Skip to main content

Configuring Gunbot with a Certbot SSL Certificate and a Real Domain on Windows, Linux, and macOS

Secure your Gunbot installation using an SSL certificate from Let's Encrypt with a real domain on Windows, Linux, and macOS platforms. This guide is designed to assist beginners and includes information on VPS providers that offer free wildcard domains.

Introduction​

Using a real domain for your Gunbot installation simplifies the remote access process and enhances security when paired with an SSL certificate. This configuration protects your trading data, ensuring privacy and security no matter where you access your bot from. Additionally, a real domain can help bypass IP-based restrictions, thereby improving the reliability and accessibility of your Gunbot installation. Importantly, utilizing a real domain allows you to use the Gunbot mobile application, as Google and Apple restrict the ability for mobile applications to function without real domains.

Info

A real domain (e.g., mygunbot.example.com) combined with an SSL certificate (providing HTTPS) allows secure and easy remote access to your Gunbot instance. Certbot is a tool to obtain free SSL certificates from Let's Encrypt.

Benefits of Using a VPS (Virtual Private Server)​

Choosing to run Gunbot on a VPS in the cloud offers several advantages:

  • 24/7 Operation: A VPS allows your Gunbot to run around the clock without the need for your home PC to be constantly powered on.
  • Stable Internet Connection: VPS providers generally offer reliable and fast internet connections, reducing downtime and potential connectivity issues.
  • Enhanced Security: VPS providers include professional security measures to protect your server and data.
  • Scalability: Easily upgrade your server resources to handle increased trading activity or more trading bots.

Prerequisites​

Before you start, ensure you have the following:

  • A VPS account or a local server setup, with full administrative access.
  • A real domain with DNS settings configured to point to your VPS or local server IP.
  • Familiarity with basic command-line interface operations.

Installation Guide​

Setting Up on Windows​

Step 1: Install Certbot​

Certbot is a free, open-source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

  1. Download and Install Certbot:
Step 2: Obtain a Certificate​

  1. Open Command Prompt as Administrator:

    • Search for cmd in your Windows search bar, right-click on Command Prompt, and select 'Run as administrator'.

  2. Run Certbot:

    • In the Command Prompt, navigate to the Certbot directory, if not set to PATH, by typing cd path\to\certbot.
    • Enter the following command to obtain a certificate:
      certbot certonly --standalone -d yourdomain.com -d www.yourdomain.com
      • Replace yourdomain.com with your actual domain.
      • Follow the on-screen prompts to complete the domain verification process. Certbot will communicate with the Let's Encrypt servers, verify your domain, and issue the SSL certificate.
Step 3: Install the Certificate in Gunbot​
  1. Locate Certificate Files:
    • After successful verification, your certificate and key will be stored in C:\Certbot\live\yourdomain.com\. You will mainly need fullchain.pem (certificate file) and privkey.pem (private key file).
  2. Configure Gunbot to Use SSL:
    • Copy the fullchain.pem and privkey.pem to your Gunbot directory. You may need to rename these files to localhost.crt and localhost.key respectively, or update your Gunbot configuration to point to these files.
    • Edit your config.js or GUI settings to enable HTTPS and specify the paths to the copied certificate and key.
Step 4: Configure Windows Firewall​
  • Ensure that the port used by Gunbot (default 5000, or another if configured) is open in your Windows Firewall to allow inbound connections.
Step 5: Test the Configuration​
  • Restart Gunbot and navigate to https://yourdomain.com:port (where port is your configured Gunbot GUI port) to verify that the SSL certificate is working correctly.
Troubleshooting​
  • If you encounter errors related to the certificate not being trusted, ensure that fullchain.pem is correctly installed and referenced.
  • For issues with accessing the Gunbot GUI, check firewall settings and ensure that the correct ports are open and forwarded if necessary.

Setting Up on Linux​

  1. Access your VPS: Connect via SSH or terminal:
    ssh root@your_vps_ip
  2. Install Certbot:
    sudo apt update
    sudo apt install certbot -y
  3. Generate SSL Certificates:
    sudo certbot certonly --standalone -d yourdomain.com -d www.yourdomain.com
    (Replace yourdomain.com with your actual domain)

Setting Up on macOS​

  1. Install Homebrew (if not already installed):
    /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
  2. Install Certbot:
    brew install certbot
  3. Run Certbot:
    sudo certbot certonly --standalone -d yourdomain.com -d www.yourdomain.com
    (Replace yourdomain.com with your actual domain)

Configuring Gunbot to Use SSL​

Configure the config.js file to use HTTPS.

Copy your SSL certificates for easier management (paths shown for Linux/macOS, adjust for Windows if necessary):

sudo cp /etc/letsencrypt/live/yourdomain.com/privkey.pem /path/to/Gunbot/localhost.key
sudo cp /etc/letsencrypt/live/yourdomain.com/fullchain.pem /path/to/Gunbot/localhost.crt

(Replace yourdomain.com and /path/to/Gunbot/ with your actual domain and Gunbot installation path)

Detailed GUI Configuration for Gunbot​

Below is the JSON snippet that configures the graphical user interface (GUI) settings in Gunbot's config.js file. This configuration ensures the GUI is tailored to your security and accessibility preferences:

"GUI": {
    "enabled": true,         // This activates the GUI, allowing for user interaction.
    "start": false,          // The GUI will not start automatically upon launching Gunbot.
    "port": 3001,            // Defines the port number for GUI access.
    "https": true,           // Enables HTTPS to secure the GUI communication using SSL/TLS.
    "key": "localhost.key",  // The SSL private key file, expected to be in the same directory as the config file.
    "cert": "localhost.crt", // The SSL certificate file, expected to be in the same directory as the config file.
    "networktraffic": false, // Disables the monitoring of network traffic in #core.
    "authentication": {
        "login": true,       // Requires users to log in, ensuring that only authorized users can access the GUI.
        "twoFA": false       // Two-factor authentication is disabled, simplifying access but reducing security.
    }
}

Note: The example port 3001 is used here. If you changed this in previous steps (e.g., to 5000 for Windows Firewall), ensure consistency.

Making Gunbot Accessible from Anywhere​

  1. Port Forwarding: Open the configured port (e.g., 3001) on your router to allow external connections to your server.
  2. Firewall Settings: Configure your server's firewall (Windows Firewall, ufw on Linux, macOS Firewall) to allow traffic on the configured port.

Verification and Troubleshooting​

Restart Gunbot and verify that you can access it via https://yourdomain.com:PORT (replace PORT with your configured port, e.g., 3001). If you encounter issues accessing your Gunbot through the domain, verify that your DNS settings are correctly configured and that the SSL certificates are properly set up. Additionally, check that your VPS or local firewall settings allow traffic on the necessary ports. Common issues include incorrect file paths in configuration files and blocked ports on your network.

Conclusion​

Setting up Gunbot with a real domain and SSL certificate significantly enhances the flexibility and security of your trading setup. For additional support, contact the support channels.