[Question] Cert Renewals

[jlippold]

I'm running netmaker on a linux ubuntu EC2 instance on AWS.

I used the quick-start script a few months back, but recently the certs expired. How do I go about renewing the ssl certs? I'm having a hard time following the docs on renewing. https://docs.netmaker.org/quick-start.html#get-certificates Do I have to access the running container to execute those commands? How do I do that?

I can login to the server as root, and I can access the docker-compose.yml, snippet pasted below.

services:
  netmaker:
    container_name: netmaker
    image: gravitl/netmaker:v0.17.1-ee
    cap_add:
      - NET_ADMIN
      - NET_RAW
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv6.conf.all.disable_ipv6=0
      - net.ipv6.conf.all.forwarding=1
    restart: always
    volumes:
      - dnsconfig:/root/config/dnsconfig
      - sqldata:/root/data
      - mosquitto_data:/etc/netmaker
    environment:

How to I trigger certbot/letsencrypt to renew the certs?

Thanks for the help!

[jlippold]

Some time after I setup netmaker, I must have reviewed the security group and removed public access to 80. Since I was serving the netmaker ui on 443, i didnt see any reason to keep 80 open. Months later, it turns out that certbot needs access to 80 to renew certs. I just had to reopen 80 to the world. I found this out by re-running the quickscript script which logged Timeout during connect (likely firewall problem), which forced me to dig deeper.

Thanks anyways