RoE | Wiki

User Tools

Site Tools

Trace: wordpress minecraft_java lets_encrypt
servers:bsd:nginx:lets_encrypt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:bsd:nginx:lets_encrypt [2025/08/27 22:16] – [Settings] Sean Rhoneservers:bsd:nginx:lets_encrypt [2025/10/30 23:37] (current) – [Prerequisites] Sean Rhone
Line 7: Line 7:
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[bsd:server:freebsd_14.2|FreeBSD 14.2]] +  * [[bsd:server:freebsd_15.0|FreeBSD 15.0]] 
-  * [[servers:bsd:nginx_php_php-fpm|nginx + PHP + PHP-FPM]]+  * [[servers:bsd:freenginx_php_php-fpm|freenginx]]
  
 ====== Dependencies ====== ====== Dependencies ======
Line 18: Line 18:
 ====== Settings ====== ====== Settings ======
  
-  *  :!: Be sure to change the email address+  * :!: Set email
  
   su -   su -
Line 32: Line 32:
 agree-tos = true agree-tos = true
  
-########## +##################################################
-#CHANGEME# +
-########## +
 email = espionage724@x email = espionage724@x
- +##################################################
-########## +
-#CHANGEME# +
-##########+
  
 no-eff-email = true no-eff-email = true
Line 50: Line 44:
 staple-ocsp = false staple-ocsp = false
  
-domains = realmofespionage.xyz, blog.realmofespionage.xyz, files.realmofespionage.xyz, media.realmofespionage.xyz, wiki.realmofespionage.xyz+domains = realmofespionage.xyz, blog.realmofespionage.xyz, files.realmofespionage.xyz, forums.realmofespionage.xyz, media.realmofespionage.xyz, wiki.realmofespionage.xyz, social.realmofespionage.xyz, test.realmofespionage.xyz
  
 # End</code> # End</code>
Line 56: Line 50:
 ====== Obtain Certs ====== ====== Obtain Certs ======
  
-  * :!: If it passes the dry run, remove the dry-run argument and re-run ((the dry run will likely fail the nginx restart step since the certs don't actually exist yet))+  * :!: If it passes the dry run, remove the ''--dry-run'' argument and re-run
  
   su -   su -
Line 62: Line 56:
   certbot 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini' --dry-run   certbot 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini' --dry-run
  
-===== Temp Commands =====+====== Scripts ====== 
 + 
 +===== Renewal ===== 
 + 
 +  mkdir -p ~/'.local/scripts/www/certbot' && ee ~/'.local/scripts/www/certbot/certbot-renewal.sh' && chmod +x ~/'.local/scripts/www/certbot/certbot-renewal.sh' 
 + 
 +<code> 
 +#!/bin/sh 
 + 
 +service 'nginx' stop 
 + 
 +certbot 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini' --quiet 
 + 
 +service 'nginx' start 
 + 
 +# End</code> 
 + 
 +  ~/'.local/scripts/www/certbot/certbot-renewal.sh' 
 + 
 +  su 'root' -c ~/'.local/scripts/www/certbot/certbot-renewal.sh'
  
-  * TODO: service stop nginx, above no dry-run+  ssh '192.168.1.152' -t "su 'root' -c ~/'.local/scripts/www/certbot/certbot-renewal.sh'"
  
 ====== Automatic Cert Renewal ====== ====== Automatic Cert Renewal ======
/srv/www/wiki/data/attic/servers/bsd/nginx/lets_encrypt.1756347396.txt.gz · Last modified: by Sean Rhone
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki