Files

Dmitriy Fofanov ed4531fa64 Добавлены новые документы и инструкции по настройке, использованию и тестированию SSL сертификатов Let's Encrypt с использованием API reg.ru. Обновлены зависимости в requirements.txt для поддержки новых функций. Включены подробные шаги по автоматизации, созданию и продлению сертификатов, а также интеграции с Nginx Proxy Manager.

2025-10-28 13:01:05 +03:00

7.6 KiB

Raw Blame History

Installation Guide for letsencrypt_regru.sh

Author: Dmitry Fofanov
Date: October 28, 2025

Description

letsencrypt_regru.sh is an automated installer for Let's Encrypt Manager with reg.ru and Nginx Proxy Manager integration.

The script automates:

Installation of all system dependencies
Python virtual environment creation
Python library installation (requests, cryptography, certbot)
Interactive configuration setup
Creating and configuring systemd services
Automatic certificate renewal setup

Requirements

Linux (Debian/Ubuntu, CentOS/RHEL/Fedora)
Root access (sudo)
Minimum 512MB RAM
Minimum 1GB free disk space
Internet connection

Quick Installation

Method 1: Automatic Installation (Recommended)

The fastest way - run installation directly from GitHub:

sudo bash -c "$(curl -fsSL https://github.com/DFofanov/configure_nginx_manager/raw/refs/heads/master/letsencrypt_regru.sh)"

This command will:

Automatically download the installation script
Run it with root privileges
Guide you through interactive setup

Method 2: Clone Repository

If you want to review the code before installation:

# 1. Download repository
git clone https://github.com/DFofanov/configure_nginx_manager.git
cd configure_nginx_manager

# 2. Make executable
chmod +x letsencrypt_regru.sh

# 3. Run installation
sudo ./letsencrypt_regru.sh

Interactive Setup

During installation, the script will ask for:

Domain - your main domain (e.g., example.com)
Email - for Let's Encrypt notifications
reg.ru credentials:
- Username
- Password
Wildcard certificate - create *.example.com (recommended: Yes)
NPM integration (optional):
- NPM address (e.g., http://10.10.10.14:81)
- NPM login email
- NPM password

Structure After Installation

/opt/letsencrypt-regru/           # Application
├── letsencrypt_regru_api.py      # Main script
├── venv/                         # Python virtual environment
└── docs/                         # Documentation

/etc/letsencrypt-regru/           # Configuration
└── config.json                   # Settings (credentials, domain, NPM)

/var/log/letsencrypt-regru/       # Logs
└── letsencrypt_regru.log

/etc/letsencrypt/live/            # Let's Encrypt certificates
└── example.com/
    ├── privkey.pem
    ├── cert.pem
    ├── chain.pem
    └── fullchain.pem

/etc/systemd/system/              # Systemd services
├── letsencrypt-regru.service     # Renewal service
└── letsencrypt-regru.timer       # Timer (every 12 hours)

/usr/local/bin/
└── letsencrypt-regru             # Global command

Using letsencrypt-regru Command

After installation, a convenient command is available:

# Check current certificate expiration
letsencrypt-regru --check

# Obtain new Let's Encrypt certificate
letsencrypt-regru --obtain

# Renew existing certificate
letsencrypt-regru --renew

# Automatically check and renew if needed
letsencrypt-regru --auto

# Create test self-signed certificate
letsencrypt-regru --test-cert

# Show help
letsencrypt-regru --help

Automatic Renewal

The installer configures a systemd timer for automatic checks:

# Check timer status
systemctl status letsencrypt-regru.timer

# When is next run
systemctl list-timers letsencrypt-regru.timer

# View run history
journalctl -u letsencrypt-regru

# Follow logs in real-time
journalctl -u letsencrypt-regru -f

Timer Settings

Default settings:

First run: 15 minutes after system boot
Frequency: every 12 hours
Random delay: up to 1 hour (to avoid creating load)

Can be modified in /etc/systemd/system/letsencrypt-regru.timer.

Editing Configuration

# Open configuration in editor
sudo nano /etc/letsencrypt-regru/config.json

# After changes, restart timer
sudo systemctl restart letsencrypt-regru.timer

Example config.json

{
    "regru_username": "your_username",
    "regru_password": "your_password",
    "domain": "example.com",
    "wildcard": true,
    "email": "admin@example.com",
    "cert_dir": "/etc/letsencrypt/live",
    "log_file": "/var/log/letsencrypt-regru/letsencrypt_regru.log",
    "dns_propagation_wait": 60,
    "dns_check_attempts": 10,
    "dns_check_interval": 10,
    "renewal_days": 30,
    "npm_enabled": true,
    "npm_host": "http://10.10.10.14:81",
    "npm_email": "admin@npm.local",
    "npm_password": "secure_password"
}

Updating Application

# Download latest version
cd configure_nginx_manager
git pull

# Run update
sudo ./letsencrypt_regru.sh update

Update will:

Stop timer
Update script
Update Python dependencies
Restart timer

Uninstallation

# Complete application removal
sudo ./letsencrypt_regru.sh uninstall

Script will remove:

Application from /opt/letsencrypt-regru/
Systemd services
Global command

Certificates in /etc/letsencrypt/live/ are preserved!

Optionally you can remove:

Configuration /etc/letsencrypt-regru/
Logs /var/log/letsencrypt-regru/

Viewing Logs

# Systemd logs (recommended)
journalctl -u letsencrypt-regru -f

# Log file
tail -f /var/log/letsencrypt-regru/letsencrypt_regru.log

# Last 100 lines
tail -n 100 /var/log/letsencrypt-regru/letsencrypt_regru.log

Troubleshooting

Installation Check

# Check command availability
which letsencrypt-regru

# Check Python environment
ls -la /opt/letsencrypt-regru/venv/

# Check systemd services
systemctl list-unit-files | grep letsencrypt-regru

Installation Errors

Error: "Permission denied"

# Run with sudo
sudo ./letsencrypt_regru.sh

Error: "Package not found"

# Update package lists
sudo apt-get update  # Debian/Ubuntu
sudo yum update      # CentOS/RHEL

Error: "Python module not found"

# Reinstall virtual environment
sudo rm -rf /opt/letsencrypt-regru/venv
sudo ./letsencrypt_regru.sh

Certificate Issues

Certificate not created

# Check logs
tail -n 50 /var/log/letsencrypt-regru/letsencrypt_regru.log

# Check configuration
cat /etc/letsencrypt-regru/config.json

# Try manually
letsencrypt-regru --obtain -v

DNS not updating

# Increase wait time in config.json
"dns_propagation_wait": 120,
"dns_check_attempts": 20

NPM Issues

Not uploading to NPM

# Check NPM availability
curl http://192.168.10.14:81

# Check credentials in config.json
# Try manually
letsencrypt-regru --test-cert -v

Supported OS

✅ Debian 10, 11, 12
✅ Ubuntu 20.04, 22.04, 24.04
✅ CentOS 7, 8
✅ RHEL 7, 8, 9
✅ Fedora 35+

Additional Features

Test Certificate

For testing without Let's Encrypt rate limits:

letsencrypt-regru --test-cert

Creates self-signed certificate valid for 90 days.

Manual Renewal Run

# Start service manually
sudo systemctl start letsencrypt-regru.service

# Check status
systemctl status letsencrypt-regru.service

Change Check Frequency

Edit /etc/systemd/system/letsencrypt-regru.timer:

[Timer]
# Every 6 hours instead of 12
OnUnitActiveSec=6h

Then:

sudo systemctl daemon-reload
sudo systemctl restart letsencrypt-regru.timer

Security

Configuration with passwords has 600 permissions (root only)
Certificate private keys have 600 permissions
All operations run as root
Logs accessible only to root

Support

GitHub Issues: https://github.com/DFofanov/configure_nginx_manager/issues
Documentation: /opt/letsencrypt-regru/docs/
Email: admin@dfv24.com

Developed by: Dmitry Fofanov
Date: October 28, 2025
Version: 2.0

7.6 KiB Raw Blame History