Skip to content
Snippets Groups Projects
Verified Commit 786026d0 authored by Jan Alexander Steffens (heftig)'s avatar Jan Alexander Steffens (heftig)
Browse files

roles/quassel: Write the cert somewhere quassel can read it

parent ddad4e1c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
roles/quassel/templates/letsencrypt.hook.d.j2
+ 5
1
View file @ 786026d0
...@@ -2,9 +2,13 @@ ...@@ -2,9 +2,13 @@
test "$1" = renew || exit 0 test "$1" = renew || exit 0
quassel_domain="{{ quassel_domain }}"
for domain in $RENEWED_DOMAINS; do for domain in $RENEWED_DOMAINS; do
case "$domain" in case "$domain" in
{{ quassel_domain }}) $quassel_domain)
cat /etc/letsencrypt/live/$quassel_domain/{privkey,fullchain}.pem |
install -o quassel -g quassel -m 400 /dev/stdin /var/lib/quassel/quasselCert.pem
systemctl restart quassel systemctl restart quassel
;; ;;
esac esac
......
roles/quassel/templates/quassel.service.d.j2
+ 1
3
View file @ 786026d0
[Service] [Service]
ExecStartPre=/usr/bin/truncate -s 0 /var/lib/quassel/.oidentd.conf ExecStartPre=/usr/bin/truncate -s 0 /var/lib/quassel/.oidentd.conf
ExecStart= ExecStart=
ExecStart=/usr/bin/quasselcore --configdir=/var/lib/quassel --oidentd --syslog --require-ssl \ ExecStart=/usr/bin/quasselcore --configdir=/var/lib/quassel --oidentd --syslog --require-ssl
--ssl-cert=/etc/letsencrypt/live/{{ quassel_domain }}/fullchain.pem \
--ssl-key=/etc/letsencrypt/live/{{ quassel_domain }}/privkey.pem
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment