search

troykelly / hassio-addons-letsencrypt-lexicon

Home Assistant Addon that provides Let's Encrypt with Lexicon
Apache License 2.0
5 stars 2 forks source link

Question on this addon #5

Closed s3frank closed 3 years ago

s3frank commented 3 years ago

Hi Troy,

Thanks for creating this addon. I got it working with godaddy, much appreciated. Regarding the use of the addon, I hit start on the supervisor, it did the work and got the cert etc back. And then the addon exited I think. However it is my understanding the certs have a short lifespan and as such the addon needs to run regularly to refresh things.

How do I configure this? Should it be set to start on boot? Cron job to fire the container up on regular basis?

Would appreciate some guidance on this.

Cheers,

Frank

s3frank commented 3 years ago

Nevermind, figured it out. Using a sensor now and have put a flow in nodered to drive refresh 5 days before expiration. Thank you for making this addon.

tduffy83 commented 3 years ago

Frank, can you provide more instructions or a tutorial link on how you did this?

s3frank commented 3 years ago

Here's my working config with dummy data. This is for godaddy. You will need to create the key and secret with godaddy via: https://developer.godaddy.com/keys/

email: YOUREMAIL
domains:
  - FQDN #1
  - FQDN #2
certfile: fullchain.pem
keyfile: privkey.pem
dns:
  provider: godaddy
  godaddy_key: KEY
  godaddy_secret: SECRET
tduffy83 commented 3 years ago

I was more referring to the steps to get the sensor and nodered setup to auto renew the certs.

Interestingly I have the exact same config and it doesn't work for me on godaddy. Hopefully Troy can dig into what's failing.

s3frank commented 3 years ago

Ah ok.

The sensor only works after you have the addon working. It's an integration that you can add via the UI directly.

-FF

Sent from my mobile, powered by Frank's thumbs!

On Sat, Dec 5, 2020, 05:19 tduffy83 notifications@github.com wrote:

I was more referring to the steps to get the sensor and nodered setup to auto renew the certs.

Interestingly I have the exact same config and it doesn't work for me on godaddy. Hopefully Troy can dig into what's failing.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/troykelly/hassio-addons-letsencrypt-lexicon/issues/5#issuecomment-739026414, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQW7CSE2UPWIRARNYKUIELSTFG4VANCNFSM4UE7DXQQ .

tduffy83 commented 3 years ago

Ahh ok. Just out of curiosity have you tried renewing your cert files recently? I'm thinking Godaddy may have changed something to the API recently that causes this to no longer work. Otherwise I'm completely at a loss.

email: ted4q@virginia.edu
domains:
  - duffhome.dufflan.com
certfile: fullchain.pem
keyfile: privkey.pem
dns:
  provider: godaddy
  godaddy_key: XXXXXXXXXX
  godaddy_secret: XXXXXXXX
troykelly commented 3 years ago

Ahh ok. Just out of curiosity have you tried renewing your cert files recently? I'm thinking Godaddy may have changed something to the API recently that causes this to no longer work. Otherwise I'm completely at a loss. @tduffy83 replying in https://github.com/troykelly/hassio-addons-letsencrypt-lexicon/issues/6

s3frank commented 3 years ago

I have just updated the container to latest version 1.04 just now. Ran it and everything looks good.

The main thing I recall on the godaddy side is that you need to use a prod key / secret set. You get two choice when creating, prod was the only one that worked for me.

On Sat, Dec 5, 2020 at 12:21 PM Troy Kelly notifications@github.com wrote:

Ahh ok. Just out of curiosity have you tried renewing your cert files recently? I'm thinking Godaddy may have changed something to the API recently that causes this to no longer work. Otherwise I'm completely at a loss. @tduffy83 https://github.com/tduffy83 replying in #6 https://github.com/troykelly/hassio-addons-letsencrypt-lexicon/issues/6

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/troykelly/hassio-addons-letsencrypt-lexicon/issues/5#issuecomment-739122947, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQW7CXQIHJRJAD4VOCWGYLSTGYOLANCNFSM4UE7DXQQ .

-- Best regards,

-FF

tduffy83 commented 3 years ago

Frank,

Thank you for the reply. 1.0.4 fixes the issue with Godaddy. Care to detail your solution for auto-renewing the certs?

s3frank commented 3 years ago

My systems are on a backup schedule weekly. Low level block snapshots and I reboot them after that. The addon is set to run at boot.

It checks the cert and updated if needed. So far this has always happened before expiration :-)

-FF

Sent from my mobile, powered by Frank's thumbs!

On Sun, Dec 6, 2020, 08:36 tduffy83 notifications@github.com wrote:

Frank,

Thank you for the reply. 1.0.4 fixes the issue with Godaddy. Care to detail your solution for auto-renewing the certs?

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/troykelly/hassio-addons-letsencrypt-lexicon/issues/5#issuecomment-739436382, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQW7CUWCRKZYNPT5O2LCOTSTLGYFANCNFSM4UE7DXQQ .

troykelly commented 3 years ago

@tduffy83 I've added a little more information regarding what I do to the readme document here. Hope that helps.

tduffy83 commented 3 years ago

Very helpful and even avoids having to create sensor and use nodered. I've got the automation set up now. Now I've finally divorced myself from the buggy duckdns addon, thanks for creating this!