Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/linsomniac/legocron

Automation wrapper for LetsEncrypt certs via LeGo
https://github.com/linsomniac/legocron

Last synced: 11 days ago
JSON representation

Automation wrapper for LetsEncrypt certs via LeGo

Host: GitHub
URL: https://github.com/linsomniac/legocron
Owner: linsomniac
Created: 2024-02-02T03:03:28.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-02-02T03:12:54.000Z (10 months ago)
Last Synced: 2024-02-02T04:26:13.199Z (10 months ago)
Language: Shell
Size: 2.93 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

LetsEncrypt automation wrapper for LeGo

# Overview

This script automates the request and renew of LetsEncrypt certs using
[LeGo](https://github.com/go-acme/lego). It makes it as easy as to
create a cron job that runs:

legocron www.example.com altname.example.com foo.example.com

to request and refresh the certs. If you add or remove names, legocron
will detect it and issue a new cert with those names.

# Getting Started

- Install lego. That may be via your system package manager ("apt install lego")
or by downloading a binary from [the lego Releases page](https://github.com/go-acme/lego/releases).

- Download legocron:

```shell
wget https://raw.githubusercontent.com/linsomniac/legocron/main/legocron
chmod 755 legocron
mv legocron /usr/local/sbin
```

- Edit "legocron" and set "EMAIL_ADDR" and select a "LEGO_ARGS" provider option.

- Run "legocron" with any certificate names you want to request (use staging for testing):

```shell
legocron --staging www.example.com
# or:
legocron --staging www.example.com altname.example.com foo.example.com
```

- Check the certs in "/usr/local/lib/legocron/certificates"

- Remove the "--staging" when you are done testing and want a real cert.

- Set up legocron in cron:

0 0 * * * root /usr/local/sbin/legocron www.example.com

- Optionally: Write a post-cert script in "/usr/local/lib/legocron/post_cert_hook" and
make it executable, with any steps to take after a certificate has been issued/renewed.
For exmaple, you may want to "systemctl restart apache2" in there.

## License

Creative Commons Zero v1.0 Universal

[//]: # ( vim: set tw=90 ts=4 sw=4 ai: )