Automated Certificate Renewal: Difference between revisions

From Wreckroom
Jump to navigation Jump to search
No edit summary
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
## Automated Certificate Renewal
=Automated Certificate Renewal=


### Script Location
===Script Location===
<code>/usr/local/bin/renew-and-update-certs.sh</code>
<code>/usr/local/bin/renew-and-update-certs.sh</code>


### Script Contents
===Script Contents===
<syntaxhighlight>
<syntaxhighlight lang="bash">
#!/bin/bash
#!/bin/bash


Line 25: Line 25:
</syntaxhighlight>
</syntaxhighlight>


### Task Scheduler Configuration
===Task Scheduler Configuration===
'''Control Panel > Task Scheduler'''


**Control Panel > Task Scheduler**
{| class="wikitable"
|-
! Setting !! Value
|-
| Task name || Auto-renew SSL and Update Navidrome
|-
| User || root
|-
| Schedule || Weekly (Sunday, 3:00 AM)
|-
| Script || <code>/usr/local/bin/renew-and-update-certs.sh</code>
|}


| Setting | Value |
===How It Works===
|---------|-------|
# Script runs weekly
| Task name | Auto-renew SSL and Update Navidrome |
# Checks all certificates for renewal (30 days before expiry)
| User | root |
# Renews any expiring certificates via Let's Encrypt
| Schedule | Weekly (Sunday, 3:00 AM) |
# If successful, copies new certs to Navidrome
| Script | `/usr/local/bin/renew-and-update-certs.sh` |
# Restarts Navidrome container with fresh certificates
 
### How It Works
 
1. Script runs weekly
2. Checks all certificates for renewal (30 days before expiry)
3. Renews any expiring certificates via Let's Encrypt
4. If successful, copies new certs to Navidrome
5. Restarts Navidrome container with fresh certificates

Latest revision as of 12:33, 29 March 2026

Automated Certificate Renewal[edit]

Script Location[edit]

/usr/local/bin/renew-and-update-certs.sh

Script Contents[edit]

#!/bin/bash

# Renew certificates
/usr/syno/sbin/syno-letsencrypt renew-all -v

# Check if renewal was successful (exit code 0)
if [ $? -eq 0 ]; then
    # Update Navidrome certificates
    cp /usr/syno/etc/certificate/system/default/RSA-cert.pem /volume2/docker/navidrome/ssl/certificate.crt
    cp /usr/syno/etc/certificate/system/default/RSA-privkey.pem /volume2/docker/navidrome/ssl/private.key
    chmod 644 /volume2/docker/navidrome/ssl/certificate.crt
    chmod 600 /volume2/docker/navidrome/ssl/private.key
    docker restart navidrome
    echo "Certificates renewed and Navidrome updated"
else
    echo "Certificate renewal failed, skipping Navidrome update"
fi

Task Scheduler Configuration[edit]

Control Panel > Task Scheduler

Setting Value
Task name Auto-renew SSL and Update Navidrome
User root
Schedule Weekly (Sunday, 3:00 AM)
Script /usr/local/bin/renew-and-update-certs.sh

How It Works[edit]

  1. Script runs weekly
  2. Checks all certificates for renewal (30 days before expiry)
  3. Renews any expiring certificates via Let's Encrypt
  4. If successful, copies new certs to Navidrome
  5. Restarts Navidrome container with fresh certificates
Retrieved from "https://wiki.wreckroom.nyc/index.php?title=Automated_Certificate_Renewal&oldid=447"