How to renew SSL with certbot via AWS Beanstalk commands?


#1

Continuing the discussion from Updating my e-mail address with certbot:

How can I renew this way with AWS Beanstalk file commands?

I have a file with all commands to build a website in AWS EBS.

The file that call to certbot command as below.
This is a good sh file. I still working with it until works fine.

/etc/letsencrypt/configs/generate-cert.sh:
    mode: "000664"
    owner: root
    group: root
    content: |
      #!/bin/sh

      _EMAIL=
      _DOMAIN=

      while getopts ":e:d:" OPTION;
      do
        case "${OPTION}" in
          "e") _EMAIL="${OPTARG}";;
          "d") _DOMAIN="${OPTARG}";;
        esac
      done

      if [ -z "${_EMAIL}" ]; then
        echo "Param email isn't specified!"
      fi

      if [ -z "${_DOMAIN}" ]; then
        echo "Param domain isn't specified!"
      fi

      if [ -n "$_EMAIL" ] && [ -n "$_DOMAIN" ]; then
        cd /opt/certbot/
        ./certbot-auto certonly \
          --debug --non-interactive --email ${_EMAIL} \
          --webroot -w /usr/share/nginx/html --agree-tos -d ${_DOMAIN} --keep-until-expiring
      fi

      if [ $? -ne 0 ]
        then
          ERRORLOG="/var/log/letsencrypt/letsencrypt.log"
          echo "The Let's Encrypt cert has not been renewed!\n" >> $ERRORLOG
        else
          /etc/init.d/nginx reload
        fi
      
      exit 0
  • – I think that this sh file needs to more information about the website and me.

The container commands as below:

container_commands:
  00_removeconfig:
    command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
  01_copy_conf_file:
    command: "cp /etc/letsencrypt/configs/http_proxy.pre /etc/nginx/conf.d/http_proxy.conf; /etc/init.d/nginx reload"
  02_createdir:
    command: "mkdir /opt/certbot || true"
  03_installcertbot:
    command: "wget https://dl.eff.org/certbot-auto -O /opt/certbot/certbot-auto"
  04_permission:
    command: "chmod a+x /opt/certbot/certbot-auto"
  05_getcert:
    command: "sudo sh /etc/letsencrypt/configs/generate-cert.sh -e ${CERT_EMAIL} -d ${CERT_DOMAIN}"
  06_link:
    command: "ln -sf /etc/letsencrypt/live/${CERT_DOMAIN} /etc/letsencrypt/live/ebcert"
  07_copy_ssl_conf_file:
    command: "cp /etc/letsencrypt/configs/https_custom.pos /etc/nginx/conf.d/https_custom.conf; /etc/init.d/nginx reload"
  08_cronjob_renew:
    command: "sudo sh /etc/letsencrypt/configs/generate-cert.sh -e ${CERT_EMAIL} -d ${CERT_DOMAIN}"

The command 08_cronjob_renew is lot there, but it can run to renew in somewhere.

Please I need a help.


Web Hosting who support Let's Encrypt
closed #3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.