ledil · February 7, 2018 22:25
diff --git a/gistfile1.txt b/gistfile1.txt
 # first haproxy entry

 frontend fe-scalinglaravel
    bind *:80

    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
    use_backend letsencrypt-backend if letsencrypt-acl

    default_backend test

 # LE Backend
 backend letsencrypt-backend
    server letsencrypt 127.0.0.1:8888

 # Normal (default) Backend
 # for web app servers
 backend test
    # Config omitted here
    
    
 # sudo certbot certonly --standalone -d testo.de -d www.testo.de \
    --non-interactive --agree-tos --email lala@lala.de \
    --http-01-port=8888
    
 sudo mkdir -p /etc/ssl/testo.de
 sudo cat /etc/letsencrypt/live/www.testo.de/fullchain.pem \
    /etc/letsencrypt/live/www.testo.de/privkey.pem \
    | sudo tee /etc/ssl/www.testo.de/www.testo.de.pem
    
 # new haproxy config
 frontend fe-scalinglaravel
    bind *:80
    bind *:443 ssl crt /etc/ssl/www.testo.de/www.testo.de.pem
    redirect scheme https code 301 if !{ ssl_fc }
    acl letsencrypt-acl path_beg /.well-known/acme-challenge/
    use_backend letsencrypt-backend if letsencrypt-acl
    default_backend test

 # LE Backend
 backend letsencrypt-backend
    server letsencrypt 127.0.0.1:8888
 backend test
    # Config omitted here
    
 # put this in /etc/cron.d/certbot
 0 0 1 * * root bash /opt/update-certs.sh

 # create /opt/update-certs.sh
 #!/usr/bin/env bash
 certbot renew --force-renewal --tls-sni-01-port=8888
 bash -c "cat /etc/letsencrypt/live/www.testo.de/fullchain.pem /etc/letsencrypt/live/www.testo.de/privkey.pem > /etc/ssl/www.testo.de/www.testo.de.pem"
 service haproxy reload

 # service cron restart
 # service haproxy reload
	# first haproxy entry

	frontend fe-scalinglaravel
	bind *:80

	acl letsencrypt-acl path_beg /.well-known/acme-challenge/
	use_backend letsencrypt-backend if letsencrypt-acl

	default_backend test

	# LE Backend
	backend letsencrypt-backend
	server letsencrypt 127.0.0.1:8888

	# Normal (default) Backend
	# for web app servers
	backend test
	# Config omitted here


	# sudo certbot certonly --standalone -d testo.de -d www.testo.de \
	--non-interactive --agree-tos --email lala@lala.de \
	--http-01-port=8888

	sudo mkdir -p /etc/ssl/testo.de
	sudo cat /etc/letsencrypt/live/www.testo.de/fullchain.pem \
	/etc/letsencrypt/live/www.testo.de/privkey.pem \
	\| sudo tee /etc/ssl/www.testo.de/www.testo.de.pem

	# new haproxy config
	frontend fe-scalinglaravel
	bind *:80
	bind *:443 ssl crt /etc/ssl/www.testo.de/www.testo.de.pem
	redirect scheme https code 301 if !{ ssl_fc }
	acl letsencrypt-acl path_beg /.well-known/acme-challenge/
	use_backend letsencrypt-backend if letsencrypt-acl
	default_backend test

	# LE Backend
	backend letsencrypt-backend
	server letsencrypt 127.0.0.1:8888
	backend test
	# Config omitted here

	# put this in /etc/cron.d/certbot
	0 0 1 * * root bash /opt/update-certs.sh

	# create /opt/update-certs.sh
	#!/usr/bin/env bash
	certbot renew --force-renewal --tls-sni-01-port=8888
	bash -c "cat /etc/letsencrypt/live/www.testo.de/fullchain.pem /etc/letsencrypt/live/www.testo.de/privkey.pem > /etc/ssl/www.testo.de/www.testo.de.pem"
	service haproxy reload

	# service cron restart
	# service haproxy reload