DevOps Buzz
  • Initial page
  • About me
  • Ansible
    • Cheat Sheet
    • Dynamic inventory
  • AKS
    • Cheat Sheet
    • Autoscale
    • Backup
    • Dashboard
    • Ingress
    • Node management
    • News
    • Persistent Volumes
  • Arch Linux
    • Docker
    • Install
    • Network
    • VirtualBox guest
  • Azure
    • API
    • CLI/Powershell
    • DevOps
      • Cheat Sheet
    • Application Gateway
    • Tools
    • Sops
  • AWS
    • Cheat Sheet
    • Tools
    • Cognito with Amplify and React
  • Bash / Shell
    • Cheat Sheet
    • Tools
  • Bitbucket
    • Cheat Sheet
  • CSS
    • Cheat Sheet
  • Distros
    • Manjaro
  • Docker
    • Cheat Sheet
    • ELK
    • Ubuntu NoVNC
    • Tools
    • Known errors and solutions
  • Elasticsearch
    • Cheat Sheet
    • Tools
  • ELK
    • Cheat Sheet
  • emacs
    • Cheat sheet
  • Gatekeeper (OPA)
    • Cheat Sheet
    • Developer Quick Start
  • GCP
    • Cheat Sheet
  • General
    • Tools
    • News
  • Git
    • Cheat Sheet
    • Tools
  • Golang
    • Cheat Sheet
  • Guidelines / Standards
    • Cheat Sheet
  • i3wm
    • Cheat Sheet
  • Ipsec
    • Cheat sheet
  • Istio
    • Cheat Sheet
  • Kind
    • Cheat Sheet
  • Kops
    • Cheat Sheet
  • Kubeadm
    • Cheat Sheet
    • Change serviceSubnet CIDR
    • Setup cluster
      • Azure
      • Bare-metal
      • Vagrant + VirtualBox
    • Multi master
    • Known errors and solutions
  • Kubernetes
    • Kubectl Cheat Sheet
    • etcd Cheat Sheet
    • Tools
    • News
    • Deployments
      • Deployment examples
      • Blue/Green Deployment
      • Canary Deployment
    • Dashboard
    • ELK
    • Helm
    • Ingress
    • logz.io
    • Minikube
    • Monitoring
    • Node Management
    • Operators
    • Security
    • Volumes
    • Networking
    • kube-controller-manager
      • Node crash recovery
    • Known errors and solutions
  • Lumen
    • Cheat Sheet
  • MACOS
    • Cheat Sheet
    • Qemu
    • Zsh
  • microk8s
    • Cheat Sheet
  • MongoDB
    • Cheat Sheet
    • Tools
  • MySQL
    • Cheat Sheet
  • Network
    • Tools
    • WDS - Wireless Distribution System
    • Expose server under NAT
  • nvim
    • Cheat Sheet
  • Openvpn
    • OpenVPN server on Ubuntu 18.06
    • Stunnel
  • PHP
    • Composer
  • Prometheus
    • Tools
  • Python
    • Cheat Sheet
    • Pydantic
    • Tools / Modules
    • Virtualenv
  • RabbitMQ
    • Cheat Sheet
  • ReactJS
    • Fixes
    • For beginners
  • Ruby
    • Cheat Sheet
    • Rails
    • rvm
  • Rundeck
    • Cheat Sheet
  • Rust
    • Cheat Sheet
  • Squid
    • Setup server
    • Expose NAT server
  • SRE
    • Cheat Sheet
  • SSH
    • Passwordless auth with RSA key
    • Reverse tunnel
    • Cheat Sheet
  • SSL
    • Cheat Sheet
    • certbot
  • STACK SETUP
    • Using EKS and Gitlab CI to deploy applications
  • Terraform
    • Cheat Sheet
    • Tools
  • Tmux
    • Cheat Sheet
  • Tor
    • Cheat Sheet
  • Ubuntu
    • Cheat Sheet
  • Vagrant
    • Cheat Sheet
  • VirtualBox
    • Cheat Sheet
  • Windows
    • Windows Docker
    • Fingerprint
    • SSH Client
    • Tools
    • VirtualBox
    • WSL
Powered by GitBook
On this page
  1. SSL

certbot

Google DNS

Set up an IAM with "DNS Administrator" role.

If you want to use least privilege approach, use the following permissions:

- dns.changes.create
- dns.changes.get
- dns.managedZones.list
- dns.resourceRecordSets.create
- dns.resourceRecordSets.delete
- dns.resourceRecordSets.list
- dns.resourceRecordSets.update

Then export user's credentials.json

Install and run certbot.

pip3 install certbot-dns-google

Create certificates.

certbot certonly \
  --config-dir ./config \
  --work-dir ./work \
  --logs-dir ./logs \
  --agree-tos --email=PUT-WEB-MASTER-MAIL-HERE@PUT-YOUR-DOMAIN-HERE.com \
  --server https://acme-v02.api.letsencrypt.org/directory \
  --dns-google \
  --dns-google-propagation-seconds 120 \
  --dns-google-credentials ./credentials.json \
  -d 'PUT-YOUR-DOMAIN-HERE.com.'
PreviousCheat SheetNextUsing EKS and Gitlab CI to deploy applications

Last updated 4 years ago