From be8fcfc0fbac44502766a618f927dd3295f404b1 Mon Sep 17 00:00:00 2001 From: Bill Nickless Date: Sun, 6 Dec 2020 13:29:25 -0800 Subject: [PATCH] Add unit files for automatic SSL certificate imports --- startup-scripts/unifi_ssl_import.service | 19 +++++++++++++++++++ startup-scripts/unifi_ssl_import.timer | 20 ++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100755 startup-scripts/unifi_ssl_import.service create mode 100755 startup-scripts/unifi_ssl_import.timer diff --git a/startup-scripts/unifi_ssl_import.service b/startup-scripts/unifi_ssl_import.service new file mode 100755 index 0000000..8ff5710 --- /dev/null +++ b/startup-scripts/unifi_ssl_import.service @@ -0,0 +1,19 @@ +# unifi_ssl_import.service +# +# Usage: copy to (e.g.) /etc/systemd/system/unifi_ssl_import.service +# systemctl enable unifi_ssl_import.service +# systemctl start unifi_ssl_import.service +# systemctl status unifi_ssl_import.service +# +[Unit] +Description= UniFi Controller SSL Certificate Import +Documentation= https://www.stevejenkins.com/blog/2016/06/use-existing-ssl-certificate-linux-unifi-controller/ + +[Service] +Type= simple +User= + +ExecStart= /usr/local/bin/unifi_ssl_import.sh + +[Install] +WantedBy= unifi.service diff --git a/startup-scripts/unifi_ssl_import.timer b/startup-scripts/unifi_ssl_import.timer new file mode 100755 index 0000000..905c1f2 --- /dev/null +++ b/startup-scripts/unifi_ssl_import.timer @@ -0,0 +1,20 @@ +# unifi_ssl_import.timer +# +# Usage: copy to (e.g.) /etc/systemd/system/unifi_ssl_import.timer +# systemctl enable unifi_ssl_import.timer +# systemctl start unifi_ssl_import.timer +# systemctl status unifi_ssl_import.timer +# +# Note: Update the OnCalendar entries to about five minutes past when +# Let's Encrypt's certbot runs +# (c.f. /etc/systemd/system/snap.certbot.renew.timer) +[Unit] +Description=Timer import renewed certificates for UniFi controller + +[Timer] +Unit=unifi_ssl_import.service +OnCalendar=*-*-* 02:08 +OnCalendar=*-*-* 12:37 + +[Install] +WantedBy=timers.target