This app work along with certbot-cf-wildcard project for remote
trigger download certificates when it renew, a web-hook call will make this app process download
certificates to certs folder. After download success, it will execute all files have extension .sh or .bat
store in renewal_hooks/ folder (example: script to reload nginx), all scripts must mark executable.
- Create
.envfile from template.env_example, notes:CERTBOT_HOST: URL ofcertbot-cf-wildcardapp to download certificate filesAPP_TOKEN: this app token to allow remote trigger certificate downloadPORT: Application listen port
- Optional: Create a
renewal_hooksfolder, add script(s) you need to execute when web-hook trigger- The script file must have extension
shorbat - On Linux, run
chmod +xon script file to make it executable
- The script file must have extension
- Setup app environment (only support
python 3.5+):#!/bin/bash virtualenv venv source venv/bin/activate pip intall -r requirements.txt
- Start web server on port
9000:#!/bin/bash CURRENT=`pwd` PORT=9000 source venv/bin/activate gunicorn --bind 0.0.0.0:$PORT wsgi:app
- On server run
certbot-cf-wildcardapp, add a script inrenewal_hooksfolder, example:#!/bin/bash /usr/bin/curl --retry 3 --connect-timeout 10 -A "certbot-cf-wildcard" -H "Authorization: just-me" http://this-server-ip:9000/certbot?domain=foo.bar