Use default ACLs so we don't need to setfacl every cert renewel
This commit is contained in:
parent
5a475dce35
commit
f80292a316
|
@ -2,6 +2,3 @@
|
|||
|
||||
# Expand the certificate
|
||||
echo exozy.me {chat,ci,cloud,desk,game,git,hub,media,office,portal,server,social,ta180m,tube,www}.exozy.me | sed "s/ /,/g" | xargs sudo certbot certonly --cert-name exozy.me --nginx -n -d
|
||||
|
||||
# Give the LDAP user permission to access them
|
||||
sudo setfacl -R -m user:ldap:r-x /etc/letsencrypt/archive/
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
#!/usr/bin/bash
|
||||
|
||||
# Renew the certificate
|
||||
sudo certbot -q renew
|
||||
|
||||
# Give the LDAP user permission to access them
|
||||
sudo setfacl -R -m user:ldap:r-x /etc/letsencrypt/archive/
|
Loading…
Reference in a new issue