From 549d442aa784fb7790d6a29157a853b41bf34e0d Mon Sep 17 00:00:00 2001
From: hansel <hansel@openbusiness.com.sg>
Date: Tue, 6 Jun 2017 12:40:11 +0800
Subject: [PATCH] use certbot with -n option

allows us to use yes | bench setup lets-encrypt {clientsite}

it gets rid of certbot prompt

Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/stupidclientid.erp.openb.net.conf)

What would you like to do?
-------------------------------------------------------------------------------
1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)
-------------------------------------------------------------------------------

automatically chooses option 1
---
 bench/config/lets_encrypt.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bench/config/lets_encrypt.py b/bench/config/lets_encrypt.py
index f09a75bf..63be14dc 100755
--- a/bench/config/lets_encrypt.py
+++ b/bench/config/lets_encrypt.py
@@ -56,7 +56,7 @@ def run_certbot_and_setup_ssl(site, custom_domain, bench_path):
 	get_certbot()
 
 	try:
-		exec_cmd("{path} --config /etc/letsencrypt/configs/{site}.cfg certonly".format(path=get_certbot_path(), site=custom_domain or site))
+		exec_cmd("{path} -n --config /etc/letsencrypt/configs/{site}.cfg certonly".format(path=get_certbot_path(), site=custom_domain or site))
 	except CommandFailedError:
 		service('nginx', 'start')
 		print("There was a problem trying to setup SSL for your site")