luke/ssl-update
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
13 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Luke Tidd 4826cea9c8 rename and cleanup
2022-10-14 10:54:11 -04:00
nfo
jellyfin completed first complete update
2022-07-03 13:11:28 -04:00
remote
be explicit with script type
2022-07-04 13:08:32 -04:00
LICENSE
license update
2022-07-02 14:25:21 -04:00
README.md
added 'read' service and bug fixes
2022-10-01 14:11:05 -04:00
ssl-status.py
rename and cleanup
2022-10-14 10:54:11 -04:00
ssl-update.py
add status check
2022-10-14 10:52:09 -04:00

README.md

ssl-update

automation for cert renewal with local hooks

given a service:

* start letsencrypt's certbot "manually", getting ownership proof data
* turn up a custom nginx site for the proof
* log into the firewall, allow http to the given service
* enable http for the given service in nginx
* instruct let's encrypt to check the proof
* new expiration date on certs
* disable http for the service
* log into firewall, block http for the given service
* perform service specific hooks
	* jellyfin/plex: generate a pkcs12 key and
	                 put it in the right place
* set permissions and ownership on new keys

All secrets are GPG encrypted and one password prompt allows for script access to all secrets necessary.

State: * running for all services, no known bugs at this time

Description
No description provided
Readme MIT 134 KiB
Languages
Python 85.1%
Shell 14.9%