non-interactive certbot

2 files changed, 21 insertions, 3 deletions

diff --git a/regional-currency/config_nginx.sh b/regional-currency/config_nginx.sh
index 2fe561c..745b3e4 100755
--- a/regional-currency/config_nginx.sh
+++ b/regional-currency/config_nginx.sh
@@ -25,9 +25,10 @@ if test "${ENABLE_TLS}" == "y"; then
 
   # Certbot
 
-  say "Obtaining TLS certificates"
+  say "Obtaining TLS certificates using Let's Encrypt"
 
-  certbot --nginx -d backend."${DOMAIN_NAME}" \
+  certbot --nginx -n --agree-tos -m ${TLS_EMAIL} \
+    -d backend."${DOMAIN_NAME}" \
     -d bank."${DOMAIN_NAME}" \
     -d exchange."${DOMAIN_NAME}"
 else
diff --git a/regional-currency/functions.sh b/regional-currency/functions.sh
index af217e7..9acc3f1 100755
--- a/regional-currency/functions.sh
+++ b/regional-currency/functions.sh
@@ -57,9 +57,26 @@ function ask_questions() {
     echo "DOMAIN_NAME=${DOMAIN_NAME}" >>config/user.conf
   fi
   if test -z "${ENABLE_TLS:-}"; then
-    read -r -p "Use TLS? (y/n): " ENABLE_TLS
+    read -r -p "Setup TLS using Let's Encrypt? (y/n): " ENABLE_TLS
     echo "ENABLE_TLS=${ENABLE_TLS}" >>config/user.conf
   fi
+  if test -z "${TLS_EMAIL:-}"; then
+    if test "${ENABLE_TLS:-}" == y; then
+      read -r -p "Enter an email address for Let's Encrypt: " TLS_EMAIL
+      echo "TLS_EMAIL=${TLS_EMAIL}" >>config/user.conf
+    fi
+  fi
+  if test -z "${TLS_TOS:-}"; then
+    if test "${ENABLE_TLS:-}" == y; then
+      echo "Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf."
+      read -r -p "You must agree in order to register with the ACME server. Do you agree? (y/n): " TLS_TOS
+      if test "${TLS_TOS:-y}" != y; then
+        say "You must agree in order to register with the ACME server"
+        exit 1
+      fi
+      echo "TLS_TOS=${TLS_TOS}" >>config/user.conf
+    fi
+  fi
   if test -z "${DO_OFFLINE:-}"; then
     read -r -p "Run taler-exchange-offline? (y/n): " DO_OFFLINE
     echo "DO_OFFLINE=${DO_OFFLINE}" >>config/user.conf