Coder Social home page Coder Social logo

letsenc_cpanel's Introduction

letsenc_cpanel

Script for automatic creation let's encrypt certs and configs for cpanel's apache

====== Automatic installation ====== Download [[https://raw.githubusercontent.com/besco/letsenc_cpanel/master/LE_cpanel_certs.py|script]]. \ Type commands: wget https://raw.githubusercontent.com/besco/letsenc_cpanel/master/LE_cpanel_certs.py chmod +x ./LE_cpanel_certs.py ./LE_cpanel_certs.py

Output after running the script Error! Not enough parameters

Usege LE_cpanel_certs.py with parametres: For create new certs: LE_cpanel_certs.py --create --email=[email protected] -d domain1.tld www.domain2.tld subdomain.domain3.tld

==== How the script works ====

This script reads from config of the Apache /etc/httpd/conf/httpd.conf all virtual hosts and all aliases for each virtual host. If in the config there is a domain specified in the parameters, script create a certificate for all aliases of the domain. For example: NameVirtualHost ip_addr:80 ServerName hyperfy.zinng.com ServerAlias hyperfy.com mail.hyperfy.com www.hyperfy.zinng.com www.hyperfy.com Apache config has a virtual host with the ServerName hyperfy.zinng.com and aliases **hyperfy.com mail.hyperfy.com www.hyperfy.zinng.com www.hyperfy.com**,the script will make the certificate for all aliases (hyperfy.com mail.hyperfy.com www.hyperfy.zinng.com www.hyperfy.com). The script then generates a configuration file for Apache with SSL and write it to the /etc/httpd/conf/includes/ssl_SPECIFIED_DOMAIN.conf and add include this file to /etc/httpd/conf/includes/post_virtualhost_global.conf. \ \ Also, the script will download certbot script and cron script.

====== First time installation by hands ======

For first download and copy certbot-auto to /etc/letsencrypt/You want to make a certificate for a different domain? cd /etc/letsencrypt/ wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto

then create new certificates (change path to web docroot and domains) : /etc/letsencrypt/certbot-auto certonly --webroot -w /home/gethyper/public_html/hyperfy.com -d www.hyperfy.com -d hyperfy.com (If you ran script first time, you must enter admin email and agree licence)

After that download script for renew certs to cron: cd /etc/cron.daily/ wget https://raw.githubusercontent.com/evandiamond/le-update/master/renew_script_linux.sh chmod +x renew_script_linux.sh

if you use cpanel, create new config file /etc/httpd/conf/includes/ssl_hyperfy.com.conf, add lines (change the domain to your): (In fact, you need to look at the configuration of the domain without SSL, that would make a similar configuration for SSL. I did just that.)

ServerName hyperfy.com #<------------- change it ServerAlias www.hyperfy.com #<------------- change it DocumentRoot /home/gethyper/public_html/hyperfy.com #<------------- change it ServerAdmin [email protected] #<------------- change it UseCanonicalName Off CustomLog /usr/local/apache/domlogs/hyperfy.zinng.com combined #<------------- change it SSLEngine on SSLOptions +StrictRequire SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128- GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$ SSLCertificateFile /etc/letsencrypt/live/www.hyperfy.com/fullchain.pem #<------------- change it SSLCertificateKeyFile /etc/letsencrypt/live/www.hyperfy.com//privkey.pem #<------------- change it

SSLVerifyClient none SSLProxyEngine off

AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl

CustomLog /usr/local/apache/domlogs/hyperfy.zinng.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." #<------------- change it ## User gethyper # Needed for Cpanel::ApacheConf UserDir enabled gethyper #<------------- change it SSILegacyExprParser On suPHP_UserGroup gethyper gethyper SuexecUserGroup gethyper gethyper RMode config RUidGid gethyper gethyper AssignUserID gethyper gethyper ScriptAlias /cgi-bin/ /home/gethyper/public_html/hyperfy.com/cgi-bin/ #<------------- change it ---------------------

Make sure that file included from the main config /etc/httpd/conf/httpd.conf on last line: \ **Include "/usr/local/apache/conf/includes/ssl_hyperfy.com.conf" ** and restart apache: /etc/init.d/httpd restart

letsenc_cpanel's People

Contributors

besco avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.