Last active
August 3, 2022 18:46
-
-
Save killerbees19/24d4e82e6c00f70c4bc4870220c094c7 to your computer and use it in GitHub Desktop.
GetSSL certificate upload with sudo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DOMAIN_CHAIN_LOCATION="ssh:example.net:/home/yourusername/tmp.pem" | |
DOMAIN_KEY_LOCATION="ssh:example.net:/home/yourusername/tmp.key" | |
RELOAD_CMD="ssh example.net -- sudo /path/to/letsencrypt.sh" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -euf -o pipefail | |
DOMAIN_CHAIN_LOCATION=/home/yourusername/tmp.pem | |
DOMAIN_KEY_LOCATION=/home/yourusername/tmp.key | |
CHAIN_LOCATION=/etc/example/file.pem | |
KEY_LOCATION=/etc/example/file.key | |
if [[ ! -f "$DOMAIN_CHAIN_LOCATION" || ! -f "$DOMAIN_KEY_LOCATION" ]] | |
then echo "ERROR: Source files not found!" >&2; exit 1 | |
elif [[ ! -f "$CHAIN_LOCATION" || ! -f "$KEY_LOCATION" ]] | |
then echo "ERROR: Destination files not found!" >&2; exit 1 | |
fi | |
cat "$DOMAIN_KEY_LOCATION" > "$KEY_LOCATION" | |
cat "$DOMAIN_CHAIN_LOCATION" > "$CHAIN_LOCATION" | |
rm -f "$DOMAIN_CHAIN_LOCATION" "$DOMAIN_KEY_LOCATION" | |
logger -t "$(basename "$0")[$$]" "Certificate updated!" | |
systemctl reload your-services |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
yourusername ALL = NOPASSWD: /path/to/letsencrypt.sh |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment