aboutsummaryrefslogtreecommitdiffstats
path: root/roles/znc/templates/acme
diff options
context:
space:
mode:
Diffstat (limited to 'roles/znc/templates/acme')
-rw-r--r--roles/znc/templates/acme/znc.j228
1 files changed, 28 insertions, 0 deletions
diff --git a/roles/znc/templates/acme/znc.j2 b/roles/znc/templates/acme/znc.j2
new file mode 100644
index 0000000..de849b7
--- /dev/null
+++ b/roles/znc/templates/acme/znc.j2
@@ -0,0 +1,28 @@
+#!/bin/sh
+#
+# ACME deployment script
+#
+
+# NOTE:
+# ZNC supports SSLKeyFile and SSLDHParamFile since v1.7
+#
+#cp -v /usr/local/etc/ssl/acme/private/{{ network.domain }}.pem \
+# /usr/local/etc/znc/znc.ssl.key
+#cp -v /usr/local/etc/ssl/acme/{{ network.domain }}/fullchain.pem \
+# /usr/local/etc/znc/znc.ssl.crt
+#chown znc:znc /usr/local/etc/znc/znc.ssl.key /usr/local/etc/znc/znc.ssl.crt
+#chmod 0400 /usr/local/etc/znc/znc.ssl.key /usr/local/etc/znc/znc.ssl.crt
+
+# SSL: https://wiki.znc.in/Signed_SSL_certificate
+# Everything in a single file, in the order from the most *private* to
+# the most *public* entries, except for the root certificate.
+# i.e., cat ssl.key ssl.cert dhparam.pem > znc.allinone.pem
+#
+cat /usr/local/etc/ssl/acme/private/{{ network.domain }}.pem \
+ /usr/local/etc/ssl/acme/{{ network.domain }}/fullchain.pem \
+ /usr/local/etc/ssl/dhparam4096.pem \
+ > /usr/local/etc/znc/znc.allinone.pem
+chown znc:znc /usr/local/etc/znc/znc.allinone.pem
+chmod 0400 /usr/local/etc/znc/znc.allinone.pem
+
+reload znc
Copyright © 2017-2018 Aaron LI. All Rights Reserved.