This PR largely just chops up the existing script into multiple files that can be used as hook/commands by acme.sh. The files are as follows:
A setup.sh script that does the initial issuing of the certificate. It also now spits out the configuration commands at the end. Once used, this file isn't needed anymore.
A pre-hook.sh script that stops the built-in GUI, sets up the temporary lighttpd instance, and firewall rules
A post-hook.sh script which puts things back the way they were
A reloadcmd.sh which combines the cert and key and copies the CA cert
With these in place, it's possible to use acme.sh's built-in --cron option which doesn't do anything if the certificate doesn't need to be renewed, thus preventing unneeded restarts of the GUI/web server.
I've tried to avoid hard-coding paths as much as possible in case anyone wanted to move the scripts to a different location.
This PR largely just chops up the existing script into multiple files that can be used as hook/commands by acme.sh. The files are as follows:
setup.shscript that does the initial issuing of the certificate. It also now spits out the configuration commands at the end. Once used, this file isn't needed anymore.pre-hook.shscript that stops the built-in GUI, sets up the temporary lighttpd instance, and firewall rulespost-hook.shscript which puts things back the way they werereloadcmd.shwhich combines the cert and key and copies the CA certWith these in place, it's possible to use acme.sh's built-in
--cronoption which doesn't do anything if the certificate doesn't need to be renewed, thus preventing unneeded restarts of the GUI/web server.I've tried to avoid hard-coding paths as much as possible in case anyone wanted to move the scripts to a different location.