Automated Certificate Renewal: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
=Automated Certificate Renewal= | |||
===Script Location=== | |||
<code>/usr/local/bin/renew-and-update-certs.sh</code> | <code>/usr/local/bin/renew-and-update-certs.sh</code> | ||
===Script Contents=== | |||
<syntaxhighlight> | <syntaxhighlight> | ||
#!/bin/bash | #!/bin/bash | ||
| Line 25: | Line 25: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
===Task Scheduler Configuration=== | |||
**Control Panel > Task Scheduler** | **Control Panel > Task Scheduler** | ||
| Line 36: | Line 36: | ||
| Script | `/usr/local/bin/renew-and-update-certs.sh` | | | Script | `/usr/local/bin/renew-and-update-certs.sh` | | ||
===How It Works=== | |||
1. Script runs weekly | 1. Script runs weekly | ||
Revision as of 12:32, 29 March 2026
Automated Certificate Renewal
Script Location
/usr/local/bin/renew-and-update-certs.sh
Script Contents
#!/bin/bash
# Renew certificates
/usr/syno/sbin/syno-letsencrypt renew-all -v
# Check if renewal was successful (exit code 0)
if [ $? -eq 0 ]; then
# Update Navidrome certificates
cp /usr/syno/etc/certificate/system/default/RSA-cert.pem /volume2/docker/navidrome/ssl/certificate.crt
cp /usr/syno/etc/certificate/system/default/RSA-privkey.pem /volume2/docker/navidrome/ssl/private.key
chmod 644 /volume2/docker/navidrome/ssl/certificate.crt
chmod 600 /volume2/docker/navidrome/ssl/private.key
docker restart navidrome
echo "Certificates renewed and Navidrome updated"
else
echo "Certificate renewal failed, skipping Navidrome update"
fiTask Scheduler Configuration
- Control Panel > Task Scheduler**
| Setting | Value | |---------|-------| | Task name | Auto-renew SSL and Update Navidrome | | User | root | | Schedule | Weekly (Sunday, 3:00 AM) | | Script | `/usr/local/bin/renew-and-update-certs.sh` |
How It Works
1. Script runs weekly 2. Checks all certificates for renewal (30 days before expiry) 3. Renews any expiring certificates via Let's Encrypt 4. If successful, copies new certs to Navidrome 5. Restarts Navidrome container with fresh certificates