Commit 40f395bb authored by Achilleas Pipinellis's avatar Achilleas Pipinellis 🤸🏼

Use certbot script for Let's Encrypt

parent 11bb151b
Pipeline #23774675 failed with stage
in 2 minutes and 19 seconds
......@@ -37,10 +37,20 @@ letsencrypt:
stage: post-deploy
variables:
DOMAIN: "axilleas.me"
before_script:
- apk -U add alpine-sdk nodejs
- npm install -g gitlab-letsencrypt
script:
- gitlab-le --domain $DOMAIN www.$DOMAIN --email $LE_EMAIL --repository $CI_PROJECT_URL --token $GITLAB_LE_TOKEN --path content/.well-known/acme-challenge --production
image: ubuntu
only:
- schedules
- schedules
script:
- apt-get update
- apt-get -yq install software-properties-common
- add-apt-repository ppa:certbot/certbot
- apt-get update
- echo "Europe/Paris" > /etc/timezone
- dpkg-reconfigure -f noninteractive tzdata
- sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen
- echo 'LANG="en_US.UTF-8"'>/etc/default/locale
- dpkg-reconfigure --frontend=noninteractive locales
- update-locale LANG=en_US.UTF-8
- apt-get -yq install python-certbot-apache
- apt-get -yq install curl
- certbot
#!/usr/bin/env bash
set -e
export ROOT_DOMAIN=$DOMAIN # Used by certbot hooks
certbot certonly --manual \
-n \
--manual-public-ip-logging-ok \
--text --agree-tos --email $LE_EMAIL \
--manual-auth-hook bin/certbot-authenticator \
--manual-cleanup-hook bin/certbot-cleanup \
--preferred-challenges dns \
--config-dir certbot/config \
--work-dir certbot/work \
--logs-dir certbot/logs \
-d $DOMAIN -d www.$DOMAIN
CERT_FILE=certbot/config/live/$DOMAIN/fullchain.pem
KEY_FILE=certbot/config/live/$DOMAIN/privkey.pem
curl \
--silent \
--fail \
--show-error \
-X PUT \
-H "PRIVATE-TOKEN: $GITLAB_LE_TOKEN" \
--form "certificate=@$CERT_FILE" \
--form "key=@$KEY_FILE" \
https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pages/domains/$DOMAIN > /dev/null
curl \
--silent \
--fail \
--show-error \
-X PUT \
-H "PRIVATE-TOKEN: $GITLAB_LE_TOKEN" \
--form "certificate=@$CERT_FILE" \
--form "key=@$KEY_FILE" \
https://gitlab.com/api/v4/projects/$CI_PROJECT_ID/pages/domains/www.$DOMAIN > /dev/null
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment