Open Beta v7.3 | Please help testing and hardening the upcoming release

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
User avatar
Joulinar
Posts: 5149
Joined: Sat Nov 16, 2019 12:49 am

Re: Open Beta v7.3 | Please help testing and hardening the upcoming release

Post by Joulinar »

is anywhere i can find the instruction how i can use it
We will add a quick documentation on next release but this will not describe the usage. For this we will link to official documentation https://github.com/fatedier/frp/blob/dev/README.md
# is dietpi letencrypted ssl certificate support wild card domain certificate?
I don't think so
# certbot only support http validation. it should be better if it also support dns validation for getting ssl certificate for domain.
This I don't understand. Let's Encrypt will verify your DNS/domain before issuing a certificate, always. For this, HTTP is used to connect from a Let's Encrypt server to your domain to verify and authenticate you.
# for local LAN use how to get self signed certificates for my all apps
There is no need to create self singed certificate on your local network and there is no plan to create a guide for this from our end. If needed, there are quite some guides on the web on how to achieve this.
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
MichaIng
Site Admin
Posts: 3106
Joined: Sat Nov 18, 2017 6:21 pm

Re: Open Beta v7.3 | Please help testing and hardening the upcoming release

Post by MichaIng »

For frp I'll also add a simple example setup guide, to access via external port to an internal server listening on a different port. I'll see if I can include HTTPS/443 for the external server component.

dietpi-letsencrypt currently only supports regular HTTP validation (with webserver modules, webroot authentication or standalone mode, depending on installed webserver), hence no wildcard domains are supported, but multiple domains at least. Certbot itself however supports DNS validation, via plugins. Check the list of APT packages available for the various DNS providers: https://packages.debian.org/python3-certbot-dns-

So you can either install Certbot and the matching plugin and run it manually, following the on-screen instructions of Certbot, or you can use dietpi-letsencrypt to also include our webserver setup and then migrate the actual certificate to a wildcard DNS validated one. Certbot allows to extend an existing cert and change the validation/authentication method via:

Code: Select all

certbot renew --force-renewal --dns-<provider> -d example.org -d *.example.org
or

Code: Select all

certbot --expand --dns-<provider> -d *.example.org
One of these methods or both should work. Replace <provider> with your DNS provider, like "cloudflare", matching the DNS plugin name.
User avatar
MichaIng
Site Admin
Posts: 3106
Joined: Sat Nov 18, 2017 6:21 pm

Re: Open Beta v7.3 | Please help testing and hardening the upcoming release

Post by MichaIng »

DietPi v7.3 has been released: https://dietpi.com/docs/releases/#june-2021-version-73

Many thanks to all testers :).
Post Reply