Skip to content

Instantly share code, notes, and snippets.

@heisian
Last active Aug 2, 2019
Embed
What would you like to do?
OpenVPN Access Server w/ LetsEncrypt for Web UI
# Modified from https://gist.github.com/HighMacGuy/3cf42ce21d3bd923f2440f9938e2f664
cert-name = yourdomain.com
rsa-key-size = 4096
email = webmaster@getethos.com
domains = vpn.ethoslife.com
agree-tos = True
# Would need to automate the process of adding a
# TXT record in Route53 for this to be automated:
manual = True
preferred-challenges = dns
# non-interactive True
# /usr/local/openvpn_as/scripts/ should be in the $PATH for these to work:
pre-hook = sacli Stop
post-hook = sacli Start
# Install dependencies
apt-get update
apt-get install software-properties-common
add-apt-repository ppa:certbot/certbot
apt-get install certbot
apt-get update
certbot certonly --config first_run.ini
export DOMAIN=yourcomain.com
# Update OpenVPN's db
/usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v "`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`"
/usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v "`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`" > /dev/null
/usr/local/openvpn_as/scripts/confdba -mk cs.cert -v "`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment