Add a letsencrypt script to the shell-scripts

[sunbiz]

Just like the shell-scripts/dynaswap-useradd , also add a script that does the following:

• 1. add nginx as a reverse proxy
• 2. points all OpenMRS endpoints to 443
• 3. points all 8000 endpoints to 443
• 4. adds a letsencrypt ACME script that will create an SSL for the nginx

[sunbiz]

This will need a domain, because letsencrypt does not allow for IP based certificates. @johnnyliu1992 have you tried to look for an alternative solution?

[sunbiz]

We are trying to add subdomains automatically when someone spawns a new VM using our image and assign it as a subdomain to xxx-xxx-xxx-xxx.dynaswap.info where the IP with dashes as a subdomain.

We will then try to get a LetEncrypt handshake (using ACME? maybe?) for this subdomain to get a valid SSL certificate

[sunbiz]

After deploying the openmrs-base v1.4 image, the following commands will achieve the SSL certificate

# Call DAR to create an A record
curl -X POST "https://dynaswap.info/DAR" -d "{\"ip\": \"$(curl https://diagnostic.opendns.com/myip)\"}"
 
# edit the server domain on nginx
sudo sed -i "s/___/$(echo $(curl -s https://diagnostic.opendns.com/myip).dynaswap.info | tr '.' '-' | sed 's/-/./g4')/" /etc/nginx/sites-enabled/default
 
# get SSL certificate for the new domain
sudo certbot --nginx -n -d $(echo $(curl -s https://diagnostic.opendns.com/myip).dynaswap.info | tr '.' '-' | sed 's/-/./g4') --agree-tos --email [email protected]