{"id":20659422,"url":"https://github.com/hyrsky/certbot-jail","last_synced_at":"2026-04-23T10:32:20.267Z","repository":{"id":84501249,"uuid":"161395927","full_name":"hyrsky/certbot-jail","owner":"hyrsky","description":"Get Let's encrypt certificate in FreeNAS jail.","archived":false,"fork":false,"pushed_at":"2018-12-11T23:14:30.000Z","size":7,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-17T01:28:08.239Z","etag":null,"topics":["freenas-scripts","letsencrypt"],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hyrsky.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-12-11T21:27:13.000Z","updated_at":"2020-06-06T00:36:57.000Z","dependencies_parsed_at":"2023-03-18T22:46:51.947Z","dependency_job_id":null,"html_url":"https://github.com/hyrsky/certbot-jail","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/hyrsky/certbot-jail","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyrsky%2Fcertbot-jail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyrsky%2Fcertbot-jail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyrsky%2Fcertbot-jail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyrsky%2Fcertbot-jail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hyrsky","download_url":"https://codeload.github.com/hyrsky/certbot-jail/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyrsky%2Fcertbot-jail/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32176501,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-23T02:19:40.750Z","status":"ssl_error","status_checked_at":"2026-04-23T02:17:55.737Z","response_time":53,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["freenas-scripts","letsencrypt"],"created_at":"2024-11-16T18:34:20.974Z","updated_at":"2026-04-23T10:32:20.253Z","avatar_url":"https://github.com/hyrsky.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Let's encrypt jail\n\n1. Create aws user with policies\n    * Managed policy ``AmazonRoute53ReadOnlyAccess`` \n    * Managed policy ``AmazonRoute53DomainsReadOnlyAccess``\n    * Policy from ``./policy.json``\n\n\n2. Create ``~/.aws/credentials`` with content:\n    ```ini\n    [default]\n    aws_access_key_id=\u003cKEY ID\u003e\n    aws_secret_access_key=\u003cKEY SECRET\u003e\n    ```\n\n3. Log in to jail and run following commands\n    ```sh\n    pkg install py36-certbot py36-ansible py36-boto git\n    git clone https://github.com/hyrsky/certbot-jail.git\n    certbot-jail/certonly \u003cemail\u003e \u003cdomain\u003e\n    ```\n\n4. Then create cron job for renewing certificate\n    ```sh\n    # Attempt to renew daily\n    0 3 * * * $HOME/certbot-jail/renew\n    ```\n\n5. Run following commands as root inside FreeNAS\n   \n   Copy files to boot pool. Certificates are not available if using encrypted pool.\n    ```sh\n    mkdir -p /certs\n    chmod 700 /certs\n    ln -s /certs/fullchain.pem /certs/letsencrypt.crt\n    ln -s /certs/privkey.pem /certs/letsencrypt.key\n\n    rsync -L /mnt/POOL/iocage/jails/letsencrypt/root/usr/local/etc/letsencrypt/live/DOMAIN/* /certs\n    ```\n\n6. Create certificate with identifier letsencrypt\n7. Create System \u003e Tunables: SSLDIR (rc.conf) = /certs\n8. Create Tasks \u003e Cron Jobs:\n    ```sh\n    # Attempt to renew daily\n    30 3 * * * \n    rsync -L /mnt/POOL/iocage/jails/letsencrypt/root/usr/local/etc/letsencrypt/live/DOMAIN/* /certs \u0026\u0026 service nginx reload\n    ```\n9. Enable HTTPS in System \u003e General\n\n## TODO\n* Installer script\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhyrsky%2Fcertbot-jail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhyrsky%2Fcertbot-jail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhyrsky%2Fcertbot-jail/lists"}