bash 安装 Certbot letencrypt 无需交互
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/49172841/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Install Certbot letsencrypt without interaction
提问by Laimonas Sutkus
I am writing a bash script which bootstraps the whole project infrastructure in the freshly installed server and i want to configure ssl installation with letcecrypt certbot. After I execute line:
我正在编写一个 bash 脚本,它在新安装的服务器中引导整个项目基础设施,我想使用 letcecrypt certbot 配置 ssl 安装。在我执行行后:
certbot --nginx -d $( get_server_name ) -d www.$( get_server_name ).com
I get prompted for few questions. Can certbot be run without any interactions while passing some of the params as arguments or something ?
我被提示问几个问题。在将一些参数作为参数或其他东西传递时,certbot 可以在没有任何交互的情况下运行吗?
回答by match
You can run certbot 'silently' by adding the following options:
您可以通过添加以下选项“静默”运行 certbot:
--non-interactive --agree-tos -m [email protected]
The full list of config options is available here:
配置选项的完整列表可在此处获得:
回答by Jesse Nickles
There are several inline flags and "subcommands"(their nickname) provided by Certbot that can help to automate the process of generating free SSL certificates using Bash or shell scripts.
Certbot 提供了几个内联标志和“子命令”(它们的昵称),可以帮助使用 Bash 或 shell 脚本自动生成免费 SSL 证书的过程。
The most relevant flag as mentioned by @match is:
@match 提到的最相关的标志是:
--non-interactive
However in reality this flag is not very helpful, because it doesn't do very much. If there are critical flags missing from your script, for example, the certificate will still fail to generate. Frankly, I think it would be better for Certbot to cancel the above flag, because it's rather misleading.
然而实际上这个标志并不是很有用,因为它没有多大用处。例如,如果脚本中缺少关键标志,则证书仍将无法生成。坦率地说,我认为 Certbot 取消上述标志会更好,因为它具有误导性。
Here are the minimum flags required:
以下是所需的最低标志:
--agree-tos--register-unsafely-without-email...or...-m [email protected]-d www.example.com
--agree-tos--register-unsafely-without-email...或者...-m [email protected]-d www.example.com
You also must specify what type of Let's Encrypt installer plugin(environment) you want, for example you can choose from "standalone" or "manual" etc... for most cases, like a WordPress web server, you should choose "webroot" so that Certbot can easily verify ownership via the public root (make sure access to /.well-known*is not blocked):
您还必须指定您想要的 Let's Encrypt安装程序插件(环境)类型,例如您可以从“独立”或“手动”等中进行选择……对于大多数情况,例如 WordPress Web 服务器,您应该选择“webroot”以便 Certbot 可以通过公共根轻松验证所有权(确保访问/.well-known*不被阻止):
--webroot -w /var/www/html/
Here is the complete command we use in SlickStackto install SSL certs:
这是我们在 SlickStack 中用来安装 SSL 证书的完整命令:
## install Certbot SSL certificate ##
certbot certonly --noninteractive --webroot --agree-tos --register-unsafely-without-email -d ${SITE_DOMAIN} -w /var/www/html/
