#!/usr/bin/bash

# Renew the certificate
sudo certbot -q renew

# Give the LDAP user permission to access them
sudo setfacl -R -m user:ldap:r-x /etc/letsencrypt/archive/