Skip to content

Instantly share code, notes, and snippets.

@fprochazka fprochazka/_readme.md
Last active Jun 12, 2018

Embed
What would you like to do?

certbot

create cert

https-cert-create com.filip-prochazka.ini

renev cert

setup the crontab under root

#!/bin/bash
#
# Run cerbot in a container
#
set -e
VERSION="latest"
IMAGE="quay.io/letsencrypt/letsencrypt:$VERSION"
# Setup volume mounts for compose config and context
if [ "$(pwd)" != '/' ]; then
VOLUMES="-v $(pwd):$(pwd)"
fi
VOLUMES="$VOLUMES -v /etc/letsencrypt:/etc/letsencrypt"
VOLUMES="$VOLUMES -v /var/lib/letsencrypt:/var/lib/letsencrypt"
# nginx vhosts
# correct path is configured in config
VOLUMES="$VOLUMES -v /srv:/srv"
# Only allocate tty if we detect one
if [ -t 1 ]; then
DOCKER_RUN_OPTIONS="-t"
fi
if [ -t 0 ]; then
DOCKER_RUN_OPTIONS="$DOCKER_RUN_OPTIONS -i"
fi
exec docker run --rm --name certbot $DOCKER_RUN_OPTIONS $VOLUMES -w "$(pwd)" $IMAGE "$@"
# Use a 4096 bit RSA key instead of 2048
rsa-key-size = 4096
# Register with the specified e-mail address
email = filip@prochazka.su
# Generate certificates for the specified domains.
domains = filip-prochazka.com, www.filip-prochazka.com
# Uncomment to use a text interface instead of ncurses
# text = True
# Uncomment to use the standalone authenticator on port 443
# authenticator = standalone
# standalone-supported-challenges = tls-sni-01
# Uncomment to use the webroot authenticator. Replace webroot-path with the
# path to the public_html / webroot folder being served by your web server.
authenticator = webroot
webroot-path = /srv/filip-prochazka.com
# m h dom mon dow command
0 1 * * * sh -c '/usr/local/bin/https-cert-renew && /usr/sbin/service nginx reload && echo "nginx reloaded"' 2>&1 | logger --tag certbot -p local0.info
#!/bin/sh
exec /usr/local/bin/certbot certonly -n --agree-tos -m "filip@prochazka.su" --config $1
#!/bin/sh
exec /usr/local/bin/certbot renew -n --agree-tos -m "filip@prochazka.su" $@
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.