Ubuntu script to Apple Script?

Scripting Forums AppleScript | Mac OS X
#1

I’ve been setting up Pi-Hole in a Taiolscale Side on my old Intel Mac Mini
Following these instructions it works pretty well. The only issue I have is that Pi-hole will only work via http and not https.
I’ve been discussing this on the Tailscale Discord and have been told how to solve the issue on Unbuntu linux

I’d be looking to run these scripts from the container folder in Docker:
cd ~/docker/piside
And the final merged certificate should be in ~/docker/piside/etc-pihole/tls.pem (or maybe ~/docker/piside/etc/pihole/tls.pem

if you tailscale cert the cert(s) then you need to properly combine them in the right order in a .pem file

“this is what I use on ubuntu for this”

#!/bin/bash

DOMAIN=“you_ts_fqdn”
DEST_DIR=“/var/www”
PEM_FILE=“your_filename.pem”

# Run tailscale cert to generate cert and key files
if sudo tailscale cert --cert-file=“${DEST_DIR}/${DOMAIN}.crt” --key-file=“${DEST_DIR}/${DOMAIN}.key” “$DOMAIN”; then
echo “Tailscale cert generated successfully”
else
echo “Error: Failed to generate tailscale cert” >&2
exit 1
fi

# Combine crt and key into a single PEM file
if cat “${DEST_DIR}/${DOMAIN}.key” “${DEST_DIR}/${DOMAIN}.crt” > “${DEST_DIR}/${PEM_FILE}”; then
echo “Combined PEM file created: ${PEM_FILE}”
else
echo “Error: Failed to create combined PEM file” >&2
exit 1
fi

# Change ownership and permission to www-data
if sudo chown www-data:pihole “${DEST_DIR}/${DOMAIN}.crt” “${DEST_DIR}/${DOMAIN}.key” “${DEST_DIR}/${PEM_FILE}” &&
sudo chmod 640 “${DEST_DIR}/${DOMAIN}.crt” “${DEST_DIR}/${DOMAIN}.key” “${DEST_DIR}/${PEM_FILE}”; then
echo “Ownership and permissions set for www-data”
else
echo “Error: Failed to change ownership or permissions” >&2
exit 1
fi

From that once I the merged PEM file is where I need it on the Mini I should be able to use HTTPS. Does this make sense at all?

If it is does then how they be migrated to it to an Apple Script(s) I can then run, or better (for me) use it all in an Apple Shortcut.
As always thanks i advance guys.

#2

I tried to make progress with this myself and at least finish the first part. I entered the first lines into Terminal:

DOMAIN=“you_ts_fqdn”
DEST_DIR=“~/docker/www”
PEM_FILE=“your_filename.pem”

For domain I used: tailscalesidecar.domain I also tried using the tailscale domain of the machine hosting Docker.

Then pasted in the first ‘script’

if sudo tailscale cert --cert-file=“${DEST_DIR}/${DOMAIN}.crt” --key-file=“${DEST_DIR}/${DOMAIN}.key” “$DOMAIN”; then
echo “Tailscale cert generated successfully”
else
echo “Error: Failed to generate tailscale cert” >&2
exit 1
fi

That gives me something similar to:

open /dbrewood/www/tailscaledomain.crt.tmp230913070: no such file or directory
Error: Failed to generate tailscale cert

I’ve been creating directories all over the place, in the root, in the Discord container directory – no difference at all. I can’t get rid of the ‘no such file or directory’ error.

Any ideas what I’m missing?

#3

Sorry I don’t use tailscale but in real I don’t understand what exactly you’re trying to do. Do you have Docker on macos and try to do this inside docker? Based on this description https://tailscale.com/docs/how-to/set-up-https-certificate, tailscale generates certificates via Lets encrypt, using dedicated client, enters DNS TXT records etc. It’s hard to understand what exactly you want achieve without knowing what is your architecture.

#4

Thanks for responding. After a search though the Tailscale Sidecar container in docker I have found this directory: “/docker/[sidecarcontainer]/ts/state/certs/” and within are:

contianer.tailnet.ts.net.crt
container.tailnet.ts.net.key

So I guess what I need the correct scripting to combine these files into a single PEM file. I assume it’s not as simple as opening both in a text editor and copy / pasting to combine them?

Oh I was looking to do this so I could add the certificate within the Pi-hole configuration and then use it with an HTTPS interface instead of HTTP.

#5

More experimentation, as the certs do exist I tried:

cd ~/docker//ts/state/certs

Then ran:

if cat “~/docker//ts/state/certs/.tailnet.key” “~/docker//ts/state/certs/.tailnet.crt” > “~/docker/<sidecar container/ts/state/certs/.tailnet.pem”; then
echo “Combined PEM file created: ${PEM_FILE}”
else
echo “Error: Failed to create combined PEM file” >&2
exit 1
fi

And got:

zsh: no such file or directory: ~/docker//ts/state/certs/..pem
Error: Failed to create combined PEM file

Saving session…
…copying shared history…
…saving history…truncating history files…
…completed.

#6

why do you have 2 slashed (“//”) after “~/docker”?

#7

It was a typo, I eventually managed to conbine the files using:

if cat "container.tailnet.key" "container.tailnet..crt" > "container.tailnet..pem"; then
  echo "Combined PEM file created: ${PEM_FILE}"
else
  echo "Error: Failed to create combined PEM file" >&2
  exit 1
fi