Skip to content
/ serverpilot-letsencrypt Public

Automate the installation of Let's Encrypt SSL on the free plan of ServerPilot

123 stars 32 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rehmatworks/serverpilot-letsencrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

97 Commits
.github
.github
 
 
rwssl
rwssl
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
rwssl.png
rwssl.png
 
 
setup.py
setup.py
 
 

Repository files navigation

Try a Free Control Panel

I like ServerPilot a lot. How it configures the LAMP/LEMP stack and how it makes use of ACLs to give the secure access to individual users is really great. But I don't like a few things about it:

  1. It is entirely paid
  2. You need to give your server access away

To overcome these issues, I have come up with a free control panel. I have followed the best practices from ServerPilot in configuring NGINX, Apache, MySQL, and PHP as well as I have used a similary directory structure and I have made a similar use of ACLs. But it is entirely self-hosted. You can use my developed control panel to deploy and manage multiple PHP websites on a single server. It is entirely open source and free!!

** If you like it, consider giving it a star. I'll try to update this ServerPilot Let's encrypt automation script too.**

ServerPilot Let's Encrypt (rwssl) v2.x

This Python utility allows you to automate the installation/uninstallation of SSL certificates from Let's Encrypt on ServerPilot servers. Both free servers (from old grand-fathered plan) and servers on premium plans are supported.

serverpilot-letsencrypt

Getting Started

First of all, sign in as root user (or with sudo privileges). Now remove the very old script if you are still using it:

rm /usr/local/bin/rwssl

And then install some needed packages:

apt-get update  && \
apt-get -y install python3-pip build-essential libssl-dev libffi-dev python3-dev

Uninstall older version if exists:

pip3 uninstall -y rwssl

And then install the latest version from PyPi:

pip3 install rwssl==2.0.4

Verify that the installation worked. This should bring up the help menu for rwssl:

rwssl -h

The alternate way to install rwssl is by cloning the repository:

cd ~/ && \
git clone https://github.com/rehmatworks/serverpilot-letsencrypt  && \
cd serverpilot-letsencrypt && \
pip3 install -r requirements.txt && \
python3 setup.py install

Only Python 3.5 and up supported so you shoul install & use rwssl package using pip3 and Python 3.x.

Available Commands with Examples:

Once rwssl is installed, a command rwssl will become available in your terminal. You will have access to the following sub-commands in order to manage your server.

Update: Please note that old commands aren't available anymore due to a recent major upgrade. Please check below table for new commands that come with rwssl. You can get help by typing rwssl -h as well.

Command Details Examples
getcert Get letsencrypt cert for an app. rwssl getcert --app foo
getcerts Get letsencrypt certs for all apps. rwssl getcerts for all users apps or rwssl getcerts --user john for john's apps
removecert Uninstall SSL cert from an app. rwssl removecert --app foo
removecerts Uninstall SSL certs for all apps. rwssl removecerts for all users apps or rwssl removecerts --user john for john's apps
forcessl Force SSL certificate for an app. rwssl forcessl --app foo
unforcessl Unforce SSL certificate for an app. rwssl unforcessl --app foo
forceall Force HTTPs for all apps. rwssl forceall for all users apps or rwssl forceall --user john for john's apps
unforceall Unforce HTTPs for all apps. rwssl unforceall for all users apps or rwssl unforceall --user john for john's apps

You can use rwssl -h command to get to the help page on above commands.

Uninstall

To uninstall rwssl completely, run:

pip3 uninstall rwssl

As a CRON job is added for SSL renewals by rwssl, you can remove the CRON file by running:

rm /etc/cron.weekly/rwssl-sslrenewals

Moreoever, a conf file acme.conf is created in conf directory of each app in vhosts.d. You should delete them as well. For example, if your app name is example, you should delete the conf file /etc/nginx-sp/vhosts.d/example.d/acme.conf. Repeat this step for each app where you used rwssl to get the SSL certificates.

That's all!

Changelog

[2.0.4] - 2020-07-19

A minor upgrade that addresses renewal CRON issue and DNS-related bug.

Fixes

  • Fixed invalid DNS bug
  • Fixed renewal cron file generation

[2.0.0] - 2020-04-18

A major upgrade that addresses all reported bugs including SSL renewals.

Changes

  • Custom path is used to store SSL certificates
  • Certificate is named after app name (Addresses missing cert path issue)
  • Improved vhost file parsing to get app details
  • Dropped support for Python 2.x (Only Python 3.x is supported)
  • Using Let's Encrypt staging server (via dry-run) for domain validation (To address quota issues)

Added

  • Using Jinja template engine to generate virtual host files from templates
  • Using a custom ACME verification location (To avoid initial verifications & renewal issues)
  • Using latest certbot Python package
  • ACME v2 protocol support
  • Added validation after vhost files are written (and changes are reverted if errors encountered)

Bugs & Suggestions

For security-related issues, please email me at [email protected] and for common bug reports / feature requests, use the issues section.

About

Automate the installation of Let's Encrypt SSL on the free plan of ServerPilot

Topics

python letsencrypt nginx ssl cron https apache pip certbot renewal serverpilot

Resources

Readme
Activity

Stars

123 stars

Watchers

17 watching

Forks

32 forks
Report repository

Releases

1 tags

Sponsor this project

Packages

No packages published

Languages