CFbot is a CLI application for Cloudflare that helps you automate getting certificates from Cloudflare.
go get github.com/syook/cfbot
sudo cfbot --init --auth <cloudflare CA token> --hostnames "*.example.com,example.com" --validity 7 -p <postRenewCommand (example: nginx -s reload)> -e <onErrorCommand (example: curl slack) >
sudo cfbot --init --auth <cloudflare CA token> -p "/home/deploy/reboot-nginx-docker.sh" -e "/home/deploy/cfbot-on-error.sh" --hostnames "<comma separated hostnames>" -v 7
- Initializes all the necessary folder paths.
- /etc/cfbot
- Fetches the first set of certificates from cloudflare and saves them in
/etc/cfbot/live - runs the provided post renew command (PS: the command is executed in a
bashshell) - Saves the current config for further use in
/etc/cfbot/cfbot.json - Adds a cron which runs twice a day and gets new certificates if the existing ones are about to expire in 48 hours.
The service needs sudo permissions to access the /etc directory and also to add the cron job under /etc/cron.d
Apache 2.0.