sabbour · December 27, 2024 07:17 · Predictor · Jul 28, 2022 · traxanos · Sep 19, 2022
diff --git a/setup-certbot-openvpn-letsencrypt.sh b/setup-certbot-openvpn-letsencrypt.sh
 #!/bin/bash

 # IMPORTANT: Make sure your VM's network security rules allows access over TCP Port 80.
 #            This is required to pass the HTTP challenge.

 # Download: curl -o setup.sh <raw URL of this gist>
 # Enable execution: sudo chmod +x setup.sh
 # Run: ./setup.sh -d "yourdomain.tld" -e "[email protected]"

 while getopts d:e: option
 do
 case "${option}"
 in
 d) DOMAIN=${OPTARG};;
 e) EMAIL=${OPTARG};;
 esac
 done

 sudo apt-get -y install software-properties-common
 sudo add-apt-repository -y ppa:certbot/certbot
 sudo apt-get -y update
 sudo apt-get -y install certbot

 sudo service openvpnas stop

 # Delete existing certificates
 /usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle
 /usr/local/openvpn_as/scripts/confdba -mk cs.priv_key
 /usr/local/openvpn_as/scripts/confdba -mk cs.cert

 # Generate certificates through Let's Encrypt
 sudo certbot certonly \
  --standalone \
  --non-interactive \
  --agree-tos \
  --email $EMAIL \
  --domains $DOMAIN \
  --pre-hook 'sudo service openvpnas stop' \
  --post-hook 'sudo service openvpnas start'

 # symlink the generated certificates to the OpenVPN certificate location
 sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/cert.pem /usr/local/openvpn_as/etc/web-ssl/server.crt
 sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/privkey.pem /usr/local/openvpn_as/etc/web-ssl/server.key
 sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/fullchain.pem /usr/local/openvpn_as/etc/web-ssl/ca.crt

 # Restart the service to pickup the certs
 sudo service openvpnas restart
	#!/bin/bash

	# IMPORTANT: Make sure your VM's network security rules allows access over TCP Port 80.
	# This is required to pass the HTTP challenge.

	# Download: curl -o setup.sh <raw URL of this gist>
	# Enable execution: sudo chmod +x setup.sh
	# Run: ./setup.sh -d "yourdomain.tld" -e "[email protected]"

	while getopts d:e: option
	do
	case "${option}"
	in
	d) DOMAIN=${OPTARG};;
	e) EMAIL=${OPTARG};;
	esac
	done

	sudo apt-get -y install software-properties-common
	sudo add-apt-repository -y ppa:certbot/certbot
	sudo apt-get -y update
	sudo apt-get -y install certbot

	sudo service openvpnas stop

	# Delete existing certificates
	/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle
	/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key
	/usr/local/openvpn_as/scripts/confdba -mk cs.cert

	# Generate certificates through Let's Encrypt
	sudo certbot certonly \
	--standalone \
	--non-interactive \
	--agree-tos \
	--email $EMAIL \
	--domains $DOMAIN \
	--pre-hook 'sudo service openvpnas stop' \
	--post-hook 'sudo service openvpnas start'

	# symlink the generated certificates to the OpenVPN certificate location
	sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/cert.pem /usr/local/openvpn_as/etc/web-ssl/server.crt
	sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/privkey.pem /usr/local/openvpn_as/etc/web-ssl/server.key
	sudo ln -s -f /etc/letsencrypt/live/$DOMAIN/fullchain.pem /usr/local/openvpn_as/etc/web-ssl/ca.crt

	# Restart the service to pickup the certs
	sudo service openvpnas restart