Created
May 4, 2020 14:11
-
-
Save vittorio-nardone/3c4888850f9ba5aceaaebfc1f7e867c8 to your computer and use it in GitHub Desktop.
Request a new cert for specified domain, hosted in a public access S3 bucket
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def request_certs(emails, domains): | |
''' Request a new cert for specified domain, hosted in a public access S3 bucket. | |
'auth-hook.py' script is used in validation, to upload Certbot token to the bucket | |
'cleanup-hook.py' script is used after validation to remove token file in bucket | |
''' | |
certbot_args = [ | |
# Override directory paths to use /tmp folder | |
'--config-dir', '/tmp/certbot/config', | |
'--work-dir', '/tmp/certbot/work', | |
'--logs-dir', '/tmp/certbot/logs', | |
# Request cert | |
'certonly', | |
# Manual installation | |
'--manual', | |
# Domain | |
'--domains', domains, | |
# Run in non-interactive mode | |
'--non-interactive', | |
# Agree | |
'--manual-public-ip-logging-ok', | |
# Agree to the terms of service | |
'--agree-tos', | |
# Email of domain administrators | |
'--email', emails, | |
# Validation scripts | |
'--manual-auth-hook', 'python auth-hook.py', | |
'--manual-cleanup-hook', 'python cleanup-hook.py', | |
'--preferred-challenges', 'http', | |
] | |
# Stage or Prod? | |
if os.environ['CERTBOT_ENV'] == 'staging': | |
certbot_args.extend(['--server', CERTBOT_SERVER]) | |
certbot.main.main(certbot_args) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment