I made a nice, configurable wrapper around simp_le


#1

This is a simple script designed to allow you to just dump a few site configs, add a cronjob and forget about the whole process of cert generation/renewal.

Criticism and contributions welcome.


#2

I might be mistaken, but it looks like you’re creating an account per domain (and sub domains if you choose to not use “extra_domains”).

Wouldn’t it be nice to use the same account?

And there is no possibility so set a per domain web root. What are your thoughts on this? I guess you could make the web server handle all domains in the same root.

Other than the above it looks clean and simple.


#3

Wouldn’t it be nice to use the same account?

Limitation of simp_le as far as I can tell. It seems to require you to have all the files it generates dumped in the current folder.

And there is no possibility so set a per domain web root. What are your
thoughts on this? I guess you could make the web server handle all
domains in the same root.

simp_le has this functionality already, you just specify your domain in the domain’s config as domain="example.com:/path/to/webroot"


#4

Yes, but you could move a “global” account_key.json into the folder and delete it afterwards. This might be a bit messy though. Just a thought.

Well, yes, simp_le supports the “example.com:/path/to/webroot” syntax, but certgen is creating a folder based on $domain. It will fail due to the colon/missing sub path and you probably don’t want to create the sub directories either. Also: find "${webroot}/.well-known/acme-challenge" -type f -delete wouldn’t delete the files created.

If the wrapper should support per domain web roots I think the domain config should contain it’s own webroot variable.


#5

Well, yes, simp_le supports the “example.com:/path/to/webroot” syntax,
but certgen is creating a folder based on $domain. It will fail due to
the colon/missing sub path and you probably don’t want to create the sub
directories either. Also: find “${webroot}/.well-known/acme-challenge” -type f -delete wouldn’t delete the files created.

That’s actually a really good point I hadn’t considered. Fixed in https://github.com/TheReverend403/certgen/commit/79b571c22ebf46a6756154f1605792eaab5ef64c