28 lines
921 B
Markdown
28 lines
921 B
Markdown
local-letsencrypt
|
|
=================
|
|
|
|
PoC for letsencrypt SSL certificates, as public, as local hswaw DNS zone is.
|
|
|
|
Usage
|
|
-----
|
|
cp server/config.cfg.dist server/config.cfg
|
|
vim server/config.cfg
|
|
|
|
cp client/hook-config.dist client/hook-config
|
|
vim client/hook-config
|
|
|
|
(cd server && python master.py) &
|
|
|
|
certbot-auto certonly --manual --preferred-challenges=dns \
|
|
--manual-auth-hook `pwd`/client/install-hook.sh \
|
|
--manual-cleanup-hook `pwd`/client/cleanup-hook.sh \
|
|
--manual-public-ip-logging-ok \
|
|
-d testing2.waw.inf.re
|
|
|
|
Dehydrated
|
|
----------
|
|
# This is probably the most sensible method for SSL on raspi.
|
|
git clone https://github.com/lukas2511/dehydrated /root/dehydrated
|
|
/root/dehydrated/dehydrated --accept-terms --register
|
|
/root/dehydrated/dehydrated -c -t dns-01 --hook /root/local-letsencrypt/client/dehydrated-hook.sh -d stuff.waw.hackerspace.pl
|