Manage SSL certificates using Letsencrypt for Domains managed on Digitalocean
- RaspberryPi
- Docker.
- Domain managed on Digitalocean.
- Digitalocean API access key.
$ wget -O rpi-certbot-manager-1.2.0.tar.gz https://github.com/tsrivishnu/rpi-certbot-manager/archive/v1.1.0.tar.gz && \
tar -xzvf rpi-certbot-manager-1.2.0.tar.gz && \
rm rpi-certbot-manager-1.2.0.tar.gz && \
cd rpi-certbot-manager-1.2.0
Use the template and create the credentials file.
$ cp config/digitalocean.ini.example config/digitalocean.ini
Get the API access key from digitalocean and update the
dns_digitalocean_token
variable in th credentials file.
The project uses Makefile
to ease the process of certificate generation
and renewal.
It uses variables set in the file config/.makeenv
.
Use the template and create the file:
$ cp config/.makeenv.example config/.makeenv
Edit this config/.makeenv
to match your requirements.
$ make generate-certificates
LetEncrypt issues certificates that are valid only for 90 days.
The certificates need to be renewed very often.
This project also includes the scripts to renew the certificates
using a cron
job.
To install the cronjob. Simple run:
$ make install-renewal-cron
If you choose not to renew automatically, you can also run the following:
$ make renew
The project supports running bash scripts after generating and renewing the
certificates.
These bash script can be placed (or symlinked) in the after-success-hooks
directory.
$ make STAGING=1 renew