER="${CPANEL_USERNAME}"
 acme.sh --deploy --deploy-hook cpanel_uapi --domain "${DOMAIN}"

 # Force site to HTTPS with .htaccess and set HSTS header.
 # Please note that this requires Apache's mod_rewrite.
 HTACCESS="${WEBROOT}.htaccess"
 if [ ! -f $HTACCESS ]
 then
  touch $HTACCESS
 fi
 if [ -f $HTACCESS ]
 then
  cat <<-HTACCESS > $HTACCESS
 # Added by acme-cpanel.sh to redirect to HTTPS and send HSTS header.
 RewriteCond %{HTTPS} off
 RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
 <IfModule mod_headers.c>
        Header set Strict-Transport-Security "max-age=15768000; " env=HTTPS
 </IfModule>

 $(cat ${HTACCESS})
 HTACCESS
 fi

 # Show tip
 echo "You should run 'crontab -l' to make sure the job for the certificate renewal was successfully created."
	#!/usr/bin/env sh

	# Basically packs all the instructions in https://github.com/Neilpang/acme.sh/wiki/Simple-guide-to-add-TLS-cert-to-cpanel
	# into a single command, while adding all the default cPanel subdomains. If this is useful to you, consider donating to
	# the acme.sh creator here: https://donate.acme.sh/.

	### Change the following variables with your info.
	EMAIL="[email protected]"
	DOMAIN="example.com"
	WEBROOT="${HOME}/public_html/" # Trailing slash required!
	CPANEL_USERNAME="cpuser"

	# Install acme.sh.
	curl https://get.acme.sh \| sh
	# Reload bashrc.
	source ~/.bashrc

	# Set your email as contact for the certificate.
	acme.sh --update-account --accountemail $EMAIL

	# Issue the cert.
	acme.sh --issue --webroot "${WEBROOT}" -d "${DOMAIN}" -d "www.${DOMAIN}" --force

	# Add the cert to the cPanel database.
	export DEPLOY_cPanel_USER="${CPANEL_USERNAME}"
	acme.sh --deploy --deploy-hook cpanel_uapi --domain "${DOMAIN}"

	# Force site to HTTPS with .htaccess and set HSTS header.
	# Please note that this requires Apache's mod_rewrite.
	HTACCESS="${WEBROOT}.htaccess"
	if [ ! -f $HTACCESS ]
	then
	touch $HTACCESS
	fi
	if [ -f $HTACCESS ]
	then
	cat <<-HTACCESS > $HTACCESS
	# Added by acme-cpanel.sh to redirect to HTTPS and send HSTS header.
	RewriteCond %{HTTPS} off
	RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
	<IfModule mod_headers.c>
	Header set Strict-Transport-Security "max-age=15768000; " env=HTTPS
	</IfModule>

	$(cat ${HTACCESS})
	HTACCESS
	fi

	# Show tip
	echo "You should run 'crontab -l' to make sure the job for the certificate renewal was successfully created."