Configuring Certbot on Elastic Beanstalk
Configuring Certbot on Elastic Beanstalk
I’ve recently been deploying a laravel app on AWS. I ran into an issue where I don’t really want to purchase a SSL Cert right now but I’d still like https. Simply I thought I could just configure certbot as per the instructions I found on A Comprehensive Guide to Deploying Laravel on Honeybadger.io
Unfortunately the instructions are out of date and I had some trouble getting them to work. So for future reference these are the steps I took to get this working:
Create a new prebuild hook under .platform/hooks/prebuild/install_certbot.sh
#!/bin/sh
sudo python3 -m venv /opt/certbot
sudo /opt/certbot/bin/pip install --upgrade pip
sudo /opt/certbot/bin/pip install certbot certbot-nginx
sudo ln -sf /opt/certbot/bin/certbot /usr/bin/certbot
Now we’ll create two postdeploy hooks .platform/hooks/postdeploy/get_ssl_certificate.sh
#!/bin/sh
sudo certbot \
-n \
--nginx \
--agree-tos \
-d $(/opt/elasticbeanstalk/bin/get-config environment -k CERTBOT_DOMAINS) \
--email $(/opt/elasticbeanstalk/bin/get-config environment -k CERTBOT_EMAIL)
Make sure you add two environment variables to your elastic beanstalk environment:
and finally .platform/hooks/postdeploy/renew_ssl_certificate.sh
#!/bin/sh
echo "0 0 1 * * root certbot renew --no-self-upgrade" \
| sudo tee /etc/cron.d/renew_ssl_cert_cron
Now you can bundle your app and deploy it and you should have a working SSL cert.
Comments
Comments are powered by Github!
Post comment