Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Setup Letsencrypt and DuckDNS for a CherryPy web application

Setup DuckDNS and Letsencrypt for a CherryPy web application

Disclaimer: only tested on Ubuntu 18.04, with a single domain.

Set the DUCKDNS_TOKEN environment variable. For example create a /etc/profile.d/ file like :

export DUCKDNS_TOKEN='ab0cd123-4567-8ef9-012g-h345ij6k78lm'

DuckDNS setup:

Create base directory:

mkdir -p /opt/duckdns

Create /opt/duckdns/ :


DOMAINS='example' # <= replace this

echo url="${DOMAINS}&token=${DUCKDNS_TOKEN}&verbose=true&ip=" | curl -k -o /opt/duckdns/duck.log -K -

Create /opt/duckdns/duck.cron:

*/5 * * * * root /opt/duckdns/ >/dev/null 2>&1

Set permissions :

chmod 700

Link to cron.d :

ln -s /opt/duckdns/duck.cron /etc/cron.d/duck

Letsencrypt/Dehydrated setup:

cd /opt
git clone
cd dehydrated
mkdir hooks
git clone hooks/duckdns
chmod 755 /opt/dehydrated/hooks/duckdns/
ln -s /opt/dehydrated/dehydrated /usr/local/sbin/dehydrated
mkdir /etc/dehydrated
mkdir -p /etc/ssl/letsencrypt

Create /etc/dehydrated/domains.txt, containing a space separated list of your domains

See domains.txt for examples.

Create /etc/dehydrated/config:

HOOK='/opt/dehydrated/hooks/duckdns/' # <= change this

See config for more options

First run

dehydrated --register --accept-terms
dehydrated -c -f /etc/dehydrated/config

Create /etc/cron.d/dehydrated :

0 4 * * 6 root /usr/local/sbin/dehydrated -c -f /etc/dehydrated/config

(This cron will run every Sunday at 4:00 AM.)

CherryPy configuration

In your CherryPy app server.conf file, add the following lines on the [global] section :

server.ssl_module: 'pyopenssl'
server.ssl_certificate = "/etc/ssl/letsencrypt/"
server.ssl_private_key = "/etc/ssl/letsencrypt/"
server.ssl_certificate_chain = "/etc/ssl/letsencrypt/"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment