Surtr

A tool for managing Let's Encrypt certificates.

Install

gem install surtr

Set up GCP

You'll want to set SURTR_GCP_PROJECT to the name of the GCP project your Cloud DNS records are in.

You'll need to have credentials installed locally. The usual way to do this is to install the Google Cloud SDK and set up an application-default login.

• https://cloud.google.com/sdk/downloads
• https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login

Commands

surtr wizard DESTINATION DOMAINS...

Authorize DOMAINS, get a certificate for them, and store the files in DESTINATION.

surtr acme genkey

Generate a signing key for ACME requests.

surtr acme register EMAIL

Register the signing key with Let's Encrypt.

surtr acme authorize challenge DOMAIN

Begin or resume a DNS challenge for the specified domain.

surtr acme authorize verify DOMAIN

For when the DNS has updated: verify the authorization.

surtr acme certificate DESTINATION DOMAINS...

Obtain a certificate for DOMAINS and store the files in DESTINATION.

surtr dns NAME TYPE VALUE gcp

Add a DNS record to GCP.

surtr dns NAME TYPE VALUE wait

Wait until the record propagates.