This is a bundle of scripts i made for my own convenience to create LetsEncrypt certificates for my internal servers with my free public domain at DuckDNS.org.
At the time i created these scripts i only tested it on some of my Jails (iocage) on my TrueNAS 12.0 Core server.
Although it should work fine on any Linux distro as well, it's based on the BASH shell.
certbot_config_vars.sh
script.In this script you can change and set your configurations for the DuckDNS (like the token) and where to copy and name your certificate files and some other variables. Most of them have a small comment behind them with a short explanation.
Make sure you run all commands with 'root' privileges.
- Install the Certbot package on your server. On my iocage jail the command is:
pkg install py37-certbot
- Create following directory for these scripts:
/usr/local/certbot_files/
- Change to the directory you just created:
cd /usr/local/certbot_files
- Clone this git repo with following command:
git clone https://github.com/abrbon/LetsEncrypt_DuckDNS_script_toolset.git .
Pay attention to the . at the end of the line! - Make sure all scripts have execution rights (chmod u+x *.sh)
- Now run the
certbot_firstrun_script.sh
script to get started.
The script will now attempt to create the LetsEncrypt certificates depending on the variables
you have set in the certbot_config_var.sh
script.
The default settings are set to run in so called 'dry-run' mode.
This means that no certifcates are created but the scripts are tested for working correctly.
Besides that the script is also creating test certificates by default, see STAGING variable in certbot_config_vars.sh
.
This is recommended for testing. There is a rate limit in creating real signed certificates by LetsEncrypt.
If all is working correctly you can remove the '--dry-run' mode and change the STAGING variable in certbot_config_vars.sh
and
run the certbot_firstrun_script.sh
again to create the final sigened certiciates.