letsencrypt
Ansible
Our great sponsors
letsencrypt | Ansible | |
---|---|---|
21 | 391 | |
30,817 | 61,137 | |
0.6% | 1.1% | |
9.0 | 9.8 | |
16 days ago | 3 days ago | |
Python | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
letsencrypt
-
ACME with Google Domains using a DNS Zone in GCS DNS
This seems to be not implemented in certbot, yet: https://github.com/certbot/certbot/issues/6566
-
OpenSpeedTest in docker through DSM Reverse Proxy - incorrect upload speeds
If you do go with NPM or Traefik, under the covers it's using certbot to request/renew your certificates through Let's Encrypt using the DNS-01 challenge, meaning you can get wildcard certs and don't have to futz around with port forwards. Again I'd think Caddy has similar functionality, I just have not used it personally. Raw NGINX you probably don't want to try out yet considering it requires manually doing the configs
- Certbot run.bat file identified as batloader trojan by windows defender. Windows defender alerted me of a trojan which appears to simply be the startup batch script for certbot. Currently running full system scan, but I suspect it to be a false positive. Any ideas?
-
Snap Store administrators removed signal-desktop from Ubuntu Snap
certbot won't be missed. The code quality is pretty poor.
https://github.com/certbot/certbot/issues 5000 bugs and it most of it can be replaced by much smaller tools
-
Good Use Of Golang?
Here’s a good code reference (Python and rust): https://github.com/certbot/certbot
-
Let's Encrypt Certbot Not Working on FreeBSD
I am trying to migrate off of Linux and back to FreeBSD, but I hit a problem today. The Let's Encrypt Certbot is not installing. A bit surprising, given how important it is. So I thought I would notify the community Here is my bug report. https://github.com/certbot/certbot/issues/9394
-
How to update Certbot on Debian 11
Last release: https://github.com/certbot/certbot/releases (on 28th August 2022 = 1.29.0)
-
Uacme: ACMEv2 client written in plain C with minimal dependencies
Right? It’s so ridiculous how you’re supposed to use Snap to install certbot. The (well, one of..) GitHub discussion is just beyond the pale:
https://github.com/certbot/certbot/issues/8345#issuecomment-...
-
Let’s Encrypt Receives the Levchin Prize for Real-World Cryptography
It goes way beyond, since Let's Encrypt influence the ecosystem a lot and the standards that are used.
If you use Let's Encrypt, you are likely using Certbot, which means that everybody uses a tool that a central authority strongly recommends to you.
I wonder how they generate the key, for example, it may be using secp256r1: https://github.com/certbot/certbot/blob/5c111d0bd1206d864d7c...
-
Setting up nginx+letsencrypt as a reverse proxy
# nginx-ingress-https.conf events { } http { include mime.types; server { listen 443 ssl; listen [::]:443 ssl; server_name sg.horlick.me; ssl_certificate /etc/letsencrypt/live/sg.horlick.me/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sg.horlick.me/privkey.pem; # taken from https://github.com/certbot/certbot/blob/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf ssl_session_cache shared:le_nginx_SSL:10m; ssl_session_timeout 1440m; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"; ssl_dhparam /etc/ssl/certs/dhparam.pem; sendfile on; tcp_nopush on; tcp_nodelay on; location / { proxy_pass http://host.docker.internal:9090/; proxy_http_version 1.1; proxy_cache_bypass $http_upgrade; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; } } }
Ansible
-
Ansible Basics: Your First HelloWorld Playbook 🚀
Ansible is an open-source IT automation tool that simplifies application deployment, cloud provisioning, and configuration management across diverse environments. It uses a declarative language to describe the desired state of the system, and then takes the necessary actions to achieve that state. Ansible has become incredibly popular due to its simplicity, agentless architecture, and extensive community support. Document: ansible.com, ansible basics
-
Grant Kubernetes Pods Access to AWS Services Using OpenID Connect
Ansible v2.16
-
Set up an Automation script with Ansible
Ansible is a tool used to help manage software automation processes, configuration management across machines, deployment as well as remote execution of commands and scripts. In sports, Ansible operates as the coach of your team by providing strategies (playbooks), and actions, and ensuring the smooth execution of tasks across your infrastructure, just like a coach guides and directs players (Servers)during a game.
-
Interesting Uses of Ansible's ternary filter
They support for-if from python, too: https://jinja.palletsprojects.com/en/3.1.x/templates/#loop-f... but I haven't tried the "recursive" keyword to know if ansible supports that. I say "ansible supports that" because they don't just drop jinja2 into ansible and call it a draw, they have a bunch of custom execution integrations: https://github.com/ansible/ansible/blob/v2.16.3/lib/ansible/...
-
The 2024 Web Hosting Report
To manage a VM, you can use something as simple as just manual actions over SSH, or can use tools like Ansible, Hashicorp's Packer and Terraform or other automations. For an app where there is minimal load and security/reliability concern, VMs are still a great option that provide a lot of value for the buck
-
A Journey to Find an Ultimate Development Environment
In this article's context, it is simply a tool that provides a declarative way to automate your machine/OS to configure the development machine as you want (install package, modify the configuration, etc). Examples of these tools are Ansible, Puppet, etc.
-
The Director of "Toy Story" Also Drew the BSD Daemon Logo
Now we're getting more tangential, but for years, Ansible releases were named for Van Halen songs (see old Changelog here: https://github.com/ansible/ansible/blob/v1.8.4/CHANGELOG.md)
-
Running stateful workloads on Kubernetes with Rook Ceph
In the lab to follow, we'll quickly provision a 3-node kubeadm cluster (1 master, 2 workers) on the cloud provider of your choice using an automation stack comprised of OpenTofu and Ansible, then deploy Rook Ceph using the official Helm charts and confirm that we are now able to successfully create CSI volume snapshots from PVCs by reusing the MinIO example from our last article.
- Looking for a way to remote in to K's of raspberry pi's...
- ansible builder collections path
What are some alternatives?
acme.sh - A pure Unix shell script implementing ACME client protocol
Cloud-Init - unofficial mirror of Ubuntu's cloud-init
lego - Let's Encrypt/ACME client and library written in Go
pyinfra - pyinfra automates infrastructure using Python. It’s fast and scales from one server to thousands. Great for ad-hoc command execution, service deployment, configuration management and more.
dehydrated - letsencrypt/acme client implemented as a shell-script – just add water
Home Manager using Nix - Manage a user environment using Nix [maintainer=@rycee]
Fabric - Simple, Pythonic remote execution and deployment.
dehydrated-bigip-ansible - Ansible based hooks for dehydrated to enable ACME certificate automation for F5 BIG-IP systems
cloudinit - Official upstream for the cloud-init: cloud instance initialization
SaltStack - Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
(R)?ex - Rex, the friendly automation framework