From 8985c5e9269308b75600e785147c196562fefe3f Mon Sep 17 00:00:00 2001
From: Starfall <us@starfall.systems>
Date: Thu, 15 Dec 2022 11:11:44 -0600
Subject: acme-renew: helper script for acme.sh

---
 old/acme-renew | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100755 old/acme-renew

(limited to 'old')

diff --git a/old/acme-renew b/old/acme-renew
new file mode 100755
index 0000000..12772e2
--- /dev/null
+++ b/old/acme-renew
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+# For use with acme.sh <https://github.com/acmesh-official/acme.sh> dns-01 verification, on linode, with nginx
+# This is somewhat more reliable than the cron job that acme.sh attempts to create, but not by much.
+# We have since switched to dehydrated <https://github.com/dehydrated-io/dehydrated> http-01 challenges
+# which is much more reliable at actually renewing certs.
+acme_home=/srv/plural.cafe/.acme.sh
+domain=$1
+
+$acme_home/acme.sh --issue --force --debug 2 \
+	-d "$domain" \
+	-d "*.$domain" \
+	--cert-home $acme_home \
+	--server letsencrypt \
+	--preferred-chain dst \
+	-k 4096 \
+	--dns dns_linode_v4 \
+	--dnssleep 90 \
+	> "$HOME/$domain.acme.log"
+
+nginx -s reload
-- 
cgit