Add script to help with certificate renewal

Doing this is a pain in the ass. I'll probably move the website to my
own servers at some point.

.gitignore

@@ -1,4 +1,5 @@
 ftp_url.txt
+inst_url.txt
 music/*
 static/woff/*
 static/brand/*

newcert.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+run() {
+	set -eu
+	if [ "$EUID" -ne 0 ]; then
+		echo "Root access needed (sorry)"
+		exit 1
+	fi
+	echo "Press enter to run certbot"
+	echo "You'll want another terminal to upload challenges"
+	read
+	exec certbot certonly --manual -d flewkey.com -d www.flewkey.com
+}
+
+challenge() {
+	set -eu
+	echo "Challenge data"
+	read content
+	echo "Challenge name (not the URL)"
+	read name
+	echo "Uploading..."
+	printf "${content}" > "/tmp/${name}"
+	lftp -c "set ftp:list-options -a;\
+		open '$(cat ftp_url.txt)';\
+		put /tmp/${name} -o /public_html/.well-known/acme-challenge/${name}"
+	echo "Success!"
+	echo "URL: https://flewkey.com/.well-known/acme-challenge/${name}"
+}
+
+install() {
+	set -eu
+	if [ "$EUID" -ne 0 ]; then
+		echo "Root access needed (sorry)"
+		exit 1
+	fi
+	echo "Not yet implemented; install it manually"
+	echo "URL: $(cat inst_url.txt)"
+	printf "Press enter for CRT\n\n"
+	read
+	cat "/etc/letsencrypt/live/flewkey.com/cert.pem"
+	printf "\n\nPress enter for KEY\n\n"
+	read
+	cat "/etc/letsencrypt/live/flewkey.com/privkey.pem"
+	printf "\n\nPress enter for CABUNDLE\n\n"
+	read
+	cat "/etc/letsencrypt/live/flewkey.com/chain.pem"
+	printf "\n\nYou should be good to go!\n"
+}
+
+command="$1"
+shift
+
+case "$command" in
+	run) run "$@" ;;
+	challenge) challenge "$@" ;;
+	install) install "$@" ;;
+	*) echo "Usage: $0 run|challenge|install" >&2; exit 1 ;;
+esac