certbot guide
This commit is contained in:
parent
e01dc8e8fc
commit
7dd15c0dbe
43
_posts/2023-10-04-nginx-certbot-renewal.md
Normal file
43
_posts/2023-10-04-nginx-certbot-renewal.md
Normal file
|
@ -0,0 +1,43 @@
|
|||
---
|
||||
title: Automatic Renewal Of Certbot Certificates With NGINX
|
||||
notice: Incomplete (only overview), tested on AlmaLinux 9.2
|
||||
lang: en-us
|
||||
---
|
||||
|
||||
# Prequisites
|
||||
|
||||
- You need to have `certbot` and `python3-certbot-nginx` installed (or the equivalent in your distro)
|
||||
- Create your configurations in `/etc/nginx/conf.d/`
|
||||
- Run Certbot NGINX for the first time: `sudo certbot --nginx` (use parameter `-d` to specify only specific domains)
|
||||
|
||||
# Setup (packaged)
|
||||
|
||||
Look, if you have a service called `certbot-renew.service`. This can be done by using the command `systemctl status certbot-renew.service`. There also should be a timer called `certbot-renew.timer`.
|
||||
|
||||
If both are present, **only enable certbot-renew.timer**.
|
||||
|
||||
When running `systemctl status certbot-renew.timer` your timer should be active, and you should be able to see when the timer executes the next time.
|
||||
|
||||
<details>
|
||||
<summary>Example</summary>
|
||||
<code>
|
||||
● certbot-renew.timer - This is the timer to set the schedule for automated renewals
|
||||
Loaded: loaded (/usr/lib/systemd/system/certbot-renew.timer; enabled; preset: enabled)
|
||||
Active: active (waiting) since Mon 2023-10-02 18:36:41 UTC; 2 days ago
|
||||
Until: Mon 2023-10-02 18:36:41 UTC; 2 days ago
|
||||
Trigger: Thu 2023-10-05 09:00:44 UTC; 11h left
|
||||
Triggers: ● certbot-renew.service
|
||||
|
||||
Oct 02 18:36:41 example-host systemd[1]: Started This is the timer to set the schedule for automated renewals.
|
||||
</code>
|
||||
</details>
|
||||
|
||||
# Setup (standalone)
|
||||
|
||||
The standalone setup is for packages that don't include a service. You can just put the command `/usr/bin/certbot renew --quiet` wherever it is needed (e.g. Systemd, Cron) or run it manually.
|
||||
|
||||
---
|
||||
|
||||
Also see:
|
||||
|
||||
[Official guide from EFF](https://certbot.eff.org/instructions)
|
89
_site/2023/10/04/nginx-certbot-renewal.html
Normal file
89
_site/2023/10/04/nginx-certbot-renewal.html
Normal file
|
@ -0,0 +1,89 @@
|
|||
<!DOCTYPE html>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
<title>Automatic Renewal Of Certbot Certificates With NGINX</title>
|
||||
<meta charset="UTF-8">
|
||||
<link rel="stylesheet" href="/assets/main.css">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<meta name="author" content="Fl1tzi<root@fl1tzi.com>">
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
||||
<div class="notice">
|
||||
Incomplete (only overview), tested on AlmaLinux 9.2
|
||||
</div>
|
||||
|
||||
|
||||
<header>
|
||||
<h1>Automatic Renewal Of Certbot Certificates With NGINX</h1>
|
||||
|
||||
<span>4 October 2023</span>
|
||||
|
||||
</header>
|
||||
|
||||
<section id="content">
|
||||
<h1 id="prequisites">Prequisites</h1>
|
||||
|
||||
<ul>
|
||||
<li>You need to have <code class="language-plaintext highlighter-rouge">certbot</code> and <code class="language-plaintext highlighter-rouge">python3-certbot-nginx</code> installed (or the equivalent in your distro)</li>
|
||||
<li>Create your configurations in <code class="language-plaintext highlighter-rouge">/etc/nginx/conf.d/</code></li>
|
||||
<li>Run Certbot NGINX for the first time: <code class="language-plaintext highlighter-rouge">sudo certbot --nginx</code> (use parameter <code class="language-plaintext highlighter-rouge">-d</code> to specify only specific domains)</li>
|
||||
</ul>
|
||||
|
||||
<h1 id="setup-packaged">Setup (packaged)</h1>
|
||||
|
||||
<p>Look, if you have a service called <code class="language-plaintext highlighter-rouge">certbot-renew.service</code>. This can be done by using the command <code class="language-plaintext highlighter-rouge">systemctl status certbot-renew.service</code>. There also should be a timer called <code class="language-plaintext highlighter-rouge">certbot-renew.timer</code>.</p>
|
||||
|
||||
<p>If both are present, <strong>only enable certbot-renew.timer</strong>.</p>
|
||||
|
||||
<p>When running <code class="language-plaintext highlighter-rouge">systemctl status certbot-renew.timer</code> your timer should be active, and you should be able to see when the timer executes the next time.</p>
|
||||
|
||||
<details>
|
||||
<summary>Example</summary>
|
||||
<code>
|
||||
● certbot-renew.timer - This is the timer to set the schedule for automated renewals
|
||||
Loaded: loaded (/usr/lib/systemd/system/certbot-renew.timer; enabled; preset: enabled)
|
||||
Active: active (waiting) since Mon 2023-10-02 18:36:41 UTC; 2 days ago
|
||||
Until: Mon 2023-10-02 18:36:41 UTC; 2 days ago
|
||||
Trigger: Thu 2023-10-05 09:00:44 UTC; 11h left
|
||||
Triggers: ● certbot-renew.service
|
||||
|
||||
Oct 02 18:36:41 example-host systemd[1]: Started This is the timer to set the schedule for automated renewals.
|
||||
</code>
|
||||
</details>
|
||||
|
||||
<h1 id="setup-standalone">Setup (standalone)</h1>
|
||||
|
||||
<p>The standalone setup is for packages that don’t include a service. You can just put the command <code class="language-plaintext highlighter-rouge">/usr/bin/certbot renew --quiet</code> wherever it is needed (e.g. Systemd, Cron) or run it manually.</p>
|
||||
|
||||
<hr />
|
||||
|
||||
<p>Also see:</p>
|
||||
|
||||
<p><a href="https://certbot.eff.org/instructions">Official guide from EFF</a></p>
|
||||
|
||||
</section>
|
||||
|
||||
<br/>
|
||||
<hr/>
|
||||
|
||||
<footer>
|
||||
<small>
|
||||
|
||||
<a href="/">Home</a>
|
||||
//
|
||||
|
||||
<a href="https://git.fl1tzi.com/Fl1tzi/fl1tzi.com">Repo</a>
|
||||
//
|
||||
|
||||
<a href="https://git.fl1tzi.com/data/data/src/fl1tzi.com-privacy.md">Privacy</a>
|
||||
//
|
||||
|
||||
All Rights Reserved.
|
||||
</small>
|
||||
</footer>
|
||||
</body>
|
||||
|
||||
</html>
|
|
@ -75,6 +75,13 @@ th {
|
|||
|
||||
code {
|
||||
background-color: var(--light-color);
|
||||
display: inline-block;
|
||||
white-space: pre;
|
||||
}
|
||||
|
||||
summary {
|
||||
text-decoration: underline;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
blockquote {
|
||||
|
|
|
@ -31,6 +31,10 @@ I do stuff on the internet and photograph things.</p>
|
|||
|
||||
<ul>
|
||||
|
||||
<li>
|
||||
<a href="/2023/10/04/nginx-certbot-renewal.html">Automatic Renewal Of Certbot Certificates With NGINX</a>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<a href="/2023/10/03/podman-userns.html">How To Run Podman Containers Inside One User More Securely</a>
|
||||
</li>
|
||||
|
|
|
@ -75,6 +75,13 @@ th {
|
|||
|
||||
code {
|
||||
background-color: var(--light-color);
|
||||
display: inline-block;
|
||||
white-space: pre;
|
||||
}
|
||||
|
||||
summary {
|
||||
text-decoration: underline;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
||||
blockquote {
|
||||
|
|
Loading…
Reference in a new issue