#!/usr/bin/make -f export PATH := /srv/tls/bin:$(PATH) %: mkdir -p $@ vim $@/template certtool --generate-privkey --bits 4096 --outfile $@/key.pem certtool --generate-request --no-crq-extensions \ --template $@/template \ --load-privkey $@/key.pem \ --outfile $@/csr.pem acme --account-key /srv/tls/letsencrypt/account.key \ --csr $@/csr.pem \ --acme-dir /srv/tls/well-known/acme-challenge/ > $@/cert.pem cat /srv/tls/ca/lets-encrypt-x1-cross-signed.pem >> $@/cert.pem setup: adduser --system --disabled-login --home /srv/tls --force-badname --group _tls certtool --generate-privkey --bits 4096 --outfile letsencrypt/account.key