Image for post
Image for post

I recently tried to install a Let’s Encrypt SSL certificate on GoDaddy and I did’n find enough information to configure auto-renew.

It is simplified in 4 simple steps steps everything you need to install a free certificate and save some 💸💸💸

1. Connecting via SSH to your server

You must enable SSH access from your cPanel and log in with your credentials.

Download this repo and install it.

$ curl https://get.acme.sh | sh

3. Issue the certificate

You only need write access to the web root folder to issue the certificate.

4. Deploy the certificate

There are 2 ways to implement the certificate and both leave the cronjob configured.

a. Deploy SSL to cPanel using UAPI (GoDaddy option)

This hook is using UAPI and works in cPanel & WHM version 56 or newer.

b. Deploy SSL to cPanel (other cPanel version)

DEPLOY_CPANEL_USER and DEPLOY_CPANEL_PASSWORD is required only once.

I hope this may help you!


When I started working at my current job I found that all the developers used the same key to access all the servers by ssh.

Looking for a solution I found a script that synchronizes the ssh keys with the users of IAM.

Image for post
Image for post

The problem was that all our infrastructure was based on Elastic Beanstalk and the solution was designed for EC2. If it was installed manually as in EC2 it would be erased when the instance is rebuilt.

To solve this problem, create a script that installs the package after each deploy (in case it is not installed previously) and then configure it. …


The private keys that you use in a project should not be compromised with the source code. The best option is to configure Elastic Beanstalk to download the file from AWS S3 during the deploy of the application.

The following example shows an Elastic Beanstalk’s configuration file getting a private key file from an S3 bucket.

# .ebextensions/serverkey.config Resources: AWSEBAutoScalingGroup: Metadata: AWS::CloudFormation::Authentication: S3Auth: type: "s3" buckets: [ "elasticbeanstalk-region-account-id" ] roleName: "Fn::GetOptionSetting": Namespace: "aws:autoscaling:launchconfiguration" OptionName: "IamInstanceProfile" DefaultValue: "aws-elasticbeanstalk-ec2-role" files: # Private key "/etc/pki/tls/certs/server.key": mode: "000400" owner: webapp group: webapp authentication: "S3Auth" source: https://s3.amazonaws.com/elasticbeanstalk-region-account-id/server.key

The instance profile “aws-elasticbeanstalk-ec2-role” must have permission to read the key object from the specified bucket. Look here to see how to do it.

You made set the url with an environment variable like this:

Hope you have a good day!


Image for post
Image for post

After a month of having formatted my work computer, I noticed that my mail configured in GIT was wrong. This caused my commits to not recognize me as the author and not appear on my account activity.

If this error is detected after a single commit, it can be easily solved with the following command:

If it is detected after several commits, as happened to me, the best solution is this:

I hope you enjoyed my first post ever on dev.to!

About

Ezequiel Esnaola

I like to create things

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store