I’m sharing a small Bash tool I built called TawanaSSL-AutoWildcard. It automates issuing and installing Let’s Encrypt wildcard SSL certificates using the Cloudflare DNS-01 challenge via acme.sh — made especially for Marzban, Marzneshin, but also works on any custom Linux HTTPS server.
Repo: https://github.com/tawanamohammadi/TawanaSSL-AutoWildcard
What it does automatically:
Installs acme.sh if it’s missing
Issues wildcard certs for:
yourdomain.com
*.yourdomain.com
Uses Cloudflare DNS API (no HTTP challenge needed)
Installs certs into:
Marzban: /var/lib/marzban/certs
Marzneshin: /var/lib/marzneshin/certs
or any custom path you choose
Creates timestamped backups of old certs
Reloads Nginx and restarts Marzban/Marzneshin services
Supports auto-renew via acme.sh cron
I’m actively upgrading this project and would really appreciate feedback from anyone who runs Marzban/Marzneshin or manages multi-subdomain proxy/VPN setups:
edge cases you’ve seen with wildcard + Cloudflare DNS-01
UX/flow improvements (currently an interactive 6-step setup)
DNS providers you’d like added (API Tokens, Route53, DNSPod, etc.)
any service/panel integrations worth supporting next
Thanks a lot — any thoughts or testing reports help! 🙏
.png)
No comments:
Post a Comment