#!/usr/bin/env bash

if test -z "${DOMAIN}" || test -z "${EMAIL}"
then
    printf '\nPlease specify domain and email like this before running the script:\nDOMAIN="example.com" EMAIL="letsencrypt@example.com" certbot-create.sh\n\n'
    exit
fi

EC_NAME="${EC_NAME:-secp384r1}"
RSA_SIZE="${RSA_SIZE:-4096}"

certbot_create () {
    certbot certonly -d "${DOMAIN}" -d "*.${DOMAIN}" -n -m "${EMAIL}" --agree-tos --no-eff-email --expand --key-type "${KEY_TYPE}" --elliptic-curve "${EC_NAME}" --rsa-key-size "${RSA_SIZE}" --cert-name "${KEY_TYPE}-${DOMAIN}" --preferred-challenges dns --dns-cloudflare --dns-cloudflare-propagation-seconds 30 --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini
}

KEY_TYPE="ecdsa"
certbot_create

KEY_TYPE="rsa"
certbot_create