Skip to content

Ansible role to update existing Lets Encrypt certificates onto a Synology system.

License

Notifications You must be signed in to change notification settings

JohnVillalovos/synology_certs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

synology_certs

This is an Ansible role to update existing certificates on a Synology system. It has been tested on DSM 7.1 and DSM 7.2 systems. It may work on DSM 6.x. It has been designed with Lets Encrypt (https://letsencrypt.org/) in mind. And in particular used the Lets Encrypt client https://github.com/Neilpang/acme.sh. The reason for this role is that I use DNS-01 authentication mode for Lets Encrypt certificates which Synology does not yet support.

Requirements

This requires a top-level directory where under it are directories named for each host and in those directories are the certificates. This is the format used by https://github.com/lukas2511/dehydrated which is the Lets Encrypt client this was used with.

Role Variables

  • cert_dir: The top-level directory where under it are directories named for each host and in those directories are the certificates.

Dependencies

N/A

Example Playbook

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

- hosts: synology_servers
  tasks:
  - include_role:
      name: synology_certs
    vars:
      cert_dir: '~/sources/acme.sh/certs/'

Notes

Synology DiskStation Manager (DSM) 6.0 and greater store the SSL certificates under two different directories:

  • NGINX certificates: /usr/syno/etc/certificate/
  • Package certificates: /usr/local/etc/certificate/

Ideas: Maybe this role should parse the JSON file at: /usr/syno/etc/certificate/_archive/INFO

License

Apache License, 2.0 (http://www.apache.org/licenses/LICENSE-2.0)

Author Information

https://github.com/JohnVillalovos

About

Ansible role to update existing Lets Encrypt certificates onto a Synology system.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages