good-vi/letsencrypt-proxmox.md

apt update && apt install certbot

use STANDALONE validation on 80 port (should be open)

# lowercase
DOMAIN_NAME=xxx.com.br
EMAIL=meu-email@gmail.com

certbot certonly --expand --agree-tos --text --non-interactive \
  --standalone \
  --email $EMAIL \
  -d $DOMAIN_NAME

cat << EOF > /usr/local/bin/renew-pve-certs.sh
#!/bin/bash
# backup old certs
mv /etc/pve/local/pveproxy-ssl.pem /etc/pve/local/pve-ssl.pem.bak
mv /etc/pve/local/pveproxy-ssl.key /etc/pve/local/pveproxy-ssl.key.bak

cp /etc/letsencrypt/live/$DOMAIN_NAME/fullchain.pem /etc/pve/local/pveproxy-ssl.pem
cp /etc/letsencrypt/live/$DOMAIN_NAME/privkey.pem /etc/pve/local/pveproxy-ssl.key

systemctl restart pveproxy 
EOF

chmod +x /usr/local/bin/renew-pve-certs.sh

echo "30 6 1,15 * * root /usr/bin/certbot renew --quiet --post-hook /usr/local/bin/renew-pve-certs.sh" > /etc/cron.d/letsencrypt

/usr/local/bin/renew-pve-certs.sh

good-vi/letsencrypt-proxmox.md

Select an option

No results found

Select an option

No results found