[SOLVED] Let's Encrypt non-interactive setup

c.weilguny

Member
Nov 7, 2019
15
4
8
38
Hi Proxmox Team and Forum,

just before my question: Thanks for Proxmox. I have to administer an oVirt setup since some weeks and it's horrible. PITA, 'nuff said. Just thanks for Proxmox. Amen.

My question: I have an automated setup for my proxmox node using ansible (currently only one node). It would be great, to also include the Let's Encrypt setup. I can do it by cli using the "pvenode acme" commands, but the "pvenode acme account register" commands is interactive. I have to select the environment and agree the terms of service manually. I already tried just appending "--agree-tos" like in the original certbot, but that's an unknown option.

Is there a way to fully order a Let's Encrypt certificate non-interactively? Basically I just need to non-interactively select the acme environment (0 for production) and accept the terms of service. The other steps don't need any interaction, if I'm right.

Cheers
 
  • Like
Reactions: dropndestroy
Only possible via the API:

First, to create an account:

List of known ACME directories (API servers):
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/cluster/acme/directories

API-Endpoint to request Terms of Service (needed for registration):
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/cluster/acme/tos

Registration
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/cluster/acme/account

Certificate issuance is per node:

Domains are stored in each node's node config:
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/config

And finally, ordering a certificate:
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/certificates/acme/certificate


The API is also available via the CLI and the 'pvesh' tool (it's mainly used for API exploration/debugging though ;))
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!