Add certbot.ps1
This commit is contained in:
parent
baae0dc201
commit
b8f9e1b02d
30
certbot.ps1
Normal file
30
certbot.ps1
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
Set-Location /etc/letsencrypt
|
||||||
|
|
||||||
|
Write-Host "-- running certbot command"
|
||||||
|
|
||||||
|
export AWS_CONFIG_FILE=/var/lib/letsencrypt/aws/AWS_CONFIG;certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d *.jcolebrand.info,jcolebrand.info
|
||||||
|
|
||||||
|
Write-Host "-- Writing to jellyfin"
|
||||||
|
|
||||||
|
openssl pkcs12 -export -out /zfs/data/jellyfin/jcolebrand.info.pcks12 -inkey /etc/letsencrypt/live/jcolebrand.info/privkey.pem -in /etc/letsencrypt/live/jcolebrand.info/fullchain.pem
|
||||||
|
|
||||||
|
Write-Host "-- Writing to medusa"
|
||||||
|
|
||||||
|
Set-Location /etc/dirsrv/slapd-medusa/
|
||||||
|
$pwd = ((Get-Content /etc/dirsrv/slapd-medusa/pin.txt) -split ':')[1]
|
||||||
|
openssl pkcs12 -export -out /etc/dirsrv/slapd-medusa/jcolebrand.info.pfx -inkey /etc/letsencrypt/live/jcolebrand.info/privkey.pem -in /etc/letsencrypt/live/jcolebrand.info/fullchain.pem -password "pass:$pwd"
|
||||||
|
|
||||||
|
certutil -F -d /etc/dirsrv/slapd-medusa -f /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt -n "Server-cert"
|
||||||
|
|
||||||
|
pk12util -i /etc/dirsrv/slapd-medusa/jcolebrand.info.pfx -d /etc/dirsrv/slapd-medusa -k /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt
|
||||||
|
certutil --rename -n "*.jcolebrand.info - Let's Encrypt" --new-n "Server-cert" -d /etc/dirsrv/slapd-medusa -f /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt
|
||||||
|
certutil -M -t "pu,u,u" -n "Server-cert" -d /etc/dirsrv/slapd-medusa -f /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt
|
||||||
|
|
||||||
|
Write-Host "-- Restarting stuff"
|
||||||
|
|
||||||
|
systemctl restart jellyfin.service
|
||||||
|
|
||||||
|
systemctl restart dirsrv@medusa
|
||||||
|
|
||||||
|
systemctl restart nginx
|
||||||
|
|
Loading…
Reference in New Issue
Block a user