aljaz/bitcoin-tutorials
1
1
Fork 0
mirror of https://github.com/openoms/bitcoin-tutorials.git synced 2025-12-19 12:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
eda4873841e2d14c6ae4299ef2b05bb127eb67d2
bitcoin-tutorials/electrs/modules/certbot.sh
openoms f1914ff6a1 electrs: reorganize files
2019-09-22 01:21:25 +01:00

84 lines
2.1 KiB
Bash
Raw Blame History

# For the certificate to be obtained successfully a dynamic DNS and port forwarding is needed
# Need to forward port 80 to the IP of your RaspiBlitz for certbot
# Forward port 50002 to be able to access you electrs from outside of your LAN
# https://www.raspberrypi.org/documentation/remote-access/web-server/nginx.md
echo ""
echo "***"
echo "Please type the domain/dynamicDNS you want to use for Electrs and press [ENTER]"
read YOUR_DOMAIN
echo ""
echo "***"
echo "Please type an email that will be used to register the SSL certificate and press [ENTER]"
read YOUR_EMAIL
echo ""
echo "***"
echo "Please confirm that the port 80 is forwarded to the IP of the RaspiBlitz by pressing [ENTER]"
read key
echo "allow port 80 on ufw"
sudo ufw allow 80
# https://certbot.eff.org/lets-encrypt/debianother-nginx
echo ""
echo "***"
echo "Installing certbot"
echo "Will ask for an email address and a domain name - a dynamic DNS can be used"
echo "Use the default settings in the other options"
echo "***"
echo ""
#wget https://dl.eff.org/certbot-auto
#chmod +x certbot-auto
#sudo ./certbot-auto --nginx
sudo apt install -y certbot
# get SSL cert
sudo certbot certonly -a standalone -m $YOUR_EMAIL --agree-tos -d $YOUR_DOMAIN --pre-hook "service nginx stop" --post-hook "service nginx start"
# Your certificate and chain have been saved at:
# /etc/letsencrypt/live/$YOUR_DOMAIN/fullchain.pem
# Your key file has been saved at:
# /etc/letsencrypt/live/$YOUR_DOMAIN/privkey.pem
echo ""
echo "***"
echo "Setting up certbot-auto renewal service"
echo "***"
echo ""
echo "
[Unit]
Description=Certbot-auto renewal service
[Timer]
OnBootSec=20min
OnCalendar=*-*-* 4:00:00
[Install]
WantedBy=timers.target
" | sudo tee -a /etc/systemd/system/certbot.timer
echo "
[Unit]
Description=Certbot-auto renewal service
After=bitcoind.service
[Service]
WorkingDirectory=/home/admin/
ExecStart=sudo certbot renew --pre-hook \"service nginx stop\" --post-hook \"service nginx start\"
User=admin
Group=admin
Type=simple
KillMode=process
TimeoutSec=60
Restart=always
RestartSec=60
" | sudo tee -a /etc/systemd/system/certbot.service
sudo systemctl enable certbot.timer
Reference in New Issue View Git Blame Copy Permalink