diff options
| -rw-r--r-- | configs/os/sysusers.conf | 4 | ||||
| -rwxr-xr-x | scripts/kvmd-certbot | 2 |
2 files changed, 6 insertions, 0 deletions
diff --git a/configs/os/sysusers.conf b/configs/os/sysusers.conf index b25179b8..74ab9069 100644 --- a/configs/os/sysusers.conf +++ b/configs/os/sysusers.conf @@ -21,8 +21,12 @@ m kvmd spi m kvmd systemd-journal m kvmd-pst kvmd + m kvmd-ipmi kvmd + m kvmd-vnc kvmd +m kvmd-vnc kvmd-certbot + m kvmd-janus kvmd m kvmd-janus audio diff --git a/scripts/kvmd-certbot b/scripts/kvmd-certbot index 937a6fb0..72adb8e2 100755 --- a/scripts/kvmd-certbot +++ b/scripts/kvmd-certbot @@ -62,6 +62,7 @@ if [ "$1" == "renew" ]; then rm -rf '$new' cp -a '$tmp' '$new' rm '$new/updated' + chmod 750 '$new/config/'{archive,live} chmod 640 '$new'/config/archive/*/privkey*.pem sed -s -i -e 's| = $tmp/| = $cur/|g' '$new/config/renewal/'* sync @@ -91,6 +92,7 @@ else --webroot-path="$web" \ --deploy-hook="/usr/bin/bash -c ' set -ex + chmod 750 '$cur/config/'{archive,live} cd \"\$RENEWED_LINEAGE\" chmod 640 privkey.pem ln -s fullchain.pem server.crt |