Open nickdbush opened 6 years ago
tonioo
commented
6 years ago I don't think it should be too complicated to introduce wildcard certificate support but it would be linked to the created nginx virtualhost... Can you explain your idea a bit more please?
tonioo
commented
6 years ago @nickdbush ping
nickdbush
commented
6 years ago So I wanted to host Nextcloud on the same server, so I had to manually recreate the SSL certificate with more domain names. However, now that Lets Encrypt offers wildcard certificates, we could produce a certificate for the entire domain when installing modoboa.
tonioo
commented
6 years ago Ok I understand.
rolandf
commented
4 years ago I just implemented that using DNS-01 / dns-rfc2136 method with bind9 on Ubuntu 18.04. To make it work the right version of certbot should be on the system (certbot-dns-rfc2136), and bind9 configured to allow updates with grant update to a tsig key. At this time it's a mix of custom ansible scripts that install bind9 and modified modoboa-installer script that does next to nothing as the ansible script did most of the work. In it's current state it's a bit ugly. @tonioo if you agree to give guidance I can tidy it a bit and do a pull request.
tonioo
commented
4 years ago @rolandf I think it's a different subject. If I understand well, what you propose it to add support for DNS zone management to the installer?
rolandf
commented
4 years ago @tonioo I reflected a bit more and I think that there may be too many way of thinking about how to deploy the DNS. Maybe a middle ground would be to have 3 options for modoboa-installer (1 - self signed, 2 - LetsEncrypt, 3 - It has already been taken care of, please use following certificate
Dragnell87
commented
3 years ago I just implemented that using DNS-01 / dns-rfc2136 method with bind9 on Ubuntu 18.04. To make it work the right version of certbot should be on the system (certbot-dns-rfc2136), and bind9 configured to allow updates with grant update to a tsig key. At this time it's a mix of custom ansible scripts that install bind9 and modified modoboa-installer script that does next to nothing as the ansible script did most of the work. In it's current state it's a bit ugly. @tonioo if you agree to give guidance I can tidy it a bit and do a pull request.
Sorry, i know is a old topic, but is this available anywhere ?
Does/will modoboa-installer support LetsEncrypt wildcard certificates? This would make provisioning the rest of the server easier as we only have to deal with the one certificate. I love the project, and it makes setting up my email a breeze for which I will be forever indebted!