Re: httpd acme-client renew multiple domains
On Sat, Mar 23, 2019 at 07:05:53PM +0100, Mischa wrote: > Hi Geir, > > I have solved this with a little script. > > ### > #!/bin/sh > OUT=2 > /usr/sbin/acme-client -v www.example.com > if test $? -eq 0 > then EXT=$? > fi > /usr/sbin/acme-client -v www.example1.com > if test $? -eq 0 > then EXT=$? > fi > if test $EXT -eq 0 > then > echo "New certificates installed." > rcctl restart httpd > else echo "No new certificates installed." > fi > ### > > Added the following to cron: > @daily sleep $((RANDOM \% 2048)) && /home/mischa/bin/lets.sh > > Hope this helps. > > Mischa > > > On 23 Mar at 16:39, Geir Svalland wrote: > > Hello > > mtp$ uname -a > > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > > > I'm hosting and serving multiple domains, 5 of them, using httpd. > > The domains are declared in /etc/acme-client.conf, and in my initial > > setup I used the command "acme-client -vAD example.com" on every domain > > to create > > the certs. All of this is working great, but my question is regarding > > updating. > > > > I intend to use a cron job for this, "acme-client example.com && rcctl > > reload httpd" > > but I'm not able to get this working for all of the domains in one > > single command. > > > > Is that possible to do ? > > Or do I have to use 5 differen lines with one domain name on each? > > > > All the best > > Geir Svalland > > > Thank you very much Mischa. Yes, this will do it for me. Very nice. Have a nice weekend. /Geir
Re: httpd acme-client renew multiple domains
On Mon, Mar 25, 2019 at 02:49:01PM +0100, Solene Rapenne wrote:
> On Mon, Mar 25, 2019 at 02:27:19PM +0100, Mischa wrote:
> >
> >
> > > On 25 Mar 2019, at 01:40, Stuart Henderson wrote:
> > >
> > > On 2019-03-23, Mischa wrote:
> > >> Hi Geir,
> > >>
> > >> I have solved this with a little script.
> > >>
> > >> ###
> > >> #!/bin/sh
> > >> OUT=2
> > >> /usr/sbin/acme-client -v www.example.com
> > >> if test $? -eq 0
> > >> then EXT=$?
> > >> fi
> > >> /usr/sbin/acme-client -v www.example1.com
> > >> if test $? -eq 0
> > >> then EXT=$?
> > >> fi
> > >> if test $EXT -eq 0
> > >> then
> > >>echo "New certificates installed."
> > >>rcctl restart httpd
> > >> else echo "No new certificates installed."
> > >> fi
> > >> ###
> > >
> > > Simpler:
> > >
> > > for i in www.example.com www.example1.com; do
> > > acme-client -v $i && reload=y
> > > done
> > > [[ -n $reload ]] && rcctl reload httpd
> >
> > Nice!! I have a couple of more domains in there, so the 'for' becomes a
> > little ugly, but I keep forgetting &&.
> > It's indeed not needed to use the actual exit code.
> >
> > Mischa
> >
> >
>
> One could easily write something like this:
>
> #!/bin/sh
>
> UPDATE=0
> for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf)
> do
> acme-client $domain
> if [ $? -eq 0 ]; then UPDATE=1 fi
> done
>
> if [ $UPDATE -ne 0 ]; then
> rcctl restart httpd dovecot smtpd
> fi
>
> you could also handle the exit status per domain if you want more
> informations. I did write the script for this mail, it may contains
> errors.
>
Thanks a lot, everybody, for helping.
Very nice solutions.
/Geir
Re: httpd acme-client renew multiple domains
Hi Mischa, if you like some python i got a small script for multiple domain cert renew on my github. I hope its ok to post the link here https://github.com/rosjat/scripts/blob/master/shell/OpenBSD/acme_renew its nothing fancy and you can modify it for your need or may make it better :) regards -- Markus Rosjatfon: +49 351 8107224mail: ros...@ghweb.de G+H Webservice GbR Gorzolla, Herrmann Königsbrücker Str. 70, 01099 Dresden http://www.ghweb.de fon: +49 351 8107220 fax: +49 351 8107227 Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you print it, think about your responsibility and commitment to the ENVIRONMENT
Re: httpd acme-client renew multiple domains
> On 25 Mar 2019, at 14:49, Solene Rapenne wrote:
>
> On Mon, Mar 25, 2019 at 02:27:19PM +0100, Mischa wrote:
>>
>>
>>> On 25 Mar 2019, at 01:40, Stuart Henderson wrote:
>>>
>>> On 2019-03-23, Mischa wrote:
Hi Geir,
I have solved this with a little script.
###
#!/bin/sh
OUT=2
/usr/sbin/acme-client -v www.example.com
if test $? -eq 0
then EXT=$?
fi
/usr/sbin/acme-client -v www.example1.com
if test $? -eq 0
then EXT=$?
fi
if test $EXT -eq 0
then
echo "New certificates installed."
rcctl restart httpd
else echo "No new certificates installed."
fi
###
>>>
>>> Simpler:
>>>
>>> for i in www.example.com www.example1.com; do
>>> acme-client -v $i && reload=y
>>> done
>>> [[ -n $reload ]] && rcctl reload httpd
>>
>> Nice!! I have a couple of more domains in there, so the 'for' becomes a
>> little ugly, but I keep forgetting &&.
>> It's indeed not needed to use the actual exit code.
>>
>> Mischa
>>
>>
>
> One could easily write something like this:
>
> #!/bin/sh
>
> UPDATE=0
> for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf)
> do
> acme-client $domain
> if [ $? -eq 0 ]; then UPDATE=1 fi
> done
>
> if [ $UPDATE -ne 0 ]; then
> rcctl restart httpd dovecot smtpd
> fi
>
> you could also handle the exit status per domain if you want more
> informations. I did write the script for this mail, it may contains
> errors.
Hi Solene,
Love it!
Going to combine both suggestions.
Thanx!
Mischa
Re: httpd acme-client renew multiple domains
On Mon, Mar 25, 2019 at 02:27:19PM +0100, Mischa wrote:
>
>
> > On 25 Mar 2019, at 01:40, Stuart Henderson wrote:
> >
> > On 2019-03-23, Mischa wrote:
> >> Hi Geir,
> >>
> >> I have solved this with a little script.
> >>
> >> ###
> >> #!/bin/sh
> >> OUT=2
> >> /usr/sbin/acme-client -v www.example.com
> >> if test $? -eq 0
> >> then EXT=$?
> >> fi
> >> /usr/sbin/acme-client -v www.example1.com
> >> if test $? -eq 0
> >> then EXT=$?
> >> fi
> >> if test $EXT -eq 0
> >> then
> >>echo "New certificates installed."
> >>rcctl restart httpd
> >> else echo "No new certificates installed."
> >> fi
> >> ###
> >
> > Simpler:
> >
> > for i in www.example.com www.example1.com; do
> > acme-client -v $i && reload=y
> > done
> > [[ -n $reload ]] && rcctl reload httpd
>
> Nice!! I have a couple of more domains in there, so the 'for' becomes a
> little ugly, but I keep forgetting &&.
> It's indeed not needed to use the actual exit code.
>
> Mischa
>
>
One could easily write something like this:
#!/bin/sh
UPDATE=0
for domain in $(awk '/^domain/ { print $2 }' /etc/acme-client.conf)
do
acme-client $domain
if [ $? -eq 0 ]; then UPDATE=1 fi
done
if [ $UPDATE -ne 0 ]; then
rcctl restart httpd dovecot smtpd
fi
you could also handle the exit status per domain if you want more
informations. I did write the script for this mail, it may contains
errors.
Re: httpd acme-client renew multiple domains
> On 25 Mar 2019, at 01:40, Stuart Henderson wrote: > > On 2019-03-23, Mischa wrote: >> Hi Geir, >> >> I have solved this with a little script. >> >> ### >> #!/bin/sh >> OUT=2 >> /usr/sbin/acme-client -v www.example.com >> if test $? -eq 0 >> then EXT=$? >> fi >> /usr/sbin/acme-client -v www.example1.com >> if test $? -eq 0 >> then EXT=$? >> fi >> if test $EXT -eq 0 >> then >>echo "New certificates installed." >>rcctl restart httpd >> else echo "No new certificates installed." >> fi >> ### > > Simpler: > > for i in www.example.com www.example1.com; do > acme-client -v $i && reload=y > done > [[ -n $reload ]] && rcctl reload httpd Nice!! I have a couple of more domains in there, so the 'for' becomes a little ugly, but I keep forgetting &&. It's indeed not needed to use the actual exit code. Mischa
Re: httpd acme-client renew multiple domains
On Mon, Mar 25, 2019 at 12:40:23AM -, Stuart Henderson wrote: > On 2019-03-23, Mischa wrote: > > Hi Geir, > > > > I have solved this with a little script. > > > > ### > > #!/bin/sh > > OUT=2 > > /usr/sbin/acme-client -v www.example.com > > if test $? -eq 0 > > then EXT=$? > > fi > > /usr/sbin/acme-client -v www.example1.com > > if test $? -eq 0 > > then EXT=$? > > fi > > if test $EXT -eq 0 > > then > > echo "New certificates installed." > > rcctl restart httpd > > else echo "No new certificates installed." > > fi > > ### > > Simpler: > > for i in www.example.com www.example1.com; do > acme-client -v $i && reload=y > done > [[ -n $reload ]] && rcctl reload httpd > > Thanks a lot. /Geir
Re: httpd acme-client renew multiple domains
On Sat, Mar 23, 2019 at 07:05:53PM +0100, Mischa wrote: > Hi Geir, > > I have solved this with a little script. > > ### > #!/bin/sh > OUT=2 > /usr/sbin/acme-client -v www.example.com > if test $? -eq 0 > then EXT=$? > fi > /usr/sbin/acme-client -v www.example1.com > if test $? -eq 0 > then EXT=$? > fi > if test $EXT -eq 0 > then > echo "New certificates installed." > rcctl restart httpd > else echo "No new certificates installed." > fi > ### > > Added the following to cron: > @daily sleep $((RANDOM \% 2048)) && /home/mischa/bin/lets.sh > > Hope this helps. > > Mischa > > > On 23 Mar at 16:39, Geir Svalland wrote: > > Hello > > mtp$ uname -a > > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > > > I'm hosting and serving multiple domains, 5 of them, using httpd. > > The domains are declared in /etc/acme-client.conf, and in my initial > > setup I used the command "acme-client -vAD example.com" on every domain > > to create > > the certs. All of this is working great, but my question is regarding > > updating. > > > > I intend to use a cron job for this, "acme-client example.com && rcctl > > reload httpd" > > but I'm not able to get this working for all of the domains in one > > single command. > > > > Is that possible to do ? > > Or do I have to use 5 differen lines with one domain name on each? > > > > All the best > > Geir Svalland > > > Thank you very much for your answer Mischa. I will use your solution. /Geir
Re: httpd acme-client renew multiple domains
On 2019-03-23, Mischa wrote: > Hi Geir, > > I have solved this with a little script. > > ### > #!/bin/sh > OUT=2 > /usr/sbin/acme-client -v www.example.com > if test $? -eq 0 > then EXT=$? > fi > /usr/sbin/acme-client -v www.example1.com > if test $? -eq 0 > then EXT=$? > fi > if test $EXT -eq 0 > then > echo "New certificates installed." > rcctl restart httpd > else echo "No new certificates installed." > fi > ### Simpler: for i in www.example.com www.example1.com; do acme-client -v $i && reload=y done [[ -n $reload ]] && rcctl reload httpd
Re: httpd acme-client renew multiple domains
On 2019-03-23 22:18, Sebastian Benoit wrote: > Geir Svalland(thorshamm...@outlook.com) on 2019.03.23 15:39:13 +: >> Hello >> mtp$ uname -a >> OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 >> >> I'm hosting and serving multiple domains, 5 of them, using httpd. >> The domains are declared in /etc/acme-client.conf, and in my initial >> setup I used the command "acme-client -vAD example.com" on every domain >> to create >> the certs. All of this is working great, but my question is regarding >> updating. >> >> I intend to use a cron job for this, "acme-client example.com && rcctl >> reload httpd" >> but I'm not able to get this working for all of the domains in one >> single command. >> >> Is that possible to do ? >> Or do I have to use 5 differen lines with one domain name on each? > Currently acme-client does not do that. > > Use mishas script. > > Or modify acme-client to itterate over all domains in the config file. > If you do that, i suggest to only do it for the renew case. Thank you very much for your answer Sebastian. Yes, I will use Mischas script. /Geir
Re: httpd acme-client renew multiple domains
Geir Svalland(thorshamm...@outlook.com) on 2019.03.23 15:39:13 +: > Hello > mtp$ uname -a > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > I'm hosting and serving multiple domains, 5 of them, using httpd. > The domains are declared in /etc/acme-client.conf, and in my initial > setup I used the command "acme-client -vAD example.com" on every domain > to create > the certs. All of this is working great, but my question is regarding > updating. > > I intend to use a cron job for this, "acme-client example.com && rcctl > reload httpd" > but I'm not able to get this working for all of the domains in one > single command. > > Is that possible to do ? > Or do I have to use 5 differen lines with one domain name on each? Currently acme-client does not do that. Use mishas script. Or modify acme-client to itterate over all domains in the config file. If you do that, i suggest to only do it for the renew case.
Re: httpd acme-client renew multiple domains
Hi Geir, I have solved this with a little script. ### #!/bin/sh OUT=2 /usr/sbin/acme-client -v www.example.com if test $? -eq 0 then EXT=$? fi /usr/sbin/acme-client -v www.example1.com if test $? -eq 0 then EXT=$? fi if test $EXT -eq 0 then echo "New certificates installed." rcctl restart httpd else echo "No new certificates installed." fi ### Added the following to cron: @daily sleep $((RANDOM \% 2048)) && /home/mischa/bin/lets.sh Hope this helps. Mischa On 23 Mar at 16:39, Geir Svalland wrote: > Hello > mtp$ uname -a > OpenBSD smtp.thorshammare.org 6.4 GENERIC.MP#8 amd64 > > I'm hosting and serving multiple domains, 5 of them, using httpd. > The domains are declared in /etc/acme-client.conf, and in my initial > setup I used the command "acme-client -vAD example.com" on every domain > to create > the certs. All of this is working great, but my question is regarding > updating. > > I intend to use a cron job for this, "acme-client example.com && rcctl > reload httpd" > but I'm not able to get this working for all of the domains in one > single command. > > Is that possible to do ? > Or do I have to use 5 differen lines with one domain name on each? > > All the best > Geir Svalland >
