From: Andrew DeFaria <A.DeFaria@cpanel.net>
Date: Sat, 24 Dec 2022 19:20:40 +0000 (-0800)
Subject: Hopefully final adjustments to certbot
X-Git-Url: https://defaria.com/gitweb/?a=commitdiff_plain;h=a78a6aab55032721a4e658ebdb32e1305eff7640;p=clearscm.git

Hopefully final adjustments to certbot
---

diff --git a/bin/certbot_authentication.sh b/bin/certbot_authentication.sh
index 0cf53d4..5bec2d4 100755
--- a/bin/certbot_authentication.sh
+++ b/bin/certbot_authentication.sh
@@ -14,7 +14,7 @@
 #
 # See also:     https://help.dreamhost.com/hc/en-us/articles/217555707-DNS-API-commands
 #
-# Crontab:      0 0 20 */3 * certbot renew
+# Crontab:      0 0 20 Jan,Apr,Jul,Oct * certbot renew
 #
 # Note:         If you symlink /etc/letsencrypt/renewal-hooks/{pre|post|deploy}
 #               to the proper scripts then all you need is certbox renew. Also
@@ -29,7 +29,12 @@
 # (c) Copyright 2021, ClearSCM, Inc., all rights reserved
 #
 ################################################################################
-logfile="/tmp/$(basename $0).log"
+certdir=/System/Certificates
+
+mkdir -p $certdir
+
+logfile="$certdir/$(basename $0).log"
+
 rm -f $logfile
 
 function log {
@@ -115,9 +120,6 @@ verifyPropagation
 # If we get here then new certs are produced but need to be made available
 # for importation to the Synology. $certdir is a directory that is on the
 # Synology mounted via NFS.
-certdir=/System/Data/Certificates
-
-mkdir -p $certdir
 cp /etc/letsencrypt/live/$CERTBOT_DOMAIN/privkey.pem     $certdir && chmod 444 $certdir/privkey.pem
 cp /etc/letsencrypt/live/$CERTBOT_DOMAIN/cert.pem        $certdir && chmod 444 $certdir/cert.pem
 cp /etc/letsencrypt/live/$CERTBOT_DOMAIN/chain.pem       $certdir && chmod 444 $certdir/chain.pem
diff --git a/bin/certbot_cleanup.sh b/bin/certbot_cleanup.sh
index 958f578..400c9a2 100755
--- a/bin/certbot_cleanup.sh
+++ b/bin/certbot_cleanup.sh
@@ -12,7 +12,7 @@
 #
 # See also:     https://help.dreamhost.com/hc/en-us/articles/217555707-DNS-API-commands
 #
-# Crontab:      0 0 20 */3 * certbot renew
+# Crontab:      0 0 20 Jan,Apr,Jul,Oct * certbot renew
 #
 # Author:       Andrew@DeFaria.com
 # Created:      Fri 04 Jun 2021 11:20:16 PDT
@@ -22,7 +22,12 @@
 # (c) Copyright 2021, ClearSCM, Inc., all rights reserved
 #
 ################################################################################
-logfile="/tmp/$(basename $0).log"
+certdir="/System/Certificates"
+
+mkdir -p $certdir
+
+logfile="$certdir/$(basename $0).log"
+
 rm -f $logfile
 
 function log {
@@ -75,3 +80,6 @@ removeTXT
 
 # Removal is instanteous but propagation will take some time. No need to wait
 # around though...
+
+# Now deploy new certs
+/opt/clearscm/bin/certbot_deploy.sh
diff --git a/bin/certbot_deploy.sh b/bin/certbot_deploy.sh
index cc03926..582c3b9 100755
--- a/bin/certbot_deploy.sh
+++ b/bin/certbot_deploy.sh
@@ -7,7 +7,7 @@
 #               onto the Synology. We should have already obtained new Let's
 #               Encrypt certs and have placed them into /System/Certificates.
 #               Now we just need to restart nginx on the Synology. This works
-#               because /usr/syno/etc/certificates/_archive already has been
+#               because /usr/syno/etc/certificate/_archive already has been
 #               configured to look at /System/Certificates for new certs.
 #
 #               The restarting of nginx on Synology is large and takes time. You
@@ -17,7 +17,7 @@
 #
 # See also:     https://help.dreamhost.com/hc/en-us/articles/217555707-DNS-API-commands
 #
-# Crontab:      0 0 20 */3 * certbot renew
+# Crontab:      0 0 20 Jan,Apr,Jul,Oct * certbot renew
 #
 # Author:       Andrew@DeFaria.com
 # Created:      Mon Oct 24 11:53:38 AM PDT 2022
@@ -27,7 +27,12 @@
 # (c) Copyright 2021, ClearSCM, Inc., all rights reserved
 #
 ################################################################################
-logfile="/tmp/$(basename $0).log"
+certdir="/System/Certificates"
+
+mkdir -p $certdir
+
+logfile="$certdir/$(basename $0).log"
+
 rm -f $logfile
 
 function log {