The purpose of these scripts is to help implement HTTPS Everywhere using acmetool and F5 BigIP LTM.
Set up acmetool as normal.
Allocate an «IP Address» for the virtual server.
Create two BigIP virtual servers for that «IP Address», one on port 80 and the other on port 44.
The port 80 virtual server should have a default pool that points to the server where acmetool runs.
The port 443 virtual server should have a default pool that points to the servers that provide content.
Add the appropriate iRule to each virtual server.
Install acmetool as normal (apt install acmetool).
Install the acmetool4bigip.py hook script into /usr/lib/acme/hooks.
Set up a webserver that makes /var/lib/acme/live available to the F5. Alternately, set up another acmetool hook script that moves the files to a place where a webserver can serve them. This hook script needs to run before the acmetool4bigip.py hook script, so name it accordingly.
Create an A record for the domain: site1.example.com IN A «IP Address»
Invoke 'acmetool want site1.example.com'.
acmetool will use HTTP domain control validation, via the iRules, to obtain the certificate from Let's Encrypt.
Once obtained, acmetool will invoke the acmetool4bigip.py hook script to cause the F5 to pull the key, certificate and intermediate certificate chain files from the webserver.
Rinse and repeat for each subsequent domain.
This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.