Skip to content

Instantly share code, notes, and snippets.

@TehPeGaSuS

TehPeGaSuS/weechat_renew.sh

Last active June 14, 2025 21:38
Show Gist options
  • Save TehPeGaSuS/fc53be6e310a8ab7fdb7588224b0aeb2 to your computer and use it in GitHub Desktop.
Save TehPeGaSuS/fc53be6e310a8ab7fdb7588224b0aeb2 to your computer and use it in GitHub Desktop.
Download ZIP
Automated renewal of WeeChat relay certificate
Raw
weechat_renew.sh
#!/usr/bin/env bash
#-----------------------------------------------------------------------------------#
# Shell script to manage WeeChat relay certificates with Let's Encrypt and Certbot #
# #
# Edit paths and/or commands according to your OS, etc #
# #
# NOTE: This script was tested on Ubuntu 20.04+ #
#-----------------------------------------------------------------------------------#
#------------------------#
# User that runs WeeChat #
#------------------------#
weechatUser=weechater
#------------------------------------------------#
# WeeChat user group (usually the same as above) #
#------------------------------------------------#
weechatGroup=weechater
#-----------------------------------------------------------------#
# WeeChat TLS folder (usually /home/username/.config/weechat/tls) #
#-----------------------------------------------------------------#
weechatTLS="/home/weechater/.config/weechat/tls"
#-------------------#
# WeeChat FIFO path #
#-------------------#
weechatFIFO="/run/user/1000/weechat/weechat_fifo"
#--------------------------------------------------------------------------------------------------------------#
# Don't edit anything below unless you know exactly what you're doing. #
# If you touch the code below and then complain the script "suddenly stopped working" I'll touch you at night. #
#--------------------------------------------------------------------------------------------------------------#
# Concatenate fullchain.pem and privkey.pem into relay.pem
cat "$RENEWED_LINEAGE"/fullchain.pem "$RENEWED_LINEAGE"/privkey.pem > "$weechatTLS"/relay.pem &&
# Set user that runs weechat as the file owner
chown -- "$weechatUser":"$weechatGroup" "$weechatTLS"/relay.pem &&
# Reload weechat tlscertkey
echo "core.weechat */relay tlscertkey" > "$weechatFIFO" &&
# Success!
printf "WeeChat relay certificate updated successfully!\n\n"
@TehPeGaSuS
Copy link
Author

TehPeGaSuS commented Jan 21, 2024
edited
Loading

How to use?

This is done as the user running weechat

  • Change your fifo.file.path to ${weechat_runtime_dir}/weechat_fifo with the command:
    • /set fifo.file.path "${weechat_runtime_dir}/weechat_fifo"
  • Create the folder /home/$USER/.config/weechat/tls if it doesn't exist
  • Set the relay.network.tls_cert_key to ${weechat_config_dir}/tls/relay.pem with the command:
    • /set relay.network.tls_cert_key "${weechat_config_dir}/tls/relay.pem"
  • Reload the relay plugin with:
    • /reload relay

This is done as root

  • Create a folder, named scripts under /etc/letsencrypt, where we will put all the files for automation with Let's Encrypt using the following command:
    • mkdir -p /etc/letsencrypt/scripts
  • Copy the file above to the /etc/letsencrypt/scripts folder and save it under the name weechat_renew.sh
  • Alternatively you can use the following wget command:
    • wget https://gist.githubusercontent.com/TehPeGaSuS/fc53be6e310a8ab7fdb7588224b0aeb2/raw/8dac3b8710189f8cf3621da6f6cfe75ed8135e6f/weechat_renew.sh
  • Edit the file to fit your needs
  • Make it executable with the command:
    • chmod +x /etc/letsencrypt/scripts/weechat_renew.sh
  • Request/renew your certificate with the command:
    • certbot -d weechat.domain.tld --deploy-hook /etc/letsencrypt/scripts/weechat_renew.sh
      (you may need to run the command twice)
  • Now, every time that Certbot auto renew your certificate, it will be automatically updated on your weechat instance
  • ENJOY!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment