25 lines
894 B
Bash
Executable File
25 lines
894 B
Bash
Executable File
#!/bin/bash
|
|
|
|
if [ `whoami` != 'root' ]; then
|
|
sudo $0 $@
|
|
exit
|
|
fi
|
|
|
|
domain="$1"
|
|
|
|
certbot certonly -d ${domain} -d "*.${domain}" --manual --force-interactive --reuse-key
|
|
cat /etc/letsencrypt/live/${domain}/cert.pem /etc/letsencrypt/live/${domain}/privkey.pem > /etc/letsencrypt/live/${domain}/certkey.pem
|
|
|
|
# PKCS12 for Emby
|
|
echo | openssl pkcs12 -password stdin -export -out /etc/letsencrypt/live/${domain}/ssl.pfx -inkey /etc/letsencrypt/live/${domain}/privkey.pem -in /etc/letsencrypt/live/${domain}/cert.pem -certfile /etc/letsencrypt/live/${domain}/fullchain.pem
|
|
cat /etc/letsencrypt/live/${domain}/ssl.pfx > /var/lib/emby/ssl/yggdrasil.pfx
|
|
|
|
systemctl restart webserver
|
|
systemctl restart yggdrasil
|
|
|
|
echo
|
|
echo "Don't forget to send \`/raw reloadmodule m_ssl_openssl.so\` to a NetAdmin session on AniNIX/IRC"
|
|
echo Add these to the TLSA records for the domain
|
|
|
|
bash ./tlsa-generation.bash
|