Re: httpd acme-client renew multiple domains
On Sat, Mar 23, 2019 at 07:05:53PM +0100, Mischa wrote: > Hi Geir, > > I have solved this with a little script. > > ### > #!/bin/sh > OUT=2 > /usr/sbin/acme-client -v www.example.com > if test $? -eq 0 > then EXT=$? > fi > /usr/sbin/acme-client -v www.example1.com > if test $? -eq 0 > then EXT=$? > fi > if test $EXT -eq 0 > then > echo "New certificates installed." > rcctl restart httpd > else echo "No new certificates installed." > fi > ### > > Added the following to cron: > @daily sleep $((RANDOM \% 2048)) && /home/mischa/bin/lets.sh > > Hope this helps. > > Mischa > > > On 23 Mar at 16:39, Geir Svalland wrote: > > Hello > > mtp$ uname -a > > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > > > I'm hosting and serving multiple domains, 5 of them, using httpd. > > The domains are declared in /etc/acme-client.conf, and in my initial > > setup I used the command "acme-client -vAD example.com" on every domain > > to create > > the certs. All of this is working great, but my question is regarding > > updating. > > > > I intend to use a cron job for this, "acme-client example.com && rcctl > > reload httpd" > > but I'm not able to get this working for all of the domains in one > > single command. > > > > Is that possible to do ? > > Or do I have to use 5 differen lines with one domain name on each? > > > > All the best > > Geir Svalland > > > Thank you very much Mischa. Yes, this will do it for me. Very nice. Have a nice weekend. /Geir
Re: httpd acme-client renew multiple domains
On Mon, Mar 25, 2019 at 02:49:01PM +0100, Solene Rapenne wrote: > On Mon, Mar 25, 2019 at 02:27:19PM +0100, Mischa wrote: > > > > > > > On 25 Mar 2019, at 01:40, Stuart Henderson wrote: > > > > > > On 2019-03-23, Mischa wrote: > > >> Hi Geir, > > >> > > >> I have solved this with a little script. > > >> > > >> ### > > >> #!/bin/sh > > >> OUT=2 > > >> /usr/sbin/acme-client -v www.example.com > > >> if test $? -eq 0 > > >> then EXT=$? > > >> fi > > >> /usr/sbin/acme-client -v www.example1.com > > >> if test $? -eq 0 > > >> then EXT=$? > > >> fi > > >> if test $EXT -eq 0 > > >> then > > >>echo "New certificates installed." > > >>rcctl restart httpd > > >> else echo "No new certificates installed." > > >> fi > > >> ### > > > > > > Simpler: > > > > > > for i in www.example.com www.example1.com; do > > > acme-client -v $i && reload=y > > > done > > > [[ -n $reload ]] && rcctl reload httpd > > > > Nice!! I have a couple of more domains in there, so the 'for' becomes a > > little ugly, but I keep forgetting &&. > > It's indeed not needed to use the actual exit code. > > > > Mischa > > > > > > One could easily write something like this: > > #!/bin/sh > > UPDATE=0 > for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf) > do > acme-client $domain > if [ $? -eq 0 ]; then UPDATE=1 fi > done > > if [ $UPDATE -ne 0 ]; then > rcctl restart httpd dovecot smtpd > fi > > you could also handle the exit status per domain if you want more > informations. I did write the script for this mail, it may contains > errors. > Thanks a lot, everybody, for helping. Very nice solutions. /Geir
Re: httpd acme-client renew multiple domains
Hi Mischa, if you like some python i got a small script for multiple domain cert renew on my github. I hope its ok to post the link here https://github.com/rosjat/scripts/blob/master/shell/OpenBSD/acme_renew its nothing fancy and you can modify it for your need or may make it better :) regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: httpd acme-client renew multiple domains
> On 25 Mar 2019, at 14:49, Solene Rapenne wrote: > > On Mon, Mar 25, 2019 at 02:27:19PM +0100, Mischa wrote: >> >> >>> On 25 Mar 2019, at 01:40, Stuart Henderson wrote: >>> >>> On 2019-03-23, Mischa wrote: Hi Geir, I have solved this with a little script. ### #!/bin/sh OUT=2 /usr/sbin/acme-client -v www.example.com if test $? -eq 0 then EXT=$? fi /usr/sbin/acme-client -v www.example1.com if test $? -eq 0 then EXT=$? fi if test $EXT -eq 0 then echo "New certificates installed." rcctl restart httpd else echo "No new certificates installed." fi ### >>> >>> Simpler: >>> >>> for i in www.example.com www.example1.com; do >>> acme-client -v $i && reload=y >>> done >>> [[ -n $reload ]] && rcctl reload httpd >> >> Nice!! I have a couple of more domains in there, so the 'for' becomes a >> little ugly, but I keep forgetting &&. >> It's indeed not needed to use the actual exit code. >> >> Mischa >> >> > > One could easily write something like this: > > #!/bin/sh > > UPDATE=0 > for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf) > do > acme-client $domain > if [ $? -eq 0 ]; then UPDATE=1 fi > done > > if [ $UPDATE -ne 0 ]; then > rcctl restart httpd dovecot smtpd > fi > > you could also handle the exit status per domain if you want more > informations. I did write the script for this mail, it may contains > errors. Hi Solene, Love it! Going to combine both suggestions. Thanx! Mischa
Re: httpd acme-client renew multiple domains
On Mon, Mar 25, 2019 at 02:27:19PM +0100, Mischa wrote: > > > > On 25 Mar 2019, at 01:40, Stuart Henderson wrote: > > > > On 2019-03-23, Mischa wrote: > >> Hi Geir, > >> > >> I have solved this with a little script. > >> > >> ### > >> #!/bin/sh > >> OUT=2 > >> /usr/sbin/acme-client -v www.example.com > >> if test $? -eq 0 > >> then EXT=$? > >> fi > >> /usr/sbin/acme-client -v www.example1.com > >> if test $? -eq 0 > >> then EXT=$? > >> fi > >> if test $EXT -eq 0 > >> then > >>echo "New certificates installed." > >>rcctl restart httpd > >> else echo "No new certificates installed." > >> fi > >> ### > > > > Simpler: > > > > for i in www.example.com www.example1.com; do > > acme-client -v $i && reload=y > > done > > [[ -n $reload ]] && rcctl reload httpd > > Nice!! I have a couple of more domains in there, so the 'for' becomes a > little ugly, but I keep forgetting &&. > It's indeed not needed to use the actual exit code. > > Mischa > > One could easily write something like this: #!/bin/sh UPDATE=0 for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf) do acme-client $domain if [ $? -eq 0 ]; then UPDATE=1 fi done if [ $UPDATE -ne 0 ]; then rcctl restart httpd dovecot smtpd fi you could also handle the exit status per domain if you want more informations. I did write the script for this mail, it may contains errors.
Re: httpd acme-client renew multiple domains
> On 25 Mar 2019, at 01:40, Stuart Henderson wrote: > > On 2019-03-23, Mischa wrote: >> Hi Geir, >> >> I have solved this with a little script. >> >> ### >> #!/bin/sh >> OUT=2 >> /usr/sbin/acme-client -v www.example.com >> if test $? -eq 0 >> then EXT=$? >> fi >> /usr/sbin/acme-client -v www.example1.com >> if test $? -eq 0 >> then EXT=$? >> fi >> if test $EXT -eq 0 >> then >>echo "New certificates installed." >>rcctl restart httpd >> else echo "No new certificates installed." >> fi >> ### > > Simpler: > > for i in www.example.com www.example1.com; do > acme-client -v $i && reload=y > done > [[ -n $reload ]] && rcctl reload httpd Nice!! I have a couple of more domains in there, so the 'for' becomes a little ugly, but I keep forgetting &&. It's indeed not needed to use the actual exit code. Mischa
Re: httpd acme-client renew multiple domains
On Mon, Mar 25, 2019 at 12:40:23AM -, Stuart Henderson wrote: > On 2019-03-23, Mischa wrote: > > Hi Geir, > > > > I have solved this with a little script. > > > > ### > > #!/bin/sh > > OUT=2 > > /usr/sbin/acme-client -v www.example.com > > if test $? -eq 0 > > then EXT=$? > > fi > > /usr/sbin/acme-client -v www.example1.com > > if test $? -eq 0 > > then EXT=$? > > fi > > if test $EXT -eq 0 > > then > > echo "New certificates installed." > > rcctl restart httpd > > else echo "No new certificates installed." > > fi > > ### > > Simpler: > > for i in www.example.com www.example1.com; do > acme-client -v $i && reload=y > done > [[ -n $reload ]] && rcctl reload httpd > > Thanks a lot. /Geir
Re: httpd acme-client renew multiple domains
On Sat, Mar 23, 2019 at 07:05:53PM +0100, Mischa wrote: > Hi Geir, > > I have solved this with a little script. > > ### > #!/bin/sh > OUT=2 > /usr/sbin/acme-client -v www.example.com > if test $? -eq 0 > then EXT=$? > fi > /usr/sbin/acme-client -v www.example1.com > if test $? -eq 0 > then EXT=$? > fi > if test $EXT -eq 0 > then > echo "New certificates installed." > rcctl restart httpd > else echo "No new certificates installed." > fi > ### > > Added the following to cron: > @daily sleep $((RANDOM \% 2048)) && /home/mischa/bin/lets.sh > > Hope this helps. > > Mischa > > > On 23 Mar at 16:39, Geir Svalland wrote: > > Hello > > mtp$ uname -a > > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > > > I'm hosting and serving multiple domains, 5 of them, using httpd. > > The domains are declared in /etc/acme-client.conf, and in my initial > > setup I used the command "acme-client -vAD example.com" on every domain > > to create > > the certs. All of this is working great, but my question is regarding > > updating. > > > > I intend to use a cron job for this, "acme-client example.com && rcctl > > reload httpd" > > but I'm not able to get this working for all of the domains in one > > single command. > > > > Is that possible to do ? > > Or do I have to use 5 differen lines with one domain name on each? > > > > All the best > > Geir Svalland > > > Thank you very much for your answer Mischa. I will use your solution. /Geir
Re: httpd acme-client renew multiple domains
On 2019-03-23, Mischa wrote: > Hi Geir, > > I have solved this with a little script. > > ### > #!/bin/sh > OUT=2 > /usr/sbin/acme-client -v www.example.com > if test $? -eq 0 > then EXT=$? > fi > /usr/sbin/acme-client -v www.example1.com > if test $? -eq 0 > then EXT=$? > fi > if test $EXT -eq 0 > then > echo "New certificates installed." > rcctl restart httpd > else echo "No new certificates installed." > fi > ### Simpler: for i in www.example.com www.example1.com; do acme-client -v $i && reload=y done [[ -n $reload ]] && rcctl reload httpd
Re: httpd acme-client renew multiple domains
On 2019-03-23 22:18, Sebastian Benoit wrote: > Geir Svalland(thorshamm...@outlook.com) on 2019.03.23 15:39:13 +: >> Hello >> mtp$ uname -a >> OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 >> >> I'm hosting and serving multiple domains, 5 of them, using httpd. >> The domains are declared in /etc/acme-client.conf, and in my initial >> setup I used the command "acme-client -vAD example.com" on every domain >> to create >> the certs. All of this is working great, but my question is regarding >> updating. >> >> I intend to use a cron job for this, "acme-client example.com && rcctl >> reload httpd" >> but I'm not able to get this working for all of the domains in one >> single command. >> >> Is that possible to do ? >> Or do I have to use 5 differen lines with one domain name on each? > Currently acme-client does not do that. > > Use mishas script. > > Or modify acme-client to itterate over all domains in the config file. > If you do that, i suggest to only do it for the renew case. Thank you very much for your answer Sebastian. Yes, I will use Mischas script. /Geir
Re: httpd acme-client renew multiple domains
Geir Svalland(thorshamm...@outlook.com) on 2019.03.23 15:39:13 +: > Hello > mtp$ uname -a > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > I'm hosting and serving multiple domains, 5 of them, using httpd. > The domains are declared in /etc/acme-client.conf, and in my initial > setup I used the command "acme-client -vAD example.com" on every domain > to create > the certs. All of this is working great, but my question is regarding > updating. > > I intend to use a cron job for this, "acme-client example.com && rcctl > reload httpd" > but I'm not able to get this working for all of the domains in one > single command. > > Is that possible to do ? > Or do I have to use 5 differen lines with one domain name on each? Currently acme-client does not do that. Use mishas script. Or modify acme-client to itterate over all domains in the config file. If you do that, i suggest to only do it for the renew case.
Re: httpd acme-client renew multiple domains
Hi Geir, I have solved this with a little script. ### #!/bin/sh OUT=2 /usr/sbin/acme-client -v www.example.com if test $? -eq 0 then EXT=$? fi /usr/sbin/acme-client -v www.example1.com if test $? -eq 0 then EXT=$? fi if test $EXT -eq 0 then echo "New certificates installed." rcctl restart httpd else echo "No new certificates installed." fi ### Added the following to cron: @daily sleep $((RANDOM \% 2048)) && /home/mischa/bin/lets.sh Hope this helps. Mischa On 23 Mar at 16:39, Geir Svalland wrote: > Hello > mtp$ uname -a > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > I'm hosting and serving multiple domains, 5 of them, using httpd. > The domains are declared in /etc/acme-client.conf, and in my initial > setup I used the command "acme-client -vAD example.com" on every domain > to create > the certs. All of this is working great, but my question is regarding > updating. > > I intend to use a cron job for this, "acme-client example.com && rcctl > reload httpd" > but I'm not able to get this working for all of the domains in one > single command. > > Is that possible to do ? > Or do I have to use 5 differen lines with one domain name on each? > > All the best > Geir Svalland >