luke/ssl-update
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
24 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Luke Tidd 68497c4d10
chown and chmod generated pfx files
2024-08-25 12:22:20 -04:00
nfo
jellyfin completed first complete update
2022-07-03 13:11:28 -04:00
remote
be explicit with script type
2022-07-04 13:08:32 -04:00
LICENSE
license update
2022-07-02 14:25:21 -04:00
README.md
added 'read' service and bug fixes
2022-10-01 14:11:05 -04:00
ssl-status.py
redid firewall
2024-08-25 11:41:21 -04:00
ssl-update.py
chown and chmod generated pfx files
2024-08-25 12:22:20 -04:00
update_all
redid firewall
2024-08-25 11:41:21 -04:00

README.md

ssl-update

automation for cert renewal with local hooks

given a service:

* start letsencrypt's certbot "manually", getting ownership proof data
* turn up a custom nginx site for the proof
* log into the firewall, allow http to the given service
* enable http for the given service in nginx
* instruct let's encrypt to check the proof
* new expiration date on certs
* disable http for the service
* log into firewall, block http for the given service
* perform service specific hooks
	* jellyfin/plex: generate a pkcs12 key and
	                 put it in the right place
* set permissions and ownership on new keys

All secrets are GPG encrypted and one password prompt allows for script access to all secrets necessary.

State: * running for all services, no known bugs at this time

Description
No description provided
Readme MIT 134 KiB
Languages
Python 85.1%
Shell 14.9%