Skip to content

Script toolset for creating LetsEncrypt certificates with DuckDNS domain via DNS challege.

Notifications You must be signed in to change notification settings

abrbon/LetsEncrypt_DuckDNS_script_toolset

Repository files navigation

LetsEncrypt Certbot with DuckDNS via DNS challenge

This is a bundle of scripts i made for my own convenience to create LetsEncrypt certificates for my internal servers with my free public domain at DuckDNS.org.

At the time i created these scripts i only tested it on some of my Jails (iocage) on my TrueNAS 12.0 Core server. Although it should work fine on any Linux distro as well, it's based on the BASH shell.

Configuration

Almost all configuration could be set in the certbot_config_vars.sh script.
In this script you can change and set your configurations for the DuckDNS (like the token) and where to copy and name your certificate files and some other variables. Most of them have a small comment behind them with a short explanation.

Installation

Make sure you run all commands with 'root' privileges.

  • Install the Certbot package on your server. On my iocage jail the command is: pkg install py37-certbot
  • Create following directory for these scripts: /usr/local/certbot_files/
  • Change to the directory you just created: cd /usr/local/certbot_files
  • Clone this git repo with following command:
    git clone https://github.com/abrbon/LetsEncrypt_DuckDNS_script_toolset.git .
    Pay attention to the . at the end of the line!
  • Make sure all scripts have execution rights (chmod u+x *.sh)
  • Now run the certbot_firstrun_script.sh script to get started.

The script will now attempt to create the LetsEncrypt certificates depending on the variables you have set in the certbot_config_var.sh script.

The default settings are set to run in so called 'dry-run' mode.
This means that no certifcates are created but the scripts are tested for working correctly.

Besides that the script is also creating test certificates by default, see STAGING variable in certbot_config_vars.sh.
This is recommended for testing. There is a rate limit in creating real signed certificates by LetsEncrypt.

If all is working correctly you can remove the '--dry-run' mode and change the STAGING variable in certbot_config_vars.sh and run the certbot_firstrun_script.sh again to create the final sigened certiciates.



About

Script toolset for creating LetsEncrypt certificates with DuckDNS domain via DNS challege.

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages