Bot that creates/distributes/updates certificates for a supplied subdomain and a known domain. To be used on a Google Cloud machine and Let's Encrypt's bash client dehydrated.sh.
Python 2.7 environment
Let's Encrypt shell client dehydrated
curl -sL https://github.com/lukas2511/dehydrated/archive/v0.4.0.tar.gz | tar xz
Assuming your domain is your-domain.com
that is under your-zone
zone in your Google Cloud DNS records,
-
You must be authenticated with
gcloud
, rungcloud auth login
. -
Set the correct Google Cloud project
gcloud config set project $GCLOUD_PROJECT_NAME
. -
Your
gcloud
account must have access to modify DNS entries of the aforementioned Google Cloud zone of that project.
In a new directory
git clone https://github.com/alexandresobolevski/le-bot.git
cd le-bot
pip install -r requirements.txt
- Duplicate the file
credentials-example.sh
ascredentials.sh
and modify the entriesZONE_NAME
andDNS_DOMAIN
to your Google Cloud DNS zone name and domain respectively i.e.
ZONE_NAME="your-zone"
DNS_DOMAIN="your-domain.com"
- Start the bot server:
python le-server.py 9090
- Post a request to the server to obtain the certificate as shown in the screenshot below,
- Write the response from the bot (as seen above) to files (
cert.pem
andkey.pem
) and save the receivedsubdomain
. Your certificates will work for a server hosted onsubdomain.your-domain.com:${port}
. Use created files (cert and key) when starting an HTTPS server.
-
Duplicate (if not yet done)
credentials-example.sh
ascredentials.sh
and modify the entriesZONE_NAME
andDNS_DOMAIN
to your Google Cloud DNS zone name and domain respectively as well as the Plotly credentials (PLOTLY_API_KEY
,PLOTLY_USERNAME
andPLOTLY_ACCESS_KEY
) i.e. -
Run the tests.
source credentials.sh && python test.py