Skip to content

Instantly share code, notes, and snippets.

@originalhat

originalhat/automatic-cert-generation.md

Created July 25, 2018 14:23
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save originalhat/40f204ab61cf0d526b62fb6183927532 to your computer and use it in GitHub Desktop.
Save originalhat/40f204ab61cf0d526b62fb6183927532 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
automatic-cert-generation.md
#!/bin/bash
DOMAIN=$1
mkdir -p /tmp/appwatch-bbl
mkdir -p /tmp/certbot
gsutil cp gs://appwatch-bbl/my-app-config.json /tmp/appwatch-bbl/my-app-config.json
chmod 600 /tmp/appwatch-bbl/my-app-config.json
sudo docker run -it --rm --name certbot \
-v "/tmp/my-app-bbl:/my-app-bbl" \
-v "/tmp/certbot/etc/letsencrypt:/etc/letsencrypt" \
-v "/tmp/certbot/var/lib/letsencrypt:/var/lib/letsencrypt" \
-v "/tmp/certbot/secrets:/secrets" \
certbot/dns-google certonly \
-n \
--server https://acme-v02.api.letsencrypt.org/directory \
--dns-google \
--dns-google-credentials /appwatch-bbl/my-app-config.json \
--agree-tos \
-d *.${DOMAIN} \
-d *.apps.${DOMAIN} \
-d *.system.${DOMAIN} \
-d *.login.system.${DOMAIN} \
-m example@email.com
gsutil cp /tmp/certbot/etc/letsencrypt/live/${DOMAIN}/fullchain.pem gs://my-app-bbl/fullchain.pem
gsutil cp /tmp/certbot/etc/letsencrypt/live/${DOMAIN}/privkey.pem gs://my-app-bbl/privkey.pem
rm -r /tmp/my-app-bbl
rm -r /tmp/certbot
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment