Hi
I created the script with:
nano /etc/e-smith/events/certificate-update/S80push2ad
Note:
I need this for getting NethServer’s AD to use the LetsEncrypt Certs.
If you need more than one such job, just create copies with the appropriate name…
Script contents (Replace SERVER-FQDN with the real value, there should be a folder there…):
cp -f -p /etc/letsencrypt/live/SERVER-FQDN/privkey.pem /var/lib/machines/nsdc/var/lib/samba/private/tls/key.pem
cp -f -p /etc/letsencrypt/live/SERVER-FQDN/fullchain.pem /var/lib/machines/nsdc/var/lib/samba/private/tls/cert.pem
systemctl -M nsdc restart samba
Above, I only copied the files I need. If you need more or other files, adapt as needed.
The most important thing is: This is triggered automatically, whenever LE updates it’s certs…
Depending what your TARGET is (Another Server, an OPNsense firewall, a NAS) you might need diferent files, more importantly you might need different mechanisms to put the files in the right place (eg on OPNsense, there’s a script available!) due to permissions issues on the target device…
My 2 cents
Andy