Last active
September 30, 2023 11:37
-
-
Save tehplague/896f4b2e25c7d85ee5d8faf0a6377133 to your computer and use it in GitHub Desktop.
Automatic Let's Encrypt certificate issuance for QNAP QTS. You need to have Container Station installed to have Docker available.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| DOMAIN=nas.domain.tld | |
| [email protected] | |
| BASEDIR=$(dirname $0) | |
| test -d ${BASEDIR}/etc/letsencrypt || mkdir -p ${BASEDIR}/etc/letsencrypt | |
| test -d ${BASEDIR}/var/log/letsencrypt || mkdir -p ${BASEDIR}/var/log/letsencrypt | |
| docker run --rm -v "$(pwd)/etc/letsencrypt:/etc/letsencrypt" -v "$(pwd)/var/log/letsencrypt:/var/log/letsencrypt" certbot/dns-digitalocean:latest certonly -n --agree-tos -m ${CA_EMAIL} --dns-digitalocean --dns-digitalocean-credentials /etc/letsencrypt/digitalocean.ini --dns-digitalocean-propagation-seconds 60 -d ${DOMAIN} | |
| /etc/init.d/stunnel.sh stop | |
| /etc/init.d/Qthttpd.sh stop | |
| cat ${BASEDIR}/etc/letsencrypt/live/${DOMAIN}/privkey.pem ${BASEDIR}/etc/letsencrypt/live/${DOMAIN}/cert.pem ${BASEDIR}/etc/letsencrypt/live/${DOMAIN}/chain.pem > /etc/stunnel/stunnel.pem | |
| cp ${BASEDIR}/etc/letsencrypt/live/${DOMAIN}/chain.pem /etc/stunnel/uca.pem | |
| /etc/init.d/Qthttpd.sh start | |
| /etc/init.d/stunnel.sh start |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am missing a quick how to. Where to put the certbot-renew.sh? How to autostart? How to access the *.ini from the docker container?
How to prevent the QNAP to remove all additional files while rebooting?