Added jellyfin_sslsetup.sh script

README.md

@@ -21,3 +21,4 @@ Scripts
 | monitor_Ip.sh | Place this script in a cron job, when an IP differs, will restart Nginx. See script header for more detials. |
 | openbsd_poweroff.sh | My own personal poweroff script for OpenBSD hosts |
 | autoattach | A custom script to auto attach to a TMUX session when you first SSH in |
+| jellyfin_sslsetup.sh | Rsync the certificate from edge server |

jellyfin_sslsetup.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+#
+# Rsync jellyfin valid ssl certificate from edge server.
+#
+# This helps make sure the server has valid SSL certificate for local
+# clients can validate.
+#
+# Example: My TV connects directly to the media-center, skipping going over
+#          the internet. The local media-center needs a valid certificate
+#          if I want the TV to connect to the SSL port.
+
+source /usr/local/etc/jellyfin_sslsetup.conf
+
+#################################
+
+tmpdir=$(mktemp --directory)
+
+
+# Grab certificates and store them locally
+for i in {1..5}; 
+do 
+	sftp -q "$remotehost:$certpath" $tmpdir/ && s=0 && break || s=1 && sleep 3;
+done
+
+if [ $s -eq 0 ]; then
+	# create the p12 file and restart jellyfin
+	openssl pkcs12 -export -out /var/lib/jellyfin/jellyfin.p12 -inkey "$tmpdir/$key" -in "$tmpdir/$cert" -passout "pass:$password"
+	sudo systemctl restart jellyfin
+else
+	echo "Error: Can't reach edge server"
+	rm -fR $tmpdir
+	exit 1
+fi
+rm -fR $tmpdir