2025-01-04
- It urns out that Porkbun have an API that can be used to issue a wildcard cert from LetsEncrypt for root domains that are registered with them.
- The API is really straightforward. Key and secret for auth, and a single endpoint that returns they cert chain and key
- I'll script something to run monthly to pull a new cert and deploy it where it's needed. Not sure how that'll work in reality; even if I can dump the files into the right directories, there will probably be some services that need restarting. That'll need root access, so might need to be root/docker/some other privileged user.