Skip to content

Instantly share code, notes, and snippets.

@LiberQuack

LiberQuack/letscrypt.md

Last active August 15, 2018 19:42
Show Gist options
  • Save LiberQuack/86aec8aef6cd1843b5ce9b566fa407af to your computer and use it in GitHub Desktop.
Save LiberQuack/86aec8aef6cd1843b5ce9b566fa407af to your computer and use it in GitHub Desktop.
Download ZIP
Recipe for getting certificates
Raw
letscrypt.md

LetsEncrypt Recipe (run as root)

Install certificate

export DOMAIN=mydomain.com.br
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install certbot
certbot certonly --standalone --preferred-challenges http --http-01-port 80 -d ${DOMAIN}

Cronjob script (This may change as your needs)

echo '#!/bin/sh' "

# Stop service running on port 80
docker stop ci_haproxy &&
/usr/bin/certbot renew;
docker start ci_haproxy &&

# Concatenate fullchain and privkey... needed for haproxy
cd /etc/letsencrypt/live/${DOMAIN} &&
cat fullchain.pem privkey.pem > ${DOMAIN}.pem &&
chmod go-rwx ${DOMAIN}.pem
" >> /usr/local/bin/renew.sh

chmod +x /usr/local/bin/renew.sh
/usr/local/bin/renew.sh

Register Cronjob

echo "30 2 * * * root /bin/sh /usr/local/bin/renew.sh" > /etc/cron.d/letsencrypt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment