local-letsencrypt
=================

PoC for letsencrypt SSL certificates, as public, as local hswaw DNS zone is.

Usage
-----
    cp server/config.cfg.dist server/config.cfg
    vim server/config.cfg

    cp client/hook-config.dist client/hook-config
    vim client/hook-config

    (cd server && python master.py) &

    certbot-auto certonly --manual --preferred-challenges=dns \
        --manual-auth-hook `pwd`/client/install-hook.sh \
        --manual-cleanup-hook `pwd`/client/cleanup-hook.sh \
        --manual-public-ip-logging-ok \
        -d testing2.waw.inf.re

Dehydrated
----------
    # This is probably the most sensible method for SSL on raspi.
    git clone https://github.com/lukas2511/dehydrated /root/dehydrated
    /root/dehydrated/dehydrated --accept-terms --register
    /root/dehydrated/dehydrated -c -t dns-01 --hook /root/local-letsencrypt/client/dehydrated-hook.sh -d stuff.waw.hackerspace.pl