diff --git a/certbot.sh b/certbot.sh index e5fae77..6f1b905 100644 --- a/certbot.sh +++ b/certbot.sh @@ -33,27 +33,20 @@ case $1 in "https://api.${SUTTY}/v1/sites.json" \ 2>"${headers}" \ | jq --raw-output .[] \ - | while read name; do - # If the site name doesn't end with a dot, it's a subdomain - domain="$(echo "${name}" | sed "s/[^\.]$/&.${SUTTY}/")" - domain="${domain%.}" + | while read domain; do + # Skip already existing domains + test -d "/etc/letsencrypt/live/${domain}" && continue - # Generate a certificate for www also - for d in ${domain} www.${domain}; do - # Skip already existing domains - test -d "/etc/letsencrypt/live/${d}" && continue + # Ignore non local domains + nslookup "${domain}" 8.8.8.8 | grep -q "${SUTTY_ADDRESS}" || continue - # Ignore non local domains - nslookup "${d}" 8.8.8.8 | grep -q "${SUTTY_ADDRESS}" || continue - - # Get the certificate for the domain, the webserver will need - # access to this directory - /usr/bin/certbot certonly --email "certbot@${SUTTY}" \ - --webroot \ - --agree-tos \ - --webroot-path /var/lib/letsencrypt \ - -d "${d}" - done + # Get the certificate for the domain, the webserver will need + # access to this directory + /usr/bin/certbot certonly --email "certbot@${SUTTY}" \ + --webroot \ + --agree-tos \ + --webroot-path /var/lib/letsencrypt \ + -d "${domain}" done esac