Update certbot to use a wildcard
This commit is contained in:
Benoit S
parent
496b3c185d
commit
9ed5e9d72b
3 changed files with 17 additions and 4 deletions
1
.gitattributes
vendored
1
.gitattributes
vendored
|
|
@ -1,2 +1,3 @@
|
|||
files/AdGuardHome.yaml filter=git-crypt diff=git-crypt
|
||||
files/dns-cloudflare.ini filter=git-crypt diff=git-crypt
|
||||
|
||||
|
|
|
|||
20
deploy.py
20
deploy.py
|
|
@ -54,16 +54,28 @@ server.shell(
|
|||
commands=['yes | ufw enable'],
|
||||
)
|
||||
|
||||
apt.packages(
|
||||
server.shell(
|
||||
name='Install certbot',
|
||||
packages=['certbot'],
|
||||
update=False,
|
||||
commands=[
|
||||
'snap install --classic certbot',
|
||||
'snap set certbot trust-plugin-with-root=ok',
|
||||
'snap install certbot-dns-cloudflare'
|
||||
],
|
||||
)
|
||||
|
||||
files.put(
|
||||
name='Put certbot-dns-cloudflare config file',
|
||||
src='files/dns-cloudflare.ini',
|
||||
dest='/etc/letsencrypt/dns-cloudflare.ini',
|
||||
mode='400',
|
||||
)
|
||||
|
||||
if not host.fact.directory('/etc/letsencrypt/live/dns.benpro.fr'):
|
||||
server.shell(
|
||||
name='Add certificate',
|
||||
commands=['certbot certonly --non-interactive --email certbot@benpro.fr --agree-tos --standalone -d dns.benpro.fr'],
|
||||
commands=[
|
||||
'certbot certonly --non-interactive --email certbot@benpro.fr --agree-tos --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/dns-cloudflare.ini -d dns.benpro.fr,*.dns.benpro.fr --preferred-challenges dns-01'
|
||||
],
|
||||
)
|
||||
|
||||
server.group(
|
||||
|
|
|
|||
BIN
files/dns-cloudflare.ini
Normal file
BIN
files/dns-cloudflare.ini
Normal file
Binary file not shown.
Reference in a new issue