Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save qwertychouskie/065007bdfcf58b6c4e8354ac60cd587e to your computer and use it in GitHub Desktop.
Save qwertychouskie/065007bdfcf58b6c4e8354ac60cd587e to your computer and use it in GitHub Desktop.
script to auto update letsencrypt certs for debian lighttpd installation (based on script by Danny Tuppeny)
#!/usr/bin/env bash
#
# Update letsencrypt on a lighttp installation
#
# If you installed letsencrypt in a non-standard location you
# can set the LEDIR env var before you run this script.
#
# setup letsencrypt install directory
STDLEDIR=/usr/bin
LEDIR=${LEDIR:-$STDLEDIR}
echo "##### Starting renewal $(date) at $LEDIR #####"
# check path to letsencrypt-auto tool
if [ ! -f "$LEDIR/letsencrypt" ]; then
echo "Error: letsencrypt script not found, is letsencrypt installed at $LEDIR?"
exit 1
fi
# renew all certs in live directory
$LEDIR/letsencrypt renew
# rebuild the cert combined.pem
for domain in /etc/letsencrypt/live/* ; do
pushd $domain
echo "Rebuilding cert for: $(basename $domain)"
cat privkey.pem cert.pem > combined.pem
popd
done
# reload lighttpd
systemctl restart lighttpd
echo "##### Finished renewal $(date) at $LEDIR #####"
exit 0
# recommended cron installation (run crontab -e as root):
30 2 * * 1 <abs-path>/letsencrypt-update-lighttpd >> /var/log/le-renew.log
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment