29 lines
759 B
Plaintext
29 lines
759 B
Plaintext
|
#!/bin/bash
|
||
|
|
||
|
# Mosquitto is running with a user that is not privileged enough to read files
|
||
|
# directly from the certbot dirs, so copy files to where mosquitto expects
|
||
|
# them.
|
||
|
|
||
|
set -eu
|
||
|
|
||
|
le_dir="/etc/letsencrypt/live/$(hostname -f)"
|
||
|
mosquitto_dir="/etc/mosquitto/"
|
||
|
|
||
|
le_chain="$le_dir/chain.pem"
|
||
|
mosquitto_chain="$mosquitto_dir/ca_certificates/chain.pem"
|
||
|
cp $le_chain $mosquitto_chain
|
||
|
chown mosquitto:root $mosquitto_chain
|
||
|
|
||
|
le_cert="$le_dir/cert.pem"
|
||
|
mosquitto_cert="$mosquitto_dir/certs/cert.pem"
|
||
|
cp $le_cert $mosquitto_cert
|
||
|
chown mosquitto:root $mosquitto_cert
|
||
|
|
||
|
le_key="$le_dir/privkey.pem"
|
||
|
mosquitto_key="$mosquitto_dir/certs/privkey.pem"
|
||
|
cp $le_key $mosquitto_key
|
||
|
chown mosquitto:root $mosquitto_key
|
||
|
|
||
|
# Tell mosquitto to reload certs
|
||
|
pkill -x -HUP mosquitto
|