certbot.ps1 1.6 KB

123456789101112131415161718192021222324252627282930
  1. Set-Location /etc/letsencrypt
  2. Write-Host "-- running certbot command"
  3. [System.Environment]::SetEnvironmentVariable("AWS_CONFIG_FILE", "/var/lib/letsencrypt/aws/AWS_CONFIG")
  4. certbot certonly --dns-route53 --dns-route53-propagation-seconds 30 -d *.jcolebrand.info,jcolebrand.info
  5. Write-Host "-- Writing to jellyfin"
  6. openssl pkcs12 -export -out /zfs/data/jellyfin/jcolebrand.info.pcks12 -inkey /etc/letsencrypt/live/jcolebrand.info/privkey.pem -in /etc/letsencrypt/live/jcolebrand.info/fullchain.pem
  7. Write-Host "-- Writing to medusa"
  8. Set-Location /etc/dirsrv/slapd-medusa/
  9. $pwd = ((Get-Content /etc/dirsrv/slapd-medusa/pin.txt) -split ':')[1]
  10. openssl pkcs12 -export -out /etc/dirsrv/slapd-medusa/jcolebrand.info.pfx -inkey /etc/letsencrypt/live/jcolebrand.info/privkey.pem -in /etc/letsencrypt/live/jcolebrand.info/fullchain.pem -password "pass:$pwd"
  11. certutil -F -d /etc/dirsrv/slapd-medusa -f /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt -n "Server-cert"
  12. pk12util -i /etc/dirsrv/slapd-medusa/jcolebrand.info.pfx -d /etc/dirsrv/slapd-medusa -k /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt
  13. certutil --rename -n "*.jcolebrand.info - Let's Encrypt" --new-n "Server-cert" -d /etc/dirsrv/slapd-medusa -f /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt
  14. certutil -M -t "pu,u,u" -n "Server-cert" -d /etc/dirsrv/slapd-medusa -f /etc/dirsrv/slapd-medusa/pwdfile.txt -w /etc/dirsrv/slapd-medusa/pwdfile.txt
  15. Write-Host "-- Restarting stuff"
  16. systemctl restart jellyfin.service
  17. systemctl restart dirsrv@medusa
  18. systemctl restart nginx