Automated Certificate Renewal

1. Automated Certificate Renewal

1. 1. Script Location

`/usr/local/bin/renew-and-update-certs.sh`

1. 1. Script Contents

```bash

!/bin/bash

Renew certificates

/usr/syno/sbin/syno-letsencrypt renew-all -v

Check if renewal was successful (exit code 0)

if [ $? -eq 0 ]; then

   # Update Navidrome certificates
   cp /usr/syno/etc/certificate/system/default/RSA-cert.pem /volume2/docker/navidrome/ssl/certificate.crt
   cp /usr/syno/etc/certificate/system/default/RSA-privkey.pem /volume2/docker/navidrome/ssl/private.key
   chmod 644 /volume2/docker/navidrome/ssl/certificate.crt
   chmod 600 /volume2/docker/navidrome/ssl/private.key
   docker restart navidrome
   echo "Certificates renewed and Navidrome updated"

else

   echo "Certificate renewal failed, skipping Navidrome update"

fi ```

1. 1. Task Scheduler Configuration

- Control Panel > Task Scheduler**

| Setting | Value | |---------|-------| | Task name | Auto-renew SSL and Update Navidrome | | User | root | | Schedule | Weekly (Sunday, 3:00 AM) | | Script | `/usr/local/bin/renew-and-update-certs.sh` |

1. 1. How It Works

1. Script runs weekly 2. Checks all certificates for renewal (30 days before expiry) 3. Renews any expiring certificates via Let's Encrypt 4. If successful, copies new certs to Navidrome 5. Restarts Navidrome container with fresh certificates

Automated Certificate Renewal

Navigation menu

Search