#!/bin/bash
certbot certonly --force-renew \
--dns-cloudflare \
--dns-cloudflare-credentials /root/.secrets/cloudflare.ini \
--dns-cloudflare-propagation-seconds 60 \
-d example.com
# create backup of exist certificate
cp /etc/ssl/example.com/example.com.pem /etc/ssl/example.com/example.com.pem_`date +%Y-%m-%d`
# change directory and create certificate
cd /etc/letsencrypt/live/example.com/
cat fullchain.pem privkey.pem > /etc/ssl/example.com/example.com.pem
haproxy -c -V -f /etc/haproxy/haproxy.cfg
if [[ $? == 0 ]]; then
echo "Restarting HAProxy service..."
systemctl restart haproxy.service
else
echo "Cannot restart HAProxy service because test configuration is failed..."
fi
