Can we change lets encrypt script?


(Parinita Sandhu ) #1

I’m facing some curl issues in my server due to censorship. So I need to pass some curl commands through a proxy in lets encrypt script. where can I change the discourse script for issuing and renewal of lets encrypt?


(Bhanu Sharma) #2

Don’t modify the discourse letsencrypt, rather set up a reverse proxy in front of discourse and use that to do the changes. The changes you make to script will probably be reset once you rebuild your container.


(Parinita Sandhu ) #3

can you give me a guideline on how to do this?


(Bhanu Sharma) #4

Use this guide as a reference.

You can skip the part where it says to create the /var/www/errorpages directory and steps past that in case you don’t want an offline page while you rebuild your container.


(Jay Pfaffman) #5

I’m not quite sure what you need to do, and @itsbhanusharma’s suggestion seems like it could be the best solution, but the answer to your question (which might not be the right question) is that you can make a copy of discourse_docker/templates/web.letsencrypt.ssl.template.yml and add your stuff there.

It might also be possible to add code to your app.yml to do whatever you need to, but modifying the ssl template may be the easiest.


(Rafael dos Santos Silva) #6

You can change the let’s encrypt behavior using the hooks in the app.yml file.

For example, if you need to execute a command before Acme.sh runs, you can add:

# rest of the yml here
hooks:
  before_ssl:
    - exec:
       cmd:
         - echo "custom command"

I recommend reading more about acme.sh or the launcher hooks.