Simplify editing needs of the letsencrypt hook script.
This commit is contained in:
parent
5217863b8b
commit
0d1bc03665
@ -12,16 +12,21 @@
|
|||||||
# Place this script in /etc/letsencrypt/renewal-hooks/deploy/ and make it
|
# Place this script in /etc/letsencrypt/renewal-hooks/deploy/ and make it
|
||||||
# executable after editing it to your needs.
|
# executable after editing it to your needs.
|
||||||
|
|
||||||
if [ ${RENEWED_DOMAINS} = "my-mosquitto-domain" ]; then
|
# Set which domain this script will be run for
|
||||||
|
MY_DOMAIN="example.com"
|
||||||
|
# Set the directory that the certificates will be copied to.
|
||||||
|
CERTIFICATE_DIR=/etc/mosquitto/certs
|
||||||
|
|
||||||
|
if [ ${RENEWED_DOMAINS} = ${MY_DOMAIN} ]; then
|
||||||
# Copy new certificate to Mosquitto directory
|
# Copy new certificate to Mosquitto directory
|
||||||
cp ${RENEWED_LINEAGE}/fullchain.pem /etc/mosquitto/certs/server.pem
|
cp ${RENEWED_LINEAGE}/fullchain.pem ${CERTIFICATE_DIR}/server.pem
|
||||||
cp ${RENEWED_LINEAGE}/privkey.pem /etc/mosquitto/certs/server.key
|
cp ${RENEWED_LINEAGE}/privkey.pem ${CERTIFICATE_DIR}/server.key
|
||||||
|
|
||||||
# Set ownership to Mosquitto
|
# Set ownership to Mosquitto
|
||||||
chown mosquitto: /etc/mosquitto/certs/server.pem /etc/mosquitto/certs/server.key
|
chown mosquitto: ${CERTIFICATE_DIR}/server.pem ${CERTIFICATE_DIR}/server.key
|
||||||
|
|
||||||
# Ensure permissions are restrictive
|
# Ensure permissions are restrictive
|
||||||
chmod 0600 /etc/mosquitto/certs/server.pem /etc/mosquitto/certs/server.key
|
chmod 0600 ${CERTIFICATE_DIR}/server.pem ${CERTIFICATE_DIR}/server.key
|
||||||
|
|
||||||
# Tell Mosquitto to reload certificates and configuration
|
# Tell Mosquitto to reload certificates and configuration
|
||||||
pkill -HUP -x mosquitto
|
pkill -HUP -x mosquitto
|
||||||
|
Loading…
Reference in New Issue
Block a user