Last active
August 2, 2019 17:33
-
-
Save heisian/4e15b6f3058c61cd6883d92e4d40562c to your computer and use it in GitHub Desktop.
OpenVPN Access Server w/ LetsEncrypt for Web UI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Modified from https://gist.github.com/HighMacGuy/3cf42ce21d3bd923f2440f9938e2f664 | |
| cert-name = yourdomain.com | |
| rsa-key-size = 4096 | |
| email = [email protected] | |
| domains = vpn.ethoslife.com | |
| agree-tos = True | |
| # Would need to automate the process of adding a | |
| # TXT record in Route53 for this to be automated: | |
| manual = True | |
| preferred-challenges = dns | |
| # non-interactive True | |
| # /usr/local/openvpn_as/scripts/ should be in the $PATH for these to work: | |
| pre-hook = sacli Stop | |
| post-hook = sacli Start |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies | |
| apt-get update | |
| apt-get install software-properties-common | |
| add-apt-repository ppa:certbot/certbot | |
| apt-get install certbot | |
| apt-get update | |
| certbot certonly --config first_run.ini | |
| export DOMAIN=yourcomain.com | |
| # Update OpenVPN's db | |
| /usr/local/openvpn_as/scripts/confdba -mk cs.ca_bundle -v "`cat /etc/letsencrypt/live/$DOMAIN/fullchain.pem`" | |
| /usr/local/openvpn_as/scripts/confdba -mk cs.priv_key -v "`cat /etc/letsencrypt/live/$DOMAIN/privkey.pem`" > /dev/null | |
| /usr/local/openvpn_as/scripts/confdba -mk cs.cert -v "`cat /etc/letsencrypt/live/$DOMAIN/cert.pem`" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment