From 2ebe287ce402ffea83729e75244c8a69dbb19594 Mon Sep 17 00:00:00 2001
From: Mikaela Suomalainen <mikaela+git@mikaela.info>
Date: Mon, 1 Jul 2019 14:25:05 +0300
Subject: [PATCH] certbot-ssl.sh: initial commit

---
 bash/certbot-ssl.sh | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 bash/certbot-ssl.sh

diff --git a/bash/certbot-ssl.sh b/bash/certbot-ssl.sh
new file mode 100644
index 0000000..bb12cab
--- /dev/null
+++ b/bash/certbot-ssl.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# WARNING!
+# Check file permissions very carefully so other users cannot access the
+# certificate copies.
+# Used with crontab.
+
+# Syncplay
+cp /etc/letsencrypt/live/relpda.mikaela.info/* /opt/syncplay/ssl/
+chown -R syncplay:root /opt/syncplay/ssl
+
+# Mumble
+cp /etc/letsencrypt/live/relpda.mikaela.info/* /var/lib/mumble-server/ssl/
+chown -R mumble-server:mumble-server /var/lib/mumble-server/ssl/
+# 1.3.0+ reloads certificate without restart on SIGUSR1
+pkill $(cat /var/run/mumble-server/mumble-server.pid) -USR1
+
+# ZNC via https://wiki.znc.in/Signed_SSL_certificate#Certbot
+cat /etc/letsencrypt/live/relpda.mikaela.info/{privkey,fullchain}.pem > /home/znc/.znc/znc.pem