I issued the original Let's Encrypt certificates for deconst.horse by hand, which was awkward. This takes it a step further and automates certificate (re-)issuance so that I can roll new certs more easily the next time that they expire.
I'll still need to run the script by hand, but it should take minutes instead of days. It's also not downtime-free because I'm pointing all of the CLBs to a single host to reissue.
This is kind of hacky so I may or may not end up merging this. I'll keep it around in this branch at least. If I do decide to merge it, I'll at least need to:
[ ] Generate the list of SANs from credentials.yml vars
I issued the original Let's Encrypt certificates for deconst.horse by hand, which was awkward. This takes it a step further and automates certificate (re-)issuance so that I can roll new certs more easily the next time that they expire.
I'll still need to run the script by hand, but it should take minutes instead of days. It's also not downtime-free because I'm pointing all of the CLBs to a single host to reissue.
This is kind of hacky so I may or may not end up merging this. I'll keep it around in this branch at least. If I do decide to merge it, I'll at least need to:
credentials.ymlvars