RoE | Wiki

User Tools

Site Tools

Trace: mangos_zero_vanilla_localhost lets_encrypt
servers:bsd:nginx:lets_encrypt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:bsd:nginx:lets_encrypt [2025/10/30 14:20] Sean Rhoneservers:bsd:nginx:lets_encrypt [2026/03/04 14:57] (current) – [Settings] Sean Rhone
Line 1: Line 1:
 ====== Information ====== ====== Information ======
  
-  * Let's Encrypt ((https://letsencrypt.org)) +  * Let's Encrypt ((https://letsencrypt.org/)) 
-  * Certbot ((https://certbot.eff.org)) +  * Certbot ((https://certbot.eff.org/)) 
-  * [[Information:Realm of Espionage]]+  * [[information:realm_of_espionage|Realm of Espionage]]
  
 ===== Prerequisites ===== ===== Prerequisites =====
  
-  * [[bsd:server:freebsd_15.0|FreeBSD 15.0]] +  * [[bsd:server:freebsd_16.0|FreeBSD 16.0]] 
-  * [[servers:bsd:freenginx_php_php-fpm|freenginx + PHP + PHP-FPM]]+  * [[servers:bsd:freenginx_php_php-fpm|freenginx]]
  
 ====== Dependencies ====== ====== Dependencies ======
Line 17: Line 17:
  
 ====== Settings ====== ====== Settings ======
 +
 +  * :!: Set ''email''
 +  * TODO: ''chat''
  
   su -   su -
Line 23: Line 26:
  
 <code> <code>
-verbose = true +verbose = 'true
-text = true +max-log-backups = '0' 
-non-interactive = true +text = 'true' 
-standalone = true +non-interactive = 'true' 
-force-renewal = true +standalone = 'true' 
-agree-tos = true+force-renewal = 'true' 
 +agree-tos = 'true'
  
-##################################################+########################################
 email = espionage724@x email = espionage724@x
-##################################################+########################################
  
-no-eff-email = true+no-eff-email = 'true'
  
-rsa-key-size = 4096 +rsa-key-size = '4096' 
-redirect = true +redirect = 'true' 
-hsts = true +hsts = 'true' 
-uir = true +uir = 'true' 
-staple-ocsp = false+staple-ocsp = 'false
 +key-type = 'ecdsa' 
 +elliptic-curve = 'secp384r1'
  
-domains = realmofespionage.xyz, blog.realmofespionage.xyz, files.realmofespionage.xyz, forums.realmofespionage.xyz, media.realmofespionage.xyz, wiki.realmofespionage.xyz, social.realmofespionage.xyz, test.realmofespionage.xyz+domains = 'realmofespionage.xyz, wiki.realmofespionage.xyz, media.realmofespionage.xyz, blog.realmofespionage.xyz, social.realmofespionage.xyz, forums.realmofespionage.xyz, status.realmofespionage.xyz, files.realmofespionage.xyz, test.realmofespionage.xyz'
  
 # End</code> # End</code>
Line 63: Line 69:
 #!/bin/sh #!/bin/sh
  
-service 'nginxstop+cd '/tmp'
  
-certbot 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini--quiet+'/usr/sbin/service' 'nginxstop
  
-service 'nginx' start+'/usr/local/bin/certbot' 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini' --quiet 
 + 
 +'/usr/sbin/service'nginx' start
  
 # End</code> # End</code>
Line 73: Line 81:
   su 'root' -c ~/'.local/scripts/www/certbot/certbot-renewal.sh'   su 'root' -c ~/'.local/scripts/www/certbot/certbot-renewal.sh'
  
-  ssh '192.168.1.152' -t "su 'root' -c ~/'.local/scripts/www/certbot/certbot-renewal.sh'"+====== cron ======
  
-===== Temp Commands ===== +===== Renewal =====
- +
-===== Obtain Updated Certs =====+
  
-  * TODO: ''su - root -c'' one-shot+  * Weekly (Sunday) ''07:00:00 AM''
  
   su -   su -
  
-  service 'nginxstop+  ee '/etc/cron.d/certbot-renewal'
  
-  certbot 'certonly' --config '/usr/local/etc/letsencrypt/cli-custom.ini'+<code> 
 +
 +SHELL=/bin/sh
  
-  service 'nginxstart+0 7 * * sun root '/home/espionage724/.local/scripts/www/certbot/certbot-renewal.sh'
  
-====== Automatic Cert Renewal ====== +# End</code>
- +
-  * TODO+
  
/usr/local/www/wiki/data/attic/servers/bsd/nginx/lets_encrypt.1761848448.txt.gz · Last modified: by Sean Rhone