Scifire · June 3, 2018 08:39 · Scifire · Jan 12, 2018
diff --git a/PVE-LE with dehydrated.sh b/PVE-LE with dehydrated.sh
 #!/usr/bin/env bash
 #Script uses dehydrated to get Let´s Encyrpt TLS Certs via DNS.
 #These Certs are copied into Proxmox node dir and restart pve proxy service to enbale them.

 set -e
 set -u

 #name nodes same as in the /etc/hosts
 node1=host001
 node2=host002
 node3=host003
 #url which is used for cert.
 url=cluster.acme.com

 #Renew the certs via dehydrated
 /usr/local/bin/dehydrated -c >/dev/null

 #check if the file has chagned 
 if ! diff -q /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node1/pveproxy-ssl.pem ; then
         #Copy the new certs into proxmox dir and restart on all nodes pveproxy 
         cp  /etc/dehydrated/certs/$url/privkey.pem /etc/pve/nodes/$node1/pveproxy-ssl.key
         cp  /etc/dehydrated/certs/$url/privkey.pem /etc/pve/nodes/$node2/pveproxy-ssl.key
         cp  /etc/dehydrated/certs/$url/privkey.pem /etc/pve/nodes/$node3/pveproxy-ssl.key
         cp  /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node1/pveproxy-ssl.pem
         cp  /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node2/pveproxy-ssl.pem
         cp  /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node3/pveproxy-ssl.pem
         ssh root@$node1 'systemctl restart pveproxy' &
         ssh root@$node2 'systemctl restart pveproxy' &
         ssh root@$node3 'systemctl restart pveproxy'
         wait
 fi
	#!/usr/bin/env bash
	#Script uses dehydrated to get Let´s Encyrpt TLS Certs via DNS.
	#These Certs are copied into Proxmox node dir and restart pve proxy service to enbale them.

	set -e
	set -u

	#name nodes same as in the /etc/hosts
	node1=host001
	node2=host002
	node3=host003
	#url which is used for cert.
	url=cluster.acme.com

	#Renew the certs via dehydrated
	/usr/local/bin/dehydrated -c >/dev/null

	#check if the file has chagned
	if ! diff -q /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node1/pveproxy-ssl.pem ; then
	#Copy the new certs into proxmox dir and restart on all nodes pveproxy
	cp /etc/dehydrated/certs/$url/privkey.pem /etc/pve/nodes/$node1/pveproxy-ssl.key
	cp /etc/dehydrated/certs/$url/privkey.pem /etc/pve/nodes/$node2/pveproxy-ssl.key
	cp /etc/dehydrated/certs/$url/privkey.pem /etc/pve/nodes/$node3/pveproxy-ssl.key
	cp /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node1/pveproxy-ssl.pem
	cp /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node2/pveproxy-ssl.pem
	cp /etc/dehydrated/certs/$url/fullchain.pem /etc/pve/nodes/$node3/pveproxy-ssl.pem
	ssh root@$node1 'systemctl restart pveproxy' &
	ssh root@$node2 'systemctl restart pveproxy' &
	ssh root@$node3 'systemctl restart pveproxy'
	wait
	fi