Added first version of the script

certbot-setup.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+set -e
+
+# Ensure script is run as root
+if [[ "$EUID" -ne 0 ]]; then
+  echo "Please run as root"
+  exit 1
+fi
+
+echo "=== Let's Encrypt + Cloudflare setup ==="
+
+# Ask for domain
+read -p "Enter the FQDN (e.g. example.com or sub.example.com): " DOMAIN
+
+if [[ -z "$DOMAIN" ]]; then
+  echo "Domain cannot be empty"
+  exit 1
+fi
+
+# Ask for Cloudflare API token/key
+read -p "Enter your Cloudflare API Token/Key: " CF_API_KEY
+
+if [[ -z "$CF_API_KEY" ]]; then
+  echo "API key cannot be empty"
+  exit 1
+fi
+
+echo "Installing dependencies..."
+apt update
+apt install -y python3 python3-dev python3-venv libaugeas-dev gcc
+
+echo "Setting up virtual environment..."
+python3 -m venv /opt/certbot/
+ /opt/certbot/bin/pip install --upgrade pip
+ /opt/certbot/bin/pip install certbot
+ /opt/certbot/bin/pip install certbot-dns-cloudflare
+
+# Symlink certbot
+ln -sf /opt/certbot/bin/certbot /usr/bin/certbot
+
+echo "Creating Cloudflare credentials file..."
+mkdir -p /root/certbot-cloudflare/
+
+cat <<EOF > /root/certbot-cloudflare/cloudflare.ini
+dns_cloudflare_api_token = $CF_API_KEY
+EOF
+
+# Secure the credentials file
+chmod 600 /root/certbot-cloudflare/cloudflare.ini
+
+echo "Requesting certificate for $DOMAIN ..."
+certbot certonly \
+  --dns-cloudflare \
+  --dns-cloudflare-credentials /root/certbot-cloudflare/cloudflare.ini \
+  -d "$DOMAIN"
+
+echo "Done! Certificate setup completed for $DOMAIN"