Option to install Let's Encrypt

letsencrypt

#1

How about incorporating Let’s Encrypt into the core as per instructions here?

From the thread, it seems to be a feature many would appreciate. For me, it’s the only extra thing I setup after running Quickbox install.


#2

hard to make a installer off it as there are user steps needed and they just changed the cert like in the last month where they ask if you wanna get spam email well moreless lol


#3

Not really need to make another installer, we could simply run their certbot installer at the end of Quickbox installation. Or if we want to run it non-interactive, just need to pass - -non-interactive and specify a configure file with --config cli.ini


#4

I don’t imagine it would be too difficult to have a prompt during the initial setup asking “would you like to enable SSL with let’s encrypt?”

Then just run the certbot commands found here:

The problem would be getting the sed command to run at the end to point apache back to /srv instead of …/www

To be honest though, it’s not that hard to do manually following the guide in the wiki


#5

I wish it was that easy, however; the good news is that this is something I have been working on for quite some time… so it’s no wonder this gets requested now!

Here ya go!

Note: I tested this on a quick DigitalOcean droptlet. I am willing to setup a temporary testing subdomain to anyone willing to test this. These subdomains for testing will be named dev-USERNAME.quickbox.io along with the IP of your server. This will additionally overwrite the default SSLCertificateFile and SSLCertificateKeyFile in your /etc/apache2/sites-enabled/default-ssl.conf

ALSO::: I wouldn’t run this on a production server with SSL already installed just yet… anyone seeing this package and running it over their current install without testing… you’ve been warned.

The commit package that does this:
https://github.com/QuickBox/quickbox_packages/blob/master/package/install/installpackage-letsencrypt


#6

Hey bud, Ill spin up a vm tomorrow and try this out. no need to worry about a domain, I’ll create a sub domain to test with.

Anything in particular you want me to watch out for?

Edit: one of the problems I find with letsencrypt is only root has access to the folder with cert.pem and privkey.pem - meaning you have to cat them out to a different file for things like deluge to use them, with this acme script we won’t have that problem?


#7

Yes, it not working :stuck_out_tongue:

Absolutely. Take note of the following lines as these are responsible for placing them in the script created /etc/apache2/ssl/ directory.

https://github.com/QuickBox/quickbox_packages/blob/master/package/install/installpackage-letsencrypt#L30-L31


#8

Looking great!

I just did a quick test on a fresh VPS by manually executing ./installpackage-letsencrypt after running Quickbox installation, and it works well. Now just need to add it to the dashboard.


#9

It will be added and another announce made tomorrow more than likely.