Using the script with GitLab CI/CD

[renderd1]

Hello,

First of all, I appreciate the work you have put into the script, so thank you!

I managed to run it with GitLab CI/CD, as I believe @Zeioth has done (I put my .gitlab-ci.yml settings at the bottom of this post) but I had questions regarding the next steps after successful completion of the script:

• How can I actually save the fullchain.pem and privkey.pem that cerbot generates if I'm running a venv on GitLab?
• My site is also hosted on NameSilo. Would I need to manually insert the certificate details in my cPanel each time I run the script? Are you also hosting your site with this provider and have you managed to automate this process somehow?

I would appreciate any guidance at all, thank you so much in advance.

image: python:latest

stages:
  - build
  - test
  - deploy

variables:
  PIP_CACHE_DIR: "$CI_PROJECT_DIR/.cache/pip"

cache:
  paths:
    - .cache/pip
    - venv/

before_script:
  - pip install virtualenv
  - virtualenv venv
  - source venv/bin/activate

install:
  stage: build
  script:
    - pip install tldextract untangle
    - pip install certbot

renew:
  stage: test
  script:
    - chmod +x ./authenticator.py
    - chmod +x ./cleanup.py
    - certbot certonly -v --manual --email xyz@xyz.com --agree-tos --manual-public-ip-logging-ok --preferred-challenges=dns --manual-auth-hook ./authenticator.py --manual-cleanup-hook ./cleanup.py -d *.xyz.com -d xyz.com

success:
  stage: deploy
  script:
    - echo "SSL certificate renewed succesfully!"

[ethauvin]

You might want to talk with @Zeioth. I believe he's using the script with GitLab.

[renderd1]

@ethauvin Thank you for getting back to me. The script completes successfully now and does indeed write the necessary records.

@Zeioth, If you have any time to spare, I would appreciate if you could help me understand the points raised in the original post?

I have updated the post to reflect the current situation and added my gitlab-ci.yml file.

Thank you both for your help.