diff options
| author | Paul Buetow <paul@buetow.org> | 2022-07-13 13:09:16 +0100 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2022-07-13 13:09:16 +0100 |
| commit | 0f841977cfa1f2b934f433ac4239e612b44e5dcf (patch) | |
| tree | 9d2abd0b69275e3fd368da6b3a84049921541caa /frontends/scripts | |
| parent | 251e0cb9f2b5442405a87a71e018f50b73a09995 (diff) | |
Use ACME
Diffstat (limited to 'frontends/scripts')
| -rw-r--r-- | frontends/scripts/acme.sh.tpl | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/frontends/scripts/acme.sh.tpl b/frontends/scripts/acme.sh.tpl new file mode 100644 index 0000000..8039168 --- /dev/null +++ b/frontends/scripts/acme.sh.tpl @@ -0,0 +1,22 @@ +#!/bin/sh + +<% + our $primary = $is_primary->($vio0_ip); + our $prefix = $primary ? '' : 'www.'; +-%> + +<% for my $host (@$acme_hosts) { -%> +# Requesting and renewing certificate. +/usr/sbin/acme-client -v <%= $prefix.$host %> +# Create symlink, so that relayd also can read it. +crt_path=/etc/ssl/<%= $prefix.$host %> +if [ -e $crt_path.crt ]; then + rm $crt_path.crt +fi +ln -s $crt_path.fullchain.pem $crt_path.crt + +<% } -%> + +# Pick up the new certs. +/usr/sbin/rcctl reload httpd +/usr/sbin/rcctl reload relayd |