search

owntracks / quicksetup

A (mostly) automated installer for OwnTracks Recorder, Frontend with MQTT and Let's Encrypt
https://owntracks.org/booklet/guide/quicksetup/
12 stars 3 forks source link

DNS Challenge #54

Open Cyber-Ard opened 1 month ago

Cyber-Ard commented 1 month ago

Hi, would it be possible to use the Let's Encrypt DNS Challenge when running your quickstart script rather than the HTTP challenge? Port 80 is not allowed to be open on our firewall.

jpmens commented 1 month ago

Technically it would be possible and DNS-01 is actually the Let's Encrypt challenge I use most, but we took the decision for Quicksetup that the HTTP-01 challenge would be much easier for most users.

Let's not forget that DNS-01 means having an infrastructure at which DNS updates can be dynamically performed, and that is definitely not what many users have.

That said, if you would want to provide patches for Quicksetup to do DNS-01 alternatively to HTTP-01, we would like to have that as an option.

jpmens commented 1 month ago

I should probably add, that if you already do DNS-01 and have the key & certificates issued, you could periodically copy them onto the OwnTracks Quicksetup machine and disable our Let's Encrypt machinery.