This repository contains a Bash script to automate the renewal of SSL certificates for Teleport, a secure access platform. The script is designed for servers using systemd for service management and Let's Encrypt for SSL certificates.
- Automatically stops the Teleport service.
- Renews SSL certificates using
certbot. - Configures Teleport with the new certificates.
- Restarts the Teleport service and verifies its status.
Before using this script, ensure the following:
- Root Privileges: The script must be run as
rootor withsudo. - Certbot Installed: Install
certbotfor SSL certificate management. - Teleport Installed: Ensure Teleport is installed and accessible via the
teleportcommand. - Systemd Available: The server must use
systemdfor service management. - Valid Subdomain: The Teleport service must be configured with a valid subdomain.
- Clone this repository or copy the script to your server.
- Make the script executable:
chmod +x teleport_ssl_renew
- Run the script with the subdomain as an argument:
Example:
sudo ./teleport_ssl_renew <subdomain>
sudo ./teleport_ssl_renew example.yourdomain.com
-
Validation:
- Checks if the script is run as root.
- Verifies the presence of required tools (
certbot,teleport,systemctl). - Validates the provided subdomain.
-
SSL Renewal:
- Uses
certbotto renew the SSL certificate for the subdomain.
- Uses
-
Teleport Configuration:
- Stops the Teleport service.
- Cleans up old configuration files.
- Copies the new SSL certificates to the appropriate location.
- Configures Teleport with the new certificates.
-
Service Restart:
- Restarts the Teleport service.
- Verifies that the service is running and reachable.
- If the script fails, check the logs for more details:
journalctl -u teleport -e
- Ensure the subdomain is reachable and properly configured in DNS.
This script is provided as-is. Use it at your own risk. Always test in a staging environment before deploying to production.
This project is licensed under the GPL3.0.