Nginx Unit plugin for Certbot

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for kea from gravatar.com kea

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT License Copyright (c) 2024 Manuel Baldassarri Permission is hereby granted, free of charge, to...)

Author: Manuel Baldassarri

Classifiers

Project description

Certbot NGINX Unit plugin

This is a certbot plugin for using certbot in combination with NGINX Unit https://unit.nginx.org/

Requirement

The command unitc should be installed and executable.

Current Features

  • Supports NGINX Unit/1.31*
  • Supports cerbot 1.21+
  • install certificates
  • automatic renewal certificates

Install

You have to install the plugin and configure the unit listener for port 80

# unitc /config

{
    "listeners": {
        "*:80": {
            "pass": "routes"
        }
        "routes": [
            {
                "action": {
                    "share": "/srv/www/unit/index.html"
                }
            }
        ]
    }
}

Now, you can generate and automatically install the certificate with

# certbot --configurator nginx_unit -d www.myapp.com

The result is a certificate created and installed.

# unitc /certificates

{
	"www.myapp.com_20240202145800": {
		"key": "RSA (2048 bits)",
		"chain": [
			{
			    <omissis>
			}
        ]
    }
}

and the configuration updated

# unitc /config

{
	"listeners": {
		"*:80": {
			"pass": "routes"
		},

		"*:443": {
			"pass": "routes",
			"tls": {
				"certificate": [
					"www.myapp.com_20240202145800"
				]
			}
		}
	},

	"routes": [
		{
			"match": {
				"uri": "/.well-known/acme-challenge/*"
			},

			"action": {
				"share": "/srv/www/unit/$uri"
			}
		},
		{
			"action": {
				"share": "/srv/www/unit/index.html"
			}
		}
	]
}

Auto-renew certificates

Certbot installs a timer on the system to renew certificates one month before the certificate expiration date.

Multiple domains/applications

You can run the certbot command for each domain

# certbot --configurator nginx_unit -d www.myapp1.com
# certbot --configurator nginx_unit -d www.myapp2.com
# unitc '/config/listeners/*:443' 

{
    "pass": "routes",
    "tls": {
        "certificate": [
            "www.myapp1.com_20240202145800"
            "www.myapp2.com_20240202145800"
        ]
    }
}

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for kea from gravatar.com kea

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT License Copyright (c) 2024 Manuel Baldassarri Permission is hereby granted, free of charge, to...)

Author: Manuel Baldassarri

Classifiers

Release history Release notifications | RSS feed

1.0.10

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

This version

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

certbot-nginx-unit-1.0.0.tar.gz (19.6 kB view hashes)

Uploaded Source

Built Distribution

certbot_nginx_unit-1.0.0-py3-none-any.whl (11.3 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page