ethauvin
Using the script with GitLab CI/CD
Hello,
First of all, I appreciate the work you have put into the script, so thank you!
I managed to run it with GitLab CI/CD, as I believe @Zeioth has done (I put my .gitlab-ci.yml settings at the bottom of this post) but I had questions regarding the next steps after successful completion of the script:
- How can I actually save the fullchain.pem and privkey.pem that cerbot generates if I'm running a venv on GitLab?
- My site is also hosted on NameSilo. Would I need to manually insert the certificate details in my cPanel each time I run the script? Are you also hosting your site with this provider and have you managed to automate this process somehow?
I would appreciate any guidance at all, thank you so much in advance.
image: python:latest
stages:
- build
- test
- deploy
variables:
PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"
cache:
paths:
- .cache/pip
- venv/
before_script:
- pip install virtualenv
- virtualenv venv
- source venv/bin/activate
install:
stage: build
script:
- pip install tldextract untangle
- pip install certbot
renew:
stage: test
script:
- chmod +x ./authenticator.py
- chmod +x ./cleanup.py
- certbot certonly -v --manual --email [email protected] --agree-tos --manual-public-ip-logging-ok --preferred-challenges=dns --manual-auth-hook ./authenticator.py --manual-cleanup-hook ./cleanup.py -d *.xyz.com -d xyz.com
success:
stage: deploy
script:
- echo "SSL certificate renewed succesfully!"
You might want to talk with @Zeioth. I believe he's using the script with GitLab.
@ethauvin Thank you for getting back to me. The script completes successfully now and does indeed write the necessary records.
@Zeioth, If you have any time to spare, I would appreciate if you could help me understand the points raised in the original post?
I have updated the post to reflect the current situation and added my gitlab-ci.yml file.
Thank you both for your help.