环境配置

安装 cloudflare 插件

  • 设置信任插件
1
snap set certbot trust-plugin-with-root=ok
  • 设置 snap 代理
1
2
snap set system proxy.http="http://127.0.0.1:8118"
snap set system proxy.https="http://127.0.0.1:8118"
  • 安装 cloudflare 插件
1
snap install certbot-dns-cloudflare

配置 token

1
2
3
mkdir -p ~/.secrets/certbot/
echo 'dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = yourtoken' > ~/.secrets/certbot/cloudflare.ini

申请证书

1
2
3
4
certbot certonly \
  --dns-cloudflare \
  --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini \
  -d fish.lsof.site

Crontab 设置

1
0 0 * * 1 /var/lib/snapd/snap/bin/certbot renew --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini --force-renewal

删除证书

1
./certbot-auto delete