Does GL.iNet belong in your Home Network, and does it do VLANs? Hot Take! Flint
Reply
Your Boss Thinks You’re at Home… GL.iNet Flint 3
The Best Cheap Car Rental Hacks Nobody Talks About
Свързани със света както никога, откъснати един от друг повече от всякога
Карначета с бира на фурна
Beautiful Pictures
How To Install a 240 Volt Outlet | Electric Car Charging
WireGuard and pivpn
PiVPN (https://www.pivpn.io/) – You can install it on any Debian OS, including Ubuntu
Letsencrypt and Certbot
Certbot User Guide
https://eff-certbot.readthedocs.io/en/latest/using.html
Instructions to install Certbot and a DNS plugin:
https://certbot.eff.org/instructions?ws=nginx&os=snap&tab=wildcard
Request a certificate via Cloudflare plugin:
Remove Snap Certbot (if exists)
sudo snap remove certbot
Install Certbot via APT (Debian/Ubuntu package):
sudo apt update
sudo apt install certbot python3-certbot-dns-cloudflare
Request a certificate:
# certbot-dns-cloudflare plugin
# https://certbot-dns-cloudflare.readthedocs.io/en/stable/
sudo certbot certonly \
--dns-cloudflare \
--dns-cloudflare-credentials /root/.secrets/certbot/cloudflare.ini \
--dns-cloudflare-propagation-seconds 60 \
-d mycompliancetracker.com \
-d *.mycompliancetracker.com \
-d myctracker.com \
-d *.myctracker.com \
-d myctrackerpro.com \
-d *.myctrackerpro.com
cloudflare.ini content
# cloudflare.ini
# Cloudflare API token used by Certbot
# Get if from https://dash.cloudflare.com/profile/api-tokens
# You have to create a new one - you cannot see the value of an existing one.
# The token needs Zone:DNS:Edit permission
dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567
Change the permissions of the file:
chmod 600 cloudflare.ini
Test automatic renewal
sudo certbot renew --dry-run
Delete a certificate
certbot delete --cert-name mycompliancetracker.com
# or to choose from a list:
certbot delete
Sync the certificates
ssh-keygen -t rsa -b 4096 -C "Let's Encrypt sync key" -f ~/.ssh/letsencrypt_sync_key
ssh-copy-id ubuntu@dev-server.mycompliancetracker.com
ssh-copy-id -f -i ~/.ssh/letsencrypt_sync_key.pub -o IdentityFile=~/.ssh/dev-server.mycompliancetracker.com ubuntu@dev-server.mycompliancetracker.com
ssh-copy-id -f -i ~/.ssh/letsencrypt_sync_key.pub angel@ionos-ubuntu-01.anichin.com
-- Test to log in with the new key - Works
ssh -o 'IdentityFile=/root/.ssh/letsencrypt_sync_key' 'ubuntu@dev-server.mycompliancetracker.com'
ssh -o 'IdentityFile=/root/.ssh/letsencrypt_sync_key' 'angel@ionos-ubuntu-01.anichin.com'
ssh -o 'IdentityFile=/root/.ssh/letsencrypt_sync_key' 'root@ionos-ubuntu-01.anichin.com'
Transfer Certificates to Target Server
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/live/anichin.com && rsync" /etc/letsencrypt/live/anichin.com/ angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/live/anichin.com/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/archive/anichin.com && rsync" /etc/letsencrypt/archive/anichin.com/ angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/archive/anichin.com/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/renewal && rsync" /etc/letsencrypt/renewal/anichin.com.conf angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/renewal/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/live/pautalia.ca && rsync" /etc/letsencrypt/live/pautalia.ca/ angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/live/pautalia.ca/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/archive/pautalia.ca && rsync" /etc/letsencrypt/archive/pautalia.ca/ angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/archive/pautalia.ca/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/renewal && rsync" /etc/letsencrypt/renewal/pautalia.ca.conf angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/renewal/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/live/vickisplace.org && rsync" /etc/letsencrypt/live/vickisplace.org/ angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/live/vickisplace.org/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/archive/vickisplace.org && rsync" /etc/letsencrypt/archive/vickisplace.org/ angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/archive/vickisplace.org/
rsync -avz -e "ssh -i /root/.ssh/letsencrypt_sync_key" --rsync-path="mkdir -p /home/angel/letsencrypt/renewal && rsync" /etc/letsencrypt/renewal/vickisplace.org.conf angel@ionos-ubuntu-01.anichin.com:/home/angel/letsencrypt/renewal/
Option 1: Use sudo Without Password Prompt
sudo visudo
angel ALL=(ALL) NOPASSWD: /bin/systemctl reload nginx