Last active
November 25, 2020 11:18
-
-
Save vchatela/7962de8be68728ec7319c8e3457728f9 to your computer and use it in GitHub Desktop.
Force renewal of plex certificate based on Synology one (letsencrypt)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# CONFIGURATION | |
# Please modify SERVERNAME and AAAAAAAAAAAA password in $p12_file_path and $p12cert_password | |
script_folder=/volume1/tools/plex/ | |
plex_folder="/var/packages/Plex Media Server" | |
# p12 file | |
p12_file_path="${plex_folder}"/SERVERNAME.p12 | |
echo $p12_file_path | |
# p12 password | |
p12cert_password='AAAAAAAAAAAAAA' | |
# Synology's Default Let's encrypt folder | |
letsencrypt_cert_folder=/usr/syno/etc/certificate/system/default | |
# renew timestamp | |
renew_timestamp=renew_plex_timestamp | |
# force renew | |
rm -f $script_folder/$renew_timestamp | |
# DO NOT CHANGE BELOW UNLESS YOU'RE A WIZARD | |
generate_p12=false | |
current_date=`date +"%s"` | |
current_certificate_date=`openssl x509 -enddate -noout -in $letsencrypt_cert_folder/cert.pem | cut -d'=' -f2` | |
current_certificate_timestamp=`date -d "$current_certificate_date" +"%s"` | |
# check if the renew_timestamp file exists | |
if [ ! -f $script_folder/$renew_timestamp ]; then | |
echo "Generate timestamp for the current renew date... " | |
echo $current_certificate_timestamp > $script_folder/$renew_timestamp | |
chmod +rw $script_folder/$renew_timestamp | |
chown chef:users $script_folder/$renew_timestamp | |
# generate the first p12 file | |
generate_p12=true | |
else | |
renew_date=`cat $script_folder/$renew_timestamp` | |
# check if it is necessary to renew the certificate or not | |
if expr "$current_date" ">" "$renew_date" > /dev/null; then | |
# generate a new p12 file | |
echo "Renewing certificate..." | |
generate_p12=true | |
# update timestamp in the file | |
echo $current_certificate_timestamp > $script_folder/$renew_timestamp | |
else | |
echo "It is not necessary to renew the certificate, abort." | |
exit 0 | |
fi | |
fi | |
# generate a new certificate file if necessary, and restart Plex | |
if expr "$generate_p12" "=" "true" > /dev/null; then | |
echo "Generating the p12 certificate file..." | |
openssl pkcs12 -export -out "${p12_file_path}" -in $letsencrypt_cert_folder/cert.pem -inkey $letsencrypt_cert_folder/privkey.pem -certfile $letsencrypt_cert_folder/chain.pem -name "Domain" -password pass:$p12cert_password | |
chmod +r "${p12_file_path}" | |
chown plex:users "${p12_file_path}" | |
echo "Restarting Plex Media Server..." | |
bash /var/packages/Plex\ Media\ Server/scripts/start-stop-status stop | |
bash /var/packages/Plex\ Media\ Server/scripts/start-stop-status start | |
echo "Done." | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment