Certbot & Let's Encrypt

The following is what I use to issue or renew (manually) Let's Encrypt certificates for my home lab. I've got Certbot installed and use Cloudflare, so that is set up already. This single terminal command will issue for the TLD and give a wildcard certificate for all the subdomains.

certbot certonly \
  --agree-tos \
  --email [email protected] \
  -d tldomain.net \
  -d "*.tldomain.net" \
  --dns-cloudflare \
  --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini \
  --dns-cloudflare-propagation-seconds 120

Certbot stores certificates and private keys in a specific directory structure. By default, this is /etc/letsencrypt/live/your_domain_name.

Here's a breakdown:

Certificate: /etc/letsencrypt/live/your_domain_name/fullchain.pem
Private Key: /etc/letsencrypt/live/your_domain_name/privkey.pem

Renewing is easy with a single command:

certbot renew -v

The -v flag will enable verbose mode.

Updating Things Installed with Helper Scripts

Adding a Sub Domain Configs to NGINX

Allow SSH Logins to Debian LXC Containers

Reset LXC Password in the PVE

Certbot & Let's Encrypt

Linux Mail in Terminal

Update Timezone Data

Important File Locations

Add Storage to the PVE

Container Update Script

ZFS RAM Limits

Replace Drives in the ZPOOL

Certbot & Let's Encrypt