Skip to content

Instantly share code, notes, and snippets.

@TehPeGaSuS

TehPeGaSuS/ZNC_Automate_Certs.md

Last active October 8, 2024 16:33
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save TehPeGaSuS/1a25ebdae3812d374cf23caa78e2e391 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save TehPeGaSuS/1a25ebdae3812d374cf23caa78e2e391 to your computer and use it in GitHub Desktop.
Download ZIP
Automate Certificate Renewal with Certbot
Raw
ZNC_Automate_Certs.md

Shell scripts to automate SSL certs renewal for ZNC with Certbot

NOTE: This was tested on Ubuntu 20.04 and newer

Follow instructions from here and edit the scripts paths to fit your installation.

Use znc_old.sh for ZNC verions under 1.7.0 and znc_new for ZNC 1.7.0+

  1. Create a folder named scripts inside /etc/letsencrypt with:
    mkdir -p /etc/letsencrypt/scripts
  2. Place one of the scripts inside /etc/letsencrypt/scripts
  3. Edit the paths to fit your znc installation
  4. Make the script(s) executable with:
    chmod +x /etc/letsncrypt/scripts/znc_new.sh or chmod +x /etc/letsncrypt/scripts/znc_old.sh
  5. Request/renew your certificate with:
    certbot -d znc.domain.tld --deploy-hook /etc/letsencrypt/scripts/znc_new.sh or certbot -d znc.domain.tld --deploy-hook /etc/letsencrypt/scripts/znc_old.sh
    NOTE: You may need to execute the command twice
  6. ENJOY!
Raw
znc_new.sh
#!/usr/bin/env bash
##########
# Domain or Sub Domain
##########
zncDomain=znc.subdomain.com
##########
# User running ZNC
##########
zncUser=znc
##########
# Group of the user running ZNC
# Usually the same as user when manually installing from source
##########
zncGroup=znc
##########
# Where should be the PEM file placed?
# Usually /home/USER/.znc
##########
zncTLS=/home/znc/.znc
##########
# Don't edit anything below unless you know exactly what you're doing.
# If you touch the code below and then complain the script "suddenly stopped working" I'll touch you at night.
##########
case $RENEWED_LINEAGE in
*/"$zncDomain")
cp -f -- "$RENEWED_LINEAGE"/fullchain.pem "$RENEWED_LINEAGE"/privkey.pem "$zncTLS" &&
chown -- "$zncUser":"$zncGroup" "$zncTLS"/*.pem &&
printf "\n\nCertificate renewed successfully\n\n"
esac
Raw
znc_old.sh
#!/usr/bin/env bash
##########
# Domain or Sub Domain
##########
zncDomain=znc.subdomain.com
##########
# User running ZNC
##########
zncUser=znc
##########
# Group of the user running ZNC
# Usually the same as user when manually installing from source
##########
zncGroup=znc
##########
# Where should be the PEM file placed?
# Usually /home/USER/.znc
##########
zncTLS=/home/znc/.znc
##########
# Don't edit anything below unless you know exactly what you're doing.
# If you touch the code below and then complain the script "suddenly stopped working" I'll touch you at night.
##########
case $RENEWED_LINEAGE in
*/"$zncDomain")
cat "$RENEWED_LINEAGE"/fullchain.pem "$RENEWED_LINEAGE"/privkey.pem > "$zncTLS"/znc.pem &&
chown -- "$zncUser":"$zncGroup" "$zncTLS"/znc.pem &&
printf "\n\nCertificate renewed successfully\n\n"
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment