redteaminfra / redteam-infra

100 stars 25 forks source link

Automate Let's Encrypt SSL Certificate Renewal #119

Open 0xBienCuit opened 2 months ago

0xBienCuit commented 2 months ago

Summary

This pull request automates the renewal of Let's Encrypt SSL certificates, addressing the manual and error-prone process. Key changes include:

Nginx Configuration Update:
- Added a location block to allow the ACME challenge to pass through.
Certificate Renewal Script:
- Created renew_certificates.sh to handle the renewal process using certbot.
- Placed the script in ansible/roles/openresty/files/.
Ansible Playbook Update:
- Added renew_certificates.yml to deploy the script and set up a cron job.
- Updated site.yml to include the new playbook.

Changes

Nginx Configuration:
- Updated to allow the ACME challenge to pass through.
Certificate Renewal Script:
- Created a script to automate the renewal process and reload Nginx.
Ansible Playbook:
- Added a playbook to deploy the script and set up a cron job.
- Updated the main site playbook to include the new playbook.

Notes

Still in the process of trying to get my cloud provider accounts setup, hence I wasn't able to test it using this repository.
Ideally if necessary am willing to make a smaller version on my own repo with only access to AWS to verify it.

devzspy commented 2 months ago

Resolves #82 if merged