From a2bd17e935a07cbd1dccc7df39ec23d24b555f55 Mon Sep 17 00:00:00 2001
From: David Tomaschik <david@systemoverlord.com>
Date: Sat, 6 Jan 2018 20:53:24 -0800
Subject: [PATCH] Script to rotate weechat key with letsencrypt.

---
 dotfiles/weechat/letsencrypt.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 dotfiles/weechat/letsencrypt.sh

diff --git a/dotfiles/weechat/letsencrypt.sh b/dotfiles/weechat/letsencrypt.sh
new file mode 100644
index 0000000..c381e63
--- /dev/null
+++ b/dotfiles/weechat/letsencrypt.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+# Update the weechat SSL key.  Should be called from cron via sudo.
+
+eval WEEDIR="$(printf "~%q/.weechat/" "${SUDO_USER}")"
+LIVEKEY="${WEEDIR}/ssl/relay.pem"
+
+certbot renew -q
+cat /etc/letsencrypt/live/$(hostname -f)/{privkey,fullchain}.pem > \
+  ${LIVEKEY}
+chown ${SUDO_USER}:$(id -gn ${SUDO_USER}) ${LIVEKEY}
+for fifo in ${WEEDIR}/weechat_fifo* ; do
+  echo '*/relay sslcertkey' > ${fifo}
+done