Last active
May 11, 2022 21:52
-
-
Save DoganM95/f3d6130ef57750773d6204b7d4563ec6 to your computer and use it in GitHub Desktop.
Export Synology certs on update to a destination directory. In settings, find TaskScheduler, create a new task (user defined script), paste the script, modify destiantion paths and choose interval.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sourcePath="/usr/syno/etc/certificate/_archive/$(cat /usr/syno/etc/certificate/_archive/DEFAULT)" | |
destinationPath="/volume1/docker/.ssl" | |
certDiff=$(diff -w $sourcePath/RSA-cert.pem $destinationPath/cert.pem) | |
chainDiff=$(diff -w $sourcePath/RSA-chain.pem $destinationPath/chain.pem) | |
privKeyDiff=$(diff -w $sourcePath/RSA-privkey.pem $destinationPath/privkey.pem) | |
certUpdated=0 | |
if [ -z "$certDiff" ] && [ -e $destinationPath/cert.pem ]; then | |
echo "no cert diff" | |
else | |
echo "found new cert, updating" | |
cp $sourcePath/RSA-cert.pem $destinationPath/cert.pem && echo "updated cert in $destinationPath" | |
certUpdated=1 | |
fi | |
if [ -z "$chainDiff" ] && [ -e "$destinationPath/chain.pem" ]; then | |
echo "no chain diff" | |
else | |
echo "found new chain, updating" | |
cp $sourcePath/RSA-chain.pem $destinationPath/chain.pem && echo "updated chain in $destinationPath" | |
certUpdated=1 | |
fi | |
if [ -z "$privKeyDiff" ] && [ -e "$destinationPath/privkey.pem" ]; then | |
echo "no privKey diff" | |
else | |
echo "found new privkey, updating" | |
cp -f $sourcePath/RSA-privkey.pem $destinationPath/privkey.pem && echo "updated privkey in $destinationPath" | |
certUpdated=1 | |
fi | |
# Additional actions on cert renewal: | |
if [ $certUpdated -eq 1 ]; then | |
# Docker containers, which depend on up-to-date certs | |
echo "restarting dependent docker containers" | |
docker restart doganm95-ewelink-rest-api-server1 | |
docker restart doganm95-freenet_funk-rest-api-server1 | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment