A simple script for automating using lego with AdGuard Home. It downloads the latest available release of lego, runs it and obtains a wildcard certificate for the specified domain.
Prepare:
mkdir /opt/lego
curl -s https://raw.githubusercontent.com/geshas/legoagh/master/lego.sh --output lego.sh
chmod +x lego.shIf you're using CloudFlare, you need to create an API token first.
Then run the script:
DOMAIN_NAME="example.org" \
EMAIL="you@email" \
DNS_PROVIDER="cloudflare" \
CLOUDFLARE_DNS_API_TOKEN="yourapitoken" \
./lego.shIf you're using GoDaddy, you need to create the API credentials.
Then run the script:
DOMAIN_NAME="example.org" \
EMAIL="you@email" \
DNS_PROVIDER="godaddy" \
GODADDY_API_KEY="yourapikey" \
GODADDY_API_SECRET="yourapisecret" \
./lego.shIf you're using DigitalOcean, you need to create an API token first.
Then run the script:
DOMAIN_NAME="example.org" \
EMAIL="you@email" \
DNS_PROVIDER="digitalocean" \
DO_AUTH_TOKEN="yourapitoken" \
./lego.shIf you're using DuckDNS, you need to copy the API from duckdns.
Then run the script:
DOMAIN_NAME="example.duckdns.org" \
EMAIL="you@email" \
DNS_PROVIDER="duckdns" \
DUCKDNS_TOKEN="yourduckdnstoken" \
./lego.shIf you're using Name.com, you need to copy the username and TOCKEN from namedotcom.
Then run the script:
DOMAIN_NAME="example.org" \
EMAIL="you@email" \
DNS_PROVIDER="namedotcom" \
NAMECOM_API_TOKEN="yournamedotcomtoken" \
NAMECOM_USERNAME="yournamedotcomusername" \
./lego.shBy default, it uses Let's Encrypt to generate the certificate.
Alternatively, you can use a different provider. For instance, ZeroSSL.
To do this, you need to sign up for a ZeroSSL account and obtain your EAB credentials. Then just pass it to the script:
SERVER="https://acme.zerossl.com/v2/DV90" \
EAB_KID="xxxx" \
EAB_HMAC="xxxx" \
...
...
./lego.sh