make license agreement configurable as LICENSE

[andy/dehydrated.git] / letsencrypt.sh

diff --git a/letsencrypt.sh b/letsencrypt.sh
index 49ccd9fb4e99e60153d34b2ada3c35bdc1e1a2f1..cefdb0018365089c6f9b7b5d6673d135fd444f81 100755 (executable)
--- a/letsencrypt.sh
+++ b/letsencrypt.sh
@@ -4,6 +4,10 @@ set -e
 set -u
 set -o pipefail
 
+# default config values
+CA="https://acme-v01.api.letsencrypt.org"
+LICENSE="https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"
+
 . ./config.sh
 
 umask 077 # paranoid umask, we're creating private keys
@@ -50,7 +54,8 @@ _request() {
     curl -sSf "${2}" -d "${3}" 2>"${temperr}"
   fi
   if [ -s "${temperr}" ]; then
-      echo "  + ERROR: An error occured while sending ${1}-request to ${2} ($(<"${temperr}"))" >&2
+      echo "  + ERROR: An error occurred while sending ${1}-request to ${2} ($(<"${temperr}"))" >&2
+      rm -f "${temperr}"
       exit 1
   fi
   rm -f "${temperr}"
@@ -164,7 +169,7 @@ thumbprint="$(printf '%s' "$(printf '%s' '{"e":"'"${pubExponent64}"'","kty":"RSA
 # If we generated a new private key in the step above we have to register it with the acme-server
 if [ "${register}" = "1" ]; then
   echo "+ Registering account key with letsencrypt..."
-  signed_request "${CA}/acme/new-reg" '{"resource": "new-reg", "agreement": "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf"}' > /dev/null
+  signed_request "${CA}/acme/new-reg" '{"resource": "new-reg", "agreement": "'"$LICENSE"'"}' > /dev/null
 fi
 
 # Generate certificates for all domains found in domain.txt (TODO: check if certificate already exists and is about to expire)