From 7c6cfd1fabc057289ff108d5cd618fc115663055 Mon Sep 17 00:00:00 2001
From: Brielle <bruns@2mbit.com>
Date: Mon, 4 Apr 2016 20:48:29 -0600
Subject: [PATCH] Updates to gen-cert.sh to make it more foolproof.

---
 CHANGELOG   |  4 ++++
 gen-cert.sh | 31 +++++++++++++++++++++++++------
 2 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index e12bd77..f641b21 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,7 @@
+04/04/2016
+	- Minor updates to URLs in files
+	- Add sanity checking to gen-cert.sh like whats in gen-unifi-cert.sh
+
 03/24/2016
 	- Updated gen-unifi-cert.sh to do more sanity checks and embed the
 		needed IdenTrust cert so we don't need to include it separately.
diff --git a/gen-cert.sh b/gen-cert.sh
index 16af690..e73bd41 100755
--- a/gen-cert.sh
+++ b/gen-cert.sh
@@ -1,9 +1,10 @@
 #!/bin/bash
 # Easy letsencrypt certs using a bash script.
-# v1.2 - 12/13/2015
+# v1.3 - 04/04/2016
 # By Brielle Bruns <bruns@2mbit.com>
 # http://www.sosdg.org
 
+PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 
 # Use like:  gen-cert.sh -d domain1.com -d domain2.com
 #
@@ -15,27 +16,46 @@
 #
 # 2) Webroot (alias)
 #	Same as #1, but also include an alias directive in apache like in:
-#	http://users.sosdg.org/~bruns/lets-encrypt/apache-le-alias.conf
+#	https://source.sosdg.org/brielle/lets-encrypt-scripts/blob/master/apache-le-alias.conf
 #	And:
 #	mkdir -p /var/www/letsencrypt-root/.well-known/acme-challenge
 #	gen-cert.sh -d domain1.com -d domain2.com -r /var/www/letsencrypt-root
 #
 # 3) Proxy auth
 #	This auth method uses the standalone authenticator with a mod_proxy
-# 	http://users.sosdg.org/~bruns/lets-encrypt/apache-le-proxy.conf
+# 	https://source.sosdg.org/brielle/lets-encrypt-scripts/blob/master/apache-le-proxy.conf
 #	Original proxy idea from:
 #	http://evolvedigital.co.uk/how-to-get-letsencrypt-working-with-ispconfig-3/
 
 PROXYAUTH="--standalone --standalone-supported-challenges http-01 --http-01-port 9999"
 
+# Location of LetsEncrypt binary we use
+LEBINARY="/usr/src/letsencrypt/letsencrypt-auto"
+
+if [[ ! -x ${LEBINARY} ]]; then
+	echo "Error: LetsEncrypt binary not found in ${LEBINARY} !"
+	echo "You'll need to do one of the following:"
+	echo "1) Change LEBINARY variable in this script"
+	echo "2) Install LE manually or via your package manager and do #1"
+	echo "3) Use the included get-letsencrypt.sh script to install it"
+	exit 1
+fi
+
 while getopts "d:r:e:" opt; do
     case $opt in
-        d) domains+=("$OPTARG");;
+    d) domains+=("$OPTARG");;
 	r) webroot=("$OPTARG");;
 	e) email=("$OPTARG");;
     esac
 done
 
+MAINDOMAIN=${domains[0]}
+
+if [[ -z ${MAINDOMAIN} ]]; then
+	echo "Error: At least one -d argument is required"
+	exit 1
+fi
+
 if [[ ! -z ${email} ]]; then
 	email="--email ${email}"
 else
@@ -58,8 +78,7 @@ done
 
 
 
-cd /usr/src/letsencrypt
-./letsencrypt-auto ${email} \
+${LEBINARY} ${email} \
         --server https://acme-v01.api.letsencrypt.org/directory \
         --agree-tos \
         --renew-by-default \