#!/bin/sh
# url: http://pank.org/scripts/
# description: letsencrypt auto script for Apache
# comment: csh bash
# platform: linux

if [ -d /usr/local/apache ] ; then
    P=/usr/local/apache
else
    P=/usr/local
fi

if [ -d $P/letsencrypt.sh ] ; then
    echo $P/letsencrypt.sh already existed.
    exit
fi

cd $P
git clone https://github.com/lukas2511/letsencrypt.sh
cd letsencrypt.sh
echo -n "Your domains ($HOSTNAME): "
read DOMAINS
[ -z $DOMAINS ] && DOMAINS=$HOSTNAME
echo -n "Web document root: "
read BASEDIR
WELLKNOWN=$BASEDIR/.well-known/acme-challenge
echo $DOMAINS > domains.txt
mkdir -p $WELLKNOWN
echo '#!/usr/bin/env bash' > config.sh
echo WELLKNOWN=$WELLKNOWN >> config.sh
iptables -I INPUT -s 66.133.109.36 -j ACCEPT
iptables -I INPUT -s 64.78.149.164 -j ACCEPT
./letsencrypt.sh -c -f config.sh
CONF=/usr/local/apache/conf/httpd.conf
SSL_CONF=/usr/local/apache/conf/extra/httpd-ssl.conf
DOMAIN=`echo $DOMAINS | awk '{print $1}'`
CERTS_P=$P/letsencrypt.sh/certs/$DOMAIN
if [ -f $SSL_CONF ] ; then
    sed -i 's:#Include conf/extra/httpd-ssl.conf:Include conf/extra/httpd-ssl.conf:' $CONF
    sed -i -e "/#SSLCertificateFile/{i SSLCertificateFile $CERTS_P/cert.pem" -e ":a;$q;n;ba;}" $SSL_CONF
    sed -i -e "/#SSLCertificateKeyFile/{i SSLCertificateKeyFile $CERTS_P/privkey.pem" -e ":a;$q;n;ba;}" $SSL_CONF
    sed -i -e "/#SSLCertificateChainFile/{i SSLCertificateChainFile $CERTS_P/chain.pem" -e ":a;$q;n;ba;}" $SSL_CONF
    sed -i -e "/#SSLCACertificateFile/{i SSLCACertificateFile $CERTS_P/fullchain.pem" -e ":a;$q;n;ba;}" $SSL_CONF
    echo The following config added to $SSL_CONF
    echo
    grep $DOMAIN $SSL_CONF
    echo
    echo Please check config and restart Apache
else
    echo "$SSL_CONF not found, please add following config to httpd-ssl.conf
SSLCertificateFile $CERTS_P/cert.pem
SSLCertificateKeyFile $CERTS_P/privkey.pem
SSLCertificateChainFile $CERTS_P/chain.pem
SSLCACertificateFile $CERTS_P/fullchain.pem
"        
fi