Instantly share code, notes, and snippets.

Embed
What would you like to do?
script to auto update letsencrypt certs for debian lighttpd installation (based on script by Danny Tuppeny)
#!/usr/bin/env bash
#
# Update letsencrypt on a lighttp installation
#
# if you installed letsencrypt in a non-standard location you
# can set the LEDIR env var before you run this script
#
# setup letsencrypt install directory
STDLEDIR=/opt/letsencrypt
LEDIR=${LEDIR:-$STDLEDIR}
echo "##### Starting renewal $(date) at $LEDIR #####"
# check path to letsencrypt-auto tool
if [ ! -f "$LEDIR/letsencrypt-auto" ]; then
echo "Error: letsencrypt-auto script not found, is letsencrypt installed at $LEDIR?"
exit 1
fi
# renew all certs in live directory
$LEDIR/letsencrypt-auto renew
# rebuild the cert combined.pem
for domain in /etc/letsencrypt/live/* ; do
pushd $domain
echo "Rebuilding cert for: $(basename $domain)"
cat privkey.pem cert.pem > combined.pem
popd
done
# reload lighttpd
/etc/init.d/lighttpd force-reload
echo "##### Finished renewal $(date) at $LEDIR #####"
exit 0
# recommended cron installation (run crontab -e as root)
30 2 * * 1 <abs-path>/letsencrypt-update-lighttpd >> /var/log/le-renew.log
@qwertychouskie

This comment has been minimized.

qwertychouskie commented Jul 19, 2016

Created a fork: https://gist.github.com/qwertychouskie/065007bdfcf58b6c4e8354ac60cd587e
Useful if you use the packaged version from jessie-backports.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment