Gvm-letsencrypt
Zur Navigation springen
Zur Suche springen
- apt install certbot
- certbot certonly --standalone -d $(hostname)
pre and post stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/pre/stuff
- echo 'systemctl stop greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/pre/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/pre/stuff
- echo '#!bin/bash' > /etc/letsencrypt/renewal-hooks/post/stuff
- echo 'systemctl start greenbone-security-assistant.service' >> /etc/letsencrypt/renewal-hooks/post/stuff
- chmod +x /etc/letsencrypt/renewal-hooks/post/stuff
change gsad settings
- /etc/systemd/system/greenbone-security-assistant.service
[Unit] Description=Greenbone Security Assistant (gsad) Documentation=man:gsad(8) https://www.greenbone.net After=network.target After=gvmd.service [Service] Type=forking #User=_gvm #Group=_gvm User=root Group=root ExecStart=/usr/sbin/gsad --mlisten=127.0.0.1 --mport=9390 --no-redirect --listen=0.0.0.0 --port=443 --ssl-private-key=/etc/letsencrypt/live/scanner.tuxmen.de/privkey.pem --ssl-certificate=/etc/letsencrypt/live/scanner.tuxmen.de/cert.pem Restart=always TimeoutStopSec=10 [Install] WantedBy=multi-user.target Alias=gsad.service
change gvmd settings
[Unit] Description=Open Vulnerability Assessment System Manager Daemon Documentation=man:gvmd(8) https://www.greenbone.net Wants=postgresql.service ospd-openvas.service After=postgresql.service ospd-openvas.service [Service] Type=forking PIDFile=/run/gvm/gvmd.pid User=_gvm Group=_gvm RuntimeDirectory=gvm RuntimeDirectoryMode=2775 ExecStart=/usr/sbin/gvmd -a 0.0.0.0 -p 9390 ExecReload=/bin/kill -HUP $MAINPID # Kill the main process with SIGTERM and after TimeoutStopSec (defaults to # 1m30) kill remaining processes with SIGKILL KillMode=mixed [Install] WantedBy=multi-user.target
]