github
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh
1
0
Fork 0
Code Issues Releases Wiki Activity

Adjusted the script to account for the two methods a certificate can be created. Also removed a bug that would erase certificates on the system. Also made sure that the active directory package is not affected as this has it's own certificate.

master
m-boone 2018-10-10 17:27:10 +02:00
parent 0d004eaf04
commit 907e2fdd9a
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
Synology-NAS-Guide.md

@ -81,19 +81,24 @@ In DSM control panel, open the 'Task Scheduler' and create a new scheduled task
* Task setting: User-defined-script: * Task setting: User-defined-script:
``` ```
# do not change anything beyond this line! # Note: The $CERT_FOLDER must be hardcoded here since the running environment is unknown. Don't blindly copy&paste!
# if you used the normal method the certificate will be installed in the system/default directory
CERTDIR="system/default"
# if you used the alternative method it is copied to an unknown path, change the following example to the output of the creation process.
#CERTDIR="_archive/AsDFgH"
# do not change anything beyond this line!
CERTROOTDIR="/usr/syno/etc/certificate" CERTROOTDIR="/usr/syno/etc/certificate"
#CERTROOTDIR="/usr/syno/etc/certificate/system/default/"
PACKAGECERTROOTDIR="/usr/local/etc/certificate" PACKAGECERTROOTDIR="/usr/local/etc/certificate"
FULLCERTDIR="$CERTROOTDIR/system/default" FULLCERTDIR="$CERTROOTDIR/$CERTDIR"
# find all subdirectories containing cert.pem files # find all subdirectories containing cert.pem files
PEMFILES=$(find $CERTROOTDIR -name cert.pem) PEMFILES=$(find $CERTROOTDIR -name cert.pem)
if [ ! -z "$PEMFILES" ]; then if [ ! -z "$PEMFILES" ]; then
for DIR in $PEMFILES; do for DIR in $PEMFILES; do
# replace all certificates, but not the ones in the default folder # replace the certificates, but never the ones in the _archive folders as those are all the unique
if [[ $DIR != *"/default/"* ]]; then # certificates on the system.
if [[ $DIR != *"/_archive/"* ]]; then
rsync -avh "$FULLCERTDIR/" "$(dirname $DIR)/" rsync -avh "$FULLCERTDIR/" "$(dirname $DIR)/"
fi fi
done done
@ -106,8 +111,11 @@ fi
PEMFILES=$(find $PACKAGECERTROOTDIR -name cert.pem) PEMFILES=$(find $PACKAGECERTROOTDIR -name cert.pem)
if [ ! -z "$PEMFILES" ]; then if [ ! -z "$PEMFILES" ]; then
for DIR in $PEMFILES; do for DIR in $PEMFILES; do
#active directory has it's own certificate so we do not update that package
if [[ $DIR != *"/ActiveDirectoryServer/"* ]]; then
rsync -avh "$FULLCERTDIR/" "$(dirname $DIR)/" rsync -avh "$FULLCERTDIR/" "$(dirname $DIR)/"
/usr/syno/bin/synopkg restart $(echo $DIR | awk -F/ '{print $6}') /usr/syno/bin/synopkg restart $(echo $DIR | awk -F/ '{print $6}')
fi
done done
fi fi
``` ```