From 404ef2340bb197de797bf4253a8790ebf31ed0e9 Mon Sep 17 00:00:00 2001
From: Nick Leffler <nicholasleffler@gmail.com>
Date: Fri, 19 Jun 2020 10:42:54 -0400
Subject: [PATCH] changed to ssl cert via acme.sh install

---
 deploy.sh | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/deploy.sh b/deploy.sh
index 1bdb1ef..44a7a38 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -38,20 +38,26 @@ fullURL="${siteProto}${siteURL}"
 siteName="${siteTitle}"
 }
 
-genSSL () {
-mkdir -p "/etc/nginx/ssl/${siteURL}/" || exit
-openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/${siteURL}/key -out /etc/nginx/ssl/${siteURL}/crt \
-    -subj "/C=TT/ST=TT/L=TT/O=TEMP/OU=TEMP/CN=$siteURL/emailAddress=TEMP"
+sslLocation="/etc/nginx/ssl/${siteURL}"
 
-sslCert="/etc/nginx/ssl/${siteURL}/crt"
-sslKey="/etc/nginx/ssl/${siteURL}/key"
+genSSL () {
+	mkdir -p "${sslLocation}" || exit
+
+	sslCert="${sslLocation}/crt"
+	sslKey="${sslLocation}/key"
+
+	openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "${sslKey}" -out "${sslCert}" -subj "/C=TT/ST=TT/L=TT/O=TEMP/OU=TEMP/CN=$siteURL/emailAddress=TEMP"
 }
 
 certbotSSL () {
-	"${acmebin}" --issue --dns dns_cf -d "${siteURL}" --reloadcmd "systemctl reload nginx" --force
+	mkdir -p "${sslLocation}" || exit
+	"${acmebin}" --issue --dns dns_cf -d "${siteURL}"
 
-	sslCert="/root/.acme.sh/${siteURL}/fullchain.cer"
-	sslKey="/root/.acme.sh/${siteURL}/${siteURL}.key"
+#	sslCert="${sslLocation}/crt"
+	sslKey="${sslLocation}/key"
+	sslCert="${sslLocation}/fullchain.crt"
+
+	acme.sh --install-cert -d "${siteURL}" --cert-file "${sslLocation}/crt" --key-file "${sslKey}" --fullchain-file "${sslCert}" --reloadcmd "systemctl reload nginx" --force
 }
 
 create_wp_db () {