Skip to content

SAN more better #1

New issue
New issue
Closed
Closed
SAN more better#1
@mrjones-plip

Description

@mrjones-plip
mrjones-plip
opened on Mar 6, 2021

right now we use SAN calls for just 2 per user. However, we could stack them up a LOT more and be able to on-board hundreds of users at once given 100 Names per Certificate.

This code was in there but then I realized you'd have trouble re-running the script for just a user or two b/c they'd be wedged in there with other SANs and you'd end up with a LOT of extra certs. Maybe that'd be ok and it's just work out 🤷 ?

echo ""
echo " ------ Fetching certs from Let's Encrypt... ------ "
echo ""
COUNTER=0
SUBCOUNTER=0
for i in "${VALID_USERS[@]}"; do
  FQDN="${i}.${DOMAIN}"
  FQDN_ssl="${i}-ssl.${DOMAIN}"
  if [[ $COUNTER != 0 ]] ; then
    DOMAINS="${FQDN},${FQDN_ssl},${DOMAINS}"
  else
    DOMAINS="${FQDN},${FQDN_ssl}"
  fi
  let COUNTER++
  let SUBCOUNTER++

  # run certbot with every 40 domains (2 x per user, so SUBCOUNTER
  # at 20) or at end of array
  if [[ ${#VALID_USERS[@]} == $COUNTER ]] || [[ $SUBCOUNTER == 20 ]]; then
    SUBCOUNTER=0
    sudo certbot  --apache   --non-interactive   --agree-tos   --email $EMAIL -d $DOMAINS
  fi
done

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions