https://github.com/flipperdevices/flipper-local-ssl
Flipper LAN SSL Deployer
https://github.com/flipperdevices/flipper-local-ssl
Last synced: 2 months ago
JSON representation
Flipper LAN SSL Deployer
- Host: GitHub
- URL: https://github.com/flipperdevices/flipper-local-ssl
- Owner: flipperdevices
- License: gpl-3.0
- Created: 2023-10-30T12:49:08.000Z (over 2 years ago)
- Default Branch: dev
- Last Pushed: 2023-10-30T12:51:10.000Z (over 2 years ago)
- Last Synced: 2025-03-12T13:43:57.206Z (over 1 year ago)
- Language: Python
- Size: 17.6 KB
- Stars: 1
- Watchers: 4
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Flipper Let's Encrypt deployer for local hosts
## About
This tool may be useful for deploying Let's Encrypt SSL certificates to private network. It use the certbot with the [certbot-dns-cloudflare](https://github.com/certbot/certbot/tree/master/certbot-dns-cloudflare) plugin. New certificate will be transfered to the specified host after issuing or renewing. You can add post-transfer commands to each host.
## Files requirements
1. cloudflare.ini
2. config.json
3. ssh keys
## cloudflare.ini example
```
dns_cloudflare_api_token = MY_SECRET_TOKEN
```
## config.json example
```json
{
"system": {
"email": "email@example.com",
"ssh_keyfile": ".ssh/flipper-local-ssl",
"renew_delay_seconds": 86400
},
"gelf": {
"host": "gelf.example.com",
"port": 1234,
"username": "user",
"password": "pass"
},
"hosts": [
{
"hostname": "gw.example.com",
"ssh_port": "1234",
"ssh_user": "user",
"post_commands": [
"/certificate/remove gw.example.com-fullchain.pem_0",
"/certificate/import file-name=gw.example.com-fullchain.pem passphrase=\"\"",
"/certificate/import file-name=gw.example.com-privkey.pem passphrase=\"\"",
"/ip/service/set www-ssl certificate=gw.example.com.pem_0"
]
},
{
"hostname": "proxmox.example.com",
"ssh_port": "2222",
"ssh_user": "user",
"post_commands": [
"sudo mv proxmox.example.com-fullchain.pem /etc/pve/local/pveproxy-ssl.pem",
"sudo mv proxmox.example.com-privkey.pem /etc/pve/local/pveproxy-ssl.key",
"sudo systemctl restart pveproxy"
]
}
]
}
```
## Deploying SSH keys
```bash
ssh-keygen -f .ssh/flipper-local-ssl
ssh-copy-id -i .ssh/flipper-local-ssl.pub user@host
```