P4/synology-reload.sh

## synology-reload.sh
#!/bin/bash

# Let's Encrypt Certificate reload on Synology NAS
# Services configured through DSM to use a given certificate create their own copies of the certificate files.
# This script will update those copies after the original certificate is renewed.
#
# Install and configure acme.sh on the Synology NAS by following the tutorial:
# https://github.com/Neilpang/acme.sh/wiki/Synology-NAS-Guide

CERT_DIR=/usr/syno/etc/certificate
# When issuing the certificates, set --cert-file, --key-file, --fullchain-file, --capath
# to overwrite an existing cert in $CERT_DIR/_archive
# set --reloadcmd to invoke this script with name of that key

if [ -z "$1" ]
then
	echo "Missing name of key to copy" >&2
	echo "Usage: $0 KEY" >&2
	exit 1
fi

KEY=$1
CERT_SRC=$CERT_DIR/_archive/$KEY

if ! [ -d $CERT_SRC ]
then
	echo "'$CERT_SRC' does not exist, maybe the key was not installed?" >&2
	exit 1
fi

# This file appears to store the key settings from DSM as JSON
# For each key in $CERT_DIR/_archive it contains a list of services configured to use it.
# Certs for key are copied to $CERT_DIR/$subscriber/$service based on this file.
INFO_FILE=$CERT_DIR/_archive/INFO
# Parse the file, extract serivces using our key, convert each to destination path
jq -r --arg key $KEY '.[$key].services[] | .subscriber+ "/" +.service' < $INFO_FILE | while read service
do
	CERT_DEST=$CERT_DIR/$service
	# Directories might not exist even if they are defined in the INFO file.
	if [ -d $CERT_DEST ]
	then
		echo "Deploying to '$CERT_DEST'"
		rsync -a "$CERT_SRC/" $CERT_DEST
	fi
done

# After everything is copied, reload the server to apply the updated certs.
/usr/syno/sbin/synoservicectl --reload nginx
	#!/bin/bash

	# Let's Encrypt Certificate reload on Synology NAS
	# Services configured through DSM to use a given certificate create their own copies of the certificate files.
	# This script will update those copies after the original certificate is renewed.
	#
	# Install and configure acme.sh on the Synology NAS by following the tutorial:
	# https://github.com/Neilpang/acme.sh/wiki/Synology-NAS-Guide

	CERT_DIR=/usr/syno/etc/certificate
	# When issuing the certificates, set --cert-file, --key-file, --fullchain-file, --capath
	# to overwrite an existing cert in $CERT_DIR/_archive
	# set --reloadcmd to invoke this script with name of that key

	if [ -z "$1" ]
	then
	echo "Missing name of key to copy" >&2
	echo "Usage: $0 KEY" >&2
	exit 1
	fi

	KEY=$1
	CERT_SRC=$CERT_DIR/_archive/$KEY

	if ! [ -d $CERT_SRC ]
	then
	echo "'$CERT_SRC' does not exist, maybe the key was not installed?" >&2
	exit 1
	fi

	# This file appears to store the key settings from DSM as JSON
	# For each key in $CERT_DIR/_archive it contains a list of services configured to use it.
	# Certs for key are copied to $CERT_DIR/$subscriber/$service based on this file.
	INFO_FILE=$CERT_DIR/_archive/INFO
	# Parse the file, extract serivces using our key, convert each to destination path
	jq -r --arg key $KEY '.[$key].services[] \| .subscriber+ "/" +.service' < $INFO_FILE \| while read service
	do
	CERT_DEST=$CERT_DIR/$service
	# Directories might not exist even if they are defined in the INFO file.
	if [ -d $CERT_DEST ]
	then
	echo "Deploying to '$CERT_DEST'"
	rsync -a "$CERT_SRC/" $CERT_DEST
	fi
	done

	# After everything is copied, reload the server to apply the updated certs.
	/usr/syno/sbin/synoservicectl --reload nginx