ssl enabled ddns for toon with letsencrypt certificate

Everything about external control, apps, VNC, etc goes here.

Moderators: marcelr, TheHogNL, Toonz

Post Reply
gerlag
Starting Member
Starting Member
Posts: 20
Joined: Wed Dec 27, 2017 1:49 pm

ssl enabled ddns for toon with letsencrypt certificate

Post by gerlag »

Hi all, I tried to write an HOWTO to achieve a ssl enabled ddns domain for toon with a valid letsencrypt certificate.

... and I ended up with a script called ddns_client.sh which installs a dyndns client for dynu.com and also acme.sh for creating and automatic updating a let'sencrypt SSL certifcate.

As a result you'll get external password protected SSL (mobile) access for rooted Toon on a -always free- dynu ddns domain.

I published the script on github

in short:
  • Specify username and pasword in Toon for mobile access
  • Create an account on dynu.com and register one of their free third level ddns domains and make a note of Client_id and secret.
  • Create a port forwarding rule on your router
  • After logging in in Toon with putty I can (maybe you can too) install the script online directly from github:

    Code: Select all

    curl https://raw.githubusercontent.com/gerlag/ddns_for_toon/main/ddns_client_download.sh -O && sh ddns_client_download.sh install
Feel free to test, use or fork it,
Tested on Toon1. I don't have access to a Toon 2. Assume this script could work on Toon 2 too, maybe with minor changes.

Use at your own risk...
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by TheHogNL »

Nice! Didn't try it yet but studied the code.

Acme uses contrab to update the certificate when needed but crontab isn't installed normally on toon1/toon2. So that is one thing to keep in mind before running this script.

And a toon2 doesn't have cron binary in the installed list. That's also why we stopped installing it per default on rooting scripts.
Member of the Toon Software Collective
gerlag
Starting Member
Starting Member
Posts: 20
Joined: Wed Dec 27, 2017 1:49 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by gerlag »

The script will install crontab when it's not installed and then it reboots Toon. One of my Toon's 1 had crontab installed, the other (spare) Toon had not.

I didn't know Toon 2 has no crontab at all. Acme.sh needs crontab too, so without it it seems to be a problem to get it running on Toon2.

[edit] I saw that . acme.sh can be installed without cron:

Code: Select all

./acme.sh  --install  --nocron
Maybe putting a small script in init.d with an infinite loop that triggers the acme letsencrypt update once a month could do the trick. I'll have a look at it next week.

BTW, I tested the ssl quality, it gets an 'A' from https://www.ssllabs.com/ssltest/ . Not so bad for such a 'light' device as Toon1 is...
Last edited by gerlag on Fri Mar 04, 2022 5:09 pm, edited 2 times in total.
TheHogNL
Forum Moderator
Forum Moderator
Posts: 2125
Joined: Sun Aug 20, 2017 8:53 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by TheHogNL »

Think we can add the acme.sh in the tsc script to run each week or so. Let me think about that
Member of the Toon Software Collective
gerlag
Starting Member
Starting Member
Posts: 20
Joined: Wed Dec 27, 2017 1:49 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by gerlag »

That's of course a good alternative. In that case, the ddns update script should also be triggered every (half an) hour or so.
oepi-loepi
Advanced Member
Advanced Member
Posts: 628
Joined: Sat Feb 09, 2019 7:18 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by oepi-loepi »

Zo Berlag. Goed bezig, ik ga hem eens proberen op een toon 2.

In eerste instantie wordt de update-rooted.sh niet gevonden.. misschien een path dingetje. Nu eerst zelf even sh update-rooted.sh -o gegeven en daarna het script gestart.

Zoals aangegeven wordt de cron niet geinstalleerd.
Unknown package 'cron'.
Collected errors:
* opkg_install_cmd: Cannot install package cron.
gerlag
Starting Member
Starting Member
Posts: 20
Joined: Wed Dec 27, 2017 1:49 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by gerlag »

Thanks, oepi loepi, for the confirmation I will look for a nonCron solution. In that case update-rooted.sh is't needed anymore, so that problem will be solved 'automatically'. Maybe next week or so.
gerlag
Starting Member
Starting Member
Posts: 20
Joined: Wed Dec 27, 2017 1:49 pm

Re: ssl enabled ddns for toon with letsencrypt certificate

Post by gerlag »

I made a minor update to my script on github. It appeared that the crontab in toon 1 does not support 'after boot' tasks. Now the script reloads its settings once a day,. That prevents the problem of losing contact after an automatic update of Toon.
Note: script works for Toon1 only!
Post Reply

Return to “Toon external control”