Here it’s my implementation.
resource "linode_instance" "server" {
count = 1
label = "server-${count.index}"
region = "ap-west"
image = "linode/ubuntu21.10"
type = "g6-nanode-1"
tags = ["prod"]
root_pass = var.linode_instance_root_password
stackscript_id = linode_stackscript.nodejs_script.id
stackscript_data = {
"dns" = "server-${count.index}"
"email" = var.ssl_certificate_email
}
}
resource "cloudflare_record" "server" {
zone_id = var.cloudflare_zone_id
name = "server-${count.index}"
count = "${length(linode_instance.server)}"
value = "${linode_instance.server[count.index].ip_address}"
ttl = 1
type = "A"
}
I can create the certificate.pem and private key.pem files with certbot in Linode Script however since I create the DNS resource after the Linode instance creation it’s not possible to do that. What are the best practices for this?
Note: I've also tried to create wildcard certification (as explained in here) but I'm not sure how can I copy the certificate files to my servers?
Update
sudo apt-get --assume-yes install certbot
# <UDF name="dns" label="System Package to Install" example=“server" default="">
sudo certbot certonly --standalone --non-interactive --agree-tos -m [email protected] -d $DNS