ispconfig-letsencrypt/README.md

ISPConfig Let's Encrypt
=========================


# REQUIREMENTS

Let's Encrypt installed

ISPConfig (select version in branche)

Apache or Nginx


# INSTALLATION (as root)

```
git clone https://github.com/alexalouit/ISPConfig-letsencrypt.git
cd ISPConfig-letsencrypt
php -q install.php
```

After install, a new checkbox will be available in editing website, just check it.

Adjust server in ```/etc/letsencrypt/cli.ini```if isn't ``https://acme-v01.api.letsencrypt.org/directory```


## MANUAL INSTALLATION

- make your own backup!

- go to dir
```
cd ISPConfig-letsencrypt
```

- create Let's Encrypt configuration
```
cp ./cli.ini /etc/letsencrypt/cli.ini
```

- patch ISPConfig (merge all files from ./src to /usr/local/ispconfig)
```
rsync -av ./src/ /usr/local/ispconfig/
```

- prepare apache
```
cp ./apache.letsencrypt.conf /etc/apache2/conf-available/letsencrypt.conf
a2enmod headers
a2enconf letsencrypt
service apache2 reload
```

- prepare nginx
```
patch /etc/nginx/nginx.conf < ./nginx.conf.patch
service nginx reload
```

- create a cron for automatic renewal:
```
crontab -e
30 02 * * * /root/.local/share/letsencrypt/bin/letsencrypt-renewer >> /var/log/ispconfig/cron.log; done
```

- sql queries:
```
ALTER TABLE `web_domain` ADD `ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n';
```


## TROUBLESHOOTING

update Let's Encrypt
```
cd /root/letsencrypt
git fetch
./letsencrypt-auto
```

see Let's Encrypt log
```
cat /var/log/letsencrypt/letsencrypt.log
```

see ISPConfig log
```
cat /var/log/ispconfig/ispconfig.log
cat /var/log/ispconfig/cron.log
```

remove certs
```
rm -r /etc/letsencrypt/archive/$domain/
rm -r /etc/letsencrypt/live/$domain/
rm -r /etc/letsencrypt/renewal/$domain.conf
```

re-generate cert: uncheck SSL & Let's Encrypt, save, recheck and save
first working version 2015-11-09 02:13:08 +01:00			`ISPConfig Let's Encrypt`
			`=========================`


improvement & bugfix use complete files instead patch fix subdomain auto-redirection 2015-11-26 02:12:51 +01:00			`# REQUIREMENTS`
first working version 2015-11-09 02:13:08 +01:00
			`Let's Encrypt installed`

improvement & bugfix use complete files instead patch fix subdomain auto-redirection 2015-11-26 02:12:51 +01:00			`ISPConfig (select version in branche)`
first working version 2015-11-09 02:13:08 +01:00
			`Apache or Nginx`


			`# INSTALLATION (as root)`

			```
			`git clone https://github.com/alexalouit/ISPConfig-letsencrypt.git`
			`cd ISPConfig-letsencrypt`
			`php -q install.php`
			```

			`After install, a new checkbox will be available in editing website, just check it.`

bugfix & improvements prevent apache with conf.d directory instead conf-available create challenge directory (prevent Let’s Encrypt create file with bad permission) use debug ispconfig function use fullchain for apache 2015-12-04 09:47:54 +01:00			Adjust server in ```/etc/letsencrypt/cli.ini```if isn't ``https://acme-v01.api.letsencrypt.org/directory```

first working version 2015-11-09 02:13:08 +01:00
			`## MANUAL INSTALLATION`

bugfix - backup nginx configuration before patch it - apache/nginx « application/jose+json » to « text/plain » 2015-12-01 17:57:44 +01:00			`- make your own backup!`

improvement & bugfix use complete files instead patch fix subdomain auto-redirection 2015-11-26 02:12:51 +01:00			`- go to dir`
			```
			`cd ISPConfig-letsencrypt`
			```

bugfix & improvements prevent apache with conf.d directory instead conf-available create challenge directory (prevent Let’s Encrypt create file with bad permission) use debug ispconfig function use fullchain for apache 2015-12-04 09:47:54 +01:00			`- create Let's Encrypt configuration`
first working version 2015-11-09 02:13:08 +01:00			```
			`cp ./cli.ini /etc/letsencrypt/cli.ini`
			```

improvement & bugfix use complete files instead patch fix subdomain auto-redirection 2015-11-26 02:12:51 +01:00			`- patch ISPConfig (merge all files from ./src to /usr/local/ispconfig)`
first working version 2015-11-09 02:13:08 +01:00			```
improvement & bugfix use complete files instead patch fix subdomain auto-redirection 2015-11-26 02:12:51 +01:00			`rsync -av ./src/ /usr/local/ispconfig/`
first working version 2015-11-09 02:13:08 +01:00			```

			`- prepare apache`
			```
			`cp ./apache.letsencrypt.conf /etc/apache2/conf-available/letsencrypt.conf`
			`a2enmod headers`
			`a2enconf letsencrypt`
			`service apache2 reload`
			```

			`- prepare nginx`
			```
			`patch /etc/nginx/nginx.conf < ./nginx.conf.patch`
			`service nginx reload`
			```

			`- create a cron for automatic renewal:`
			```
			`crontab -e`
			`30 02 * * * /root/.local/share/letsencrypt/bin/letsencrypt-renewer >> /var/log/ispconfig/cron.log; done`
			```

			`- sql queries:`
			```
			ALTER TABLE `web_domain` ADD `ssl_letsencrypt` enum('n','y') NOT NULL DEFAULT 'n';
improvement & bugfix use complete files instead patch fix subdomain auto-redirection 2015-11-26 02:12:51 +01:00			```
improvements & bug fix add subdomains support fix autosubdomain « hot » change fix domain « hot » change fix nginx minor bug update todo list update readme 2016-01-20 17:13:56 +01:00

			`## TROUBLESHOOTING`

			`update Let's Encrypt`
			```
			`cd /root/letsencrypt`
			`git fetch`
			`./letsencrypt-auto`
			```

			`see Let's Encrypt log`
			```
			`cat /var/log/letsencrypt/letsencrypt.log`
			```

			`see ISPConfig log`
			```
			`cat /var/log/ispconfig/ispconfig.log`
			`cat /var/log/ispconfig/cron.log`
			```

			`remove certs`
			```
			`rm -r /etc/letsencrypt/archive/$domain/`
			`rm -r /etc/letsencrypt/live/$domain/`
			`rm -r /etc/letsencrypt/renewal/$domain.conf`
			```

			`re-generate cert: uncheck SSL & Let's Encrypt, save, recheck and save`