|
|
|
@ -8,14 +8,19 @@ fi |
|
|
|
|
# Specify hostname |
|
|
|
|
echo $HOSTNAME > /haraka/config/me |
|
|
|
|
|
|
|
|
|
# Get and install certificates from Let's Encrypt |
|
|
|
|
if [ ! -d /haraka/config/tls ]; then |
|
|
|
|
certbot certonly -n --agree-tos --email "$EMAIL" -d "$HOSTNAME" --standalone --preferred-challenges http |
|
|
|
|
# Create tls directory if it doesn't |
|
|
|
|
mkdir -p /haraka/config/tls |
|
|
|
|
|
|
|
|
|
cd /haraka/config/tls |
|
|
|
|
ln -s /etc/letsencrypt/live/$HOSTNAME/privkey.pem tls-key.pem |
|
|
|
|
ln -s /etc/letsencrypt/live/$HOSTNAME/fullchain.pem tls-cert.pem |
|
|
|
|
cd - |
|
|
|
|
if [ "${USE_LETSENCRYPT,,}" == "yes" -o "${USE_LETSENCRYPT,,}" == "true" ]; then |
|
|
|
|
# Get and install certificates from Let's Encrypt |
|
|
|
|
certbot certonly -n --agree-tos --email "$EMAIL" -d "$HOSTNAME" --standalone --preferred-challenges http |
|
|
|
|
ln -sf /etc/letsencrypt/live/$HOSTNAME/privkey.pem tls-key.pem |
|
|
|
|
ln -sf /etc/letsencrypt/live/$HOSTNAME/fullchain.pem tls-cert.pem |
|
|
|
|
else |
|
|
|
|
# Generate a self-signed certificate for the hostname provided |
|
|
|
|
openssl req -subj "/O=Self Signed Certificate/CN=$HOSTNAME" -new -newkey rsa:4096 -days 365 -nodes -x509 -sha256 -keyout tls-key.pem -out tls-cert.pem |
|
|
|
|
fi |
|
|
|
|
cd - |
|
|
|
|
|
|
|
|
|
haraka -c /haraka |
|
|
|
|