Created
December 7, 2018 21:12
-
-
Save cypnk/3347174572701feb7a72c4f27730b4c6 to your computer and use it in GitHub Desktop.
Domain certificate updater for acme-client for OpenBSD
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Let's Encrypt ACME Client certificate auto-updater for OpenBSD | |
# This file can be added to /etc/daily.local to make it run each day | |
# Location of your ACME domains configuration for Let's Encrypt | |
CONF="/etc/acme-client.conf" | |
# Create a temporary file | |
$TMP=`mktemp -t domains.XXXXXXXXXX` || exit 1 | |
# Extract each domain from the config file and dump to temp file | |
# This works as long as each config starts with: 'domain example.com {' | |
sed -n '/^domain/p' $CONF | cut -d ' ' -f 2 > $TMP | |
# Get certs for each domain | |
for DOMAIN in `cat $TMP`; do | |
# Renew/get cert (should renew if it expires in 30 days) | |
acme-client $DOMAIN | |
done | |
# Reload httpd | |
rcctl reload httpd | |
echo "ACME check on `date`" | |
exit 0 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment