luke/ssl-update
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
10 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Luke Tidd f0cd9433de update readme
2022-08-08 14:47:04 -04:00
nfo
jellyfin completed first complete update
2022-07-03 13:11:28 -04:00
remote
be explicit with script type
2022-07-04 13:08:32 -04:00
LICENSE
license update
2022-07-02 14:25:21 -04:00
README.md
update readme
2022-08-08 14:47:04 -04:00
update_cert.py
update readme
2022-08-08 14:47:04 -04:00

README.md

ssl-update

automation for cert renewal with local hooks

given a service:

* start letsencrypt's certbot "manually", getting ownership proof data
* write proof into nginx's serving path
* log into the firewall, allow http for the given service
* enable http for the given service
* instruct let's encrypt to check the proof
* get new keys
* disable http for the service
* log into firewall, block http for the given service
* set permissions and ownership on new keys
* perform service specific hooks
	* jellyfin/plex: generate a pkcs12 key and
	                 put it in the right place

All secrets are GPG encrypted and one password prompt allows for script access to all secrets necessary.

State:

* running for all services, no known bugs at this time
Description
No description provided
Readme MIT 134 KiB
Languages
Python 85.1%
Shell 14.9%