I made a nice, configurable wrapper around simp_le

This is a simple script designed to allow you to just dump a few site configs, add a cronjob and forget about the whole process of cert generation/renewal.

Criticism and contributions welcome.

3 Likes

I might be mistaken, but it looks like you’re creating an account per domain (and sub domains if you choose to not use “extra_domains”).

Wouldn’t it be nice to use the same account?

And there is no possibility so set a per domain web root. What are your thoughts on this? I guess you could make the web server handle all domains in the same root.

Other than the above it looks clean and simple.

Wouldn't it be nice to use the same account?

Limitation of simp_le as far as I can tell. It seems to require you to have all the files it generates dumped in the current folder.

And there is no possibility so set a per domain web root. What are your
thoughts on this? I guess you could make the web server handle all
domains in the same root.

simp_le has this functionality already, you just specify your domain in the domain's config as domain="example.com:/path/to/webroot"

Yes, but you could move a "global" account_key.json into the folder and delete it afterwards. This might be a bit messy though. Just a thought.

Well, yes, simp_le supports the "example.com:/path/to/webroot" syntax, but certgen is creating a folder based on $domain. It will fail due to the colon/missing sub path and you probably don't want to create the sub directories either. Also: find "${webroot}/.well-known/acme-challenge" -type f -delete wouldn't delete the files created.

If the wrapper should support per domain web roots I think the domain config should contain it's own webroot variable.

Well, yes, simp_le supports the "example.com:/path/to/webroot" syntax,
but certgen is creating a folder based on $domain. It will fail due to
the colon/missing sub path and you probably don't want to create the sub
directories either. Also: find "${webroot}/.well-known/acme-challenge" -type f -delete wouldn't delete the files created.

That's actually a really good point I hadn't considered. Fixed in Allow specifying a webroot per domain · TheReverend403/certgen@79b571c · GitHub