我创建了一个 bash 脚本来更新 IKEve 服务器的安全证书。当我运行脚本时,它会要求我按 2 并输入以更新证书。有人可以帮我添加一个可以自动按2并输入然后继续的命令吗?
下面是 bash 输出和我的脚本。
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Keep the existing certificate for now
2: Renew & replace the cert (may be subject to CA rate limits)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
下面是我的 bash 脚本。
#!/bin/bash
certbot certonly --rsa-key-size 4096 --standalone --agree-tos --no-eff-email --email [email protected] -d mydomain.com
yes | rm /etc/strongswan/swanctl/x509/fullchain.pem
yes | rm /etc/strongswan/swanctl/private/privkey.pem
yes | rm /etc/strongswan/ipsec.d/cacerts/chain.pem
cp /etc/letsencrypt/live/mydomain.com/fullchain.pem /etc/strongswan/swanctl/x509/fullchain.pem
cp /etc/letsencrypt/live/mydomain.com/privkey.pem /etc/strongswan/swanctl/private/privkey.pem
cp /etc/letsencrypt/live/mydomain.com/chain.pem /etc/strongswan/ipsec.d/cacerts/
exit
答案1
使用certbot -n
-n, --non-interactive, --noninteractive
Run without ever asking for user input. This may
require additional command line flags; the client will
try to explain which ones are required if it finds one
missing (default: False)
你可能还需要renew代替certonly(不确定)。
yes | rm另外,您可能想使用rm -f( remove)来代替force。