add njalla-tlsa-rotate.py

Signed-off-by: Martin Matous <m@matous.dev>
2025-03-18 23:25:46 +01:00 · 2025-03-18 23:25:46 +01:00 · effce90992
commit effce90992
parent 63db8162e3
2 changed files with 188 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -84,6 +84,18 @@ Usage: `kernel-update.py`
 Alt.: `kernel-update.py <old-version> <new-version>`


+## njalla-tlsa-rotate.py
+Perform 3 1 1 + 3 1 1 TLSA key rollover for Maddy mailserver with 3h window. Since the script is stateless
+and rebooting a machine would interfere, reboot is blocked via logind for the duration.
+
+Status: active use
+
+Dependencies (python): certbot, cryptography, dasbus
+Dependencies (system): caddy, maddy, python3, systemd
+
+Usage: Invoke periodically using systemd timer.
+
+
 ---

 ## flac-convert.py