nginx use duckdns addon cert

[LordVaderXIII]

Hi There

Is it possible to use the duckdns addons certs instead of the certbot ones here?

The key and certchain must be located in /ssl/letsencrypt/live/${certname}/privkey.pem and /ssl/letsencrypt/live/${certname}/fullchain.pem. A solution to obtain them is to used the certbot addon.

This part is the one thats causing me issues. Is there a way I can specify the cert location? My certs are in /ssl

edit: added where my certs are.

[ciotlosm]

@LordVaderXIII Currently cert path is hardcoded. It would require some work to add params for it. I think the reason it uses a different path is vhosts. This nginx supports multiple domains, each with it's own certificate.

Using certbot is straight forward, you could easily just disable duckdns letsencrypt and use certbot

[bestlibre]

An option could be added to overwrite the certificates path. The vhost template could be modify to use this path instead of /ssl/letsencrypt/live/{{certname}}/.

Howerver :

• the certname would still be needed, if only to trigger the generation of ssl conf,
• I cannot test it, you will need to implement it, and propose a PR. -it is better if you can use the solution proposed by @ciotlosm

The template modification should be something like (with certdir as the new option) :

ssl_trusted_certificate {{^certdir}}/ssl/letsencrypt/live/{{certname}}{{/certdir}}{{#certdir}}{{certdir}}{{/certdir}}/chain.pem;
ssl_certificate {{^certdir}}/ssl/letsencrypt/live/{{certname}}{{/certdir}}{{#certdir}}{{certdir}}{{/certdir}}/fullchain.pem;
ssl_certificate_key {{^certdir}}/ssl/letsencrypt/live/{{certname}}{{/certdir}}{{#certdir}}{{certdir}}{{/certdir}}/privkey.pem;

[bestlibre]

I will close this old issue. Feel free to reopen if needed.