Installing Letsencrypt Certificates Manually

I needed a certificate for my private cloud server on my LAN. It is normally an automatic thing to install and update letsencrypt certificates, however with a private server that is not on the internet one must run the commands manually every 90 days.

certbot -d cloud.example.com --manual --preferred-challenges dns certonly


Please deploy a DNS TXT record under the name
_acme-challenge.cloud.example.com with the following value:

W__53NYHG11LjJzkmUJkqujpm9a6sCM0_kyxmmRtZi0




Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):paul@example.com

-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: A
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for cloud.example.com

-------------------------------------------------------------------------------
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
-------------------------------------------------------------------------------
(Y)es/(N)o: Y

-------------------------------------------------------------------------------
Please deploy a DNS TXT record under the name
_acme-challenge.cloud.coffeebuzz.com with the following value:

W__53NYHG11LjJzkmUJkqujpm9a6sCM0_kyxmmRtZi0

Once this is deployed,
-------------------------------------------------------------------------------
Press Enter to Continue


Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/cloud.example.com/fullchain.pem. Your cert
   will expire on 2019-01-05. To obtain a new or tweaked version of
   this certificate in the future, simply run certbot again. To
   non-interactively renew *all* of your certificates, run "certbot
   renew"
 - If you lose your account credentials, you can recover through
   e-mails sent to paul@example.com.
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Split screen with tmux

I have been a long time screen user when connecting to remote machines where I don’t want to lose work if the connection drops.  I started using tmux and have been won over by it’s split screen feature.

To start tmux just run tmux and it will start and give you a nice status bar at the bottom.  You can list out your tmux sessions with the command tmux ls, and then reattach to your session with tmux attach and the session number.

By far my favorite use for tmux is split screen so I can view multiple process outputs on the same server without opening another ssh window.  tmux uses ctrl-b for it’s commands.  ctrl-b “ will split the window horizontally, and ctrl-b % will split the window vertically.  You can then use ctrl-b o to move between window panes.

The tmux manual has got to be one of the largest man pages ever, it can do much much more too.