Created
April 25, 2019 03:01
-
-
Save colinmcintosh/3a2d00dc0e5bb82fc3b0afc185065306 to your computer and use it in GitHub Desktop.
Configure a FreeBSD Jail for NGINX with LetsEncrypt including Auto-renewal using Cloudflare DNS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pkg install nginx | |
| pkg update | |
| pkg install vim py27-certbot py27-certbot-dns-cloudflare | |
| mkdir ~/.secrets | |
| vim ~/.secrets/cloudflare.ini | |
| ##### BEGIN INI FILE | |
| # Cloudflare API credentials used by Certbot | |
| dns_cloudflare_email = cloudflare-email@youremail.com | |
| dns_cloudflare_api_key = <api key> | |
| ##### END INI FILE | |
| chmod -R 0600 ~/.secrets | |
| certbot certonly -a dns-cloudflare --dns-cloudflare-credentials ~/.secrets/cloudflare.ini --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory --agree-tos --no-eff-email -m letsencrypt@example.com -d server.example.com | |
| vim /usr/local/etc/nginx/nginx.conf | |
| crontab -e | |
| 0 1 * * * /usr/local/bin/certbot renew --quiet --post-hook "/usr/sbin/service nginx restart" | |
| nginx -t | |
| service nginx restart |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment