From eac62bc4a4618e1b4f23da7d418efb0156935a9b Mon Sep 17 00:00:00 2001
From: "Daniel M. Lambea" <dmlambea@txs.es>
Date: Tue, 13 Sep 2022 00:01:11 +0100
Subject: [PATCH] =?UTF-8?q?A=C3=B1adir=20script=20de=20ejecuci=C3=B3n=20de?=
 =?UTF-8?q?=20Certbot?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 certbot/certbot-keycloak.sh | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100755 certbot/certbot-keycloak.sh

diff --git a/certbot/certbot-keycloak.sh b/certbot/certbot-keycloak.sh
new file mode 100755
index 0000000..f845de7
--- /dev/null
+++ b/certbot/certbot-keycloak.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+CERTBOT_VER=v1.30.0
+CNT=keycloak_nginx_proxy
+DOM=acceso.txs.es
+NGINX=/opt/nginx-proxy
+
+cd /opt/certbot
+docker run --rm \
+	-v $(pwd)/conf:/etc/letsencrypt \
+	-v $(pwd)/var:/var/lib/letsencrypt \
+	-v $(pwd)/log:/var/log/letsencrypt \
+	-v $NGINX/acme:/acme \
+	certbot/certbot:$CERTBOT_VER certonly -n --webroot -w /acme -d $DOM
+
+## Check if the Certbot execution modified the certificate in the expected path, then
+## copy the new one to the NGINX install folder and restart its container.
+cmp $NGINX/certs/keycloak-cert.pem conf/live/$DOM/fullchain.pem </dev/null >&0 2>&0
+if [ $? -ne 0 ]; then
+	echo "Updating certificate in $CNT container"
+	cp -afL conf/live/$DOM/fullchain.pem $NGINX/certs/keycloak-cert.pem
+	cp -afL conf/live/$DOM/privkey.pem $NGINX/certs/keycloak-key.pem
+	docker restart -t 2 $CNT
+else
+	echo "No new certificates detected: omitting installation in $CNT container"
+fi