Just to add my 2 cents here:
-
Your question about Github.com and scripts being legit/safe is valid and a good one. Most people will recommend that you read through scripts from the internet to ensure you know what it is doing. But, this script is ok and you shouldn't have to worry.
-
As everyone else has stated, you will need to own the domain name you want to use for your home. So, if you want to use pihole.bill2.org then you will need to make sure you own bill2.org. Couple of ways of doing that.
-
Acme is confusing, not going to lie, because it just assumes you understand what it does. I had a bit of a problem wrapping my head around it. There are a lot of posts out there but I found these useful How to issue a Let's Encrypt Wildcard SSL certificate with Acme.sh - VirtuBox
https://medium.com/@pavlakis/using-acme-sh-to-generate-letsencrypt-certificates-c98f28752e9f -
You will need to look in acme.sh/dnsapi at master · acmesh-official/acme.sh · GitHub for your DNS Provider and just make sure you're using this in your script.
5 - now, once you have you use acme.sh to issue your keys, the way I do it is export them:
acme.sh --install-cert -d *.bill2.org --key-file ~/bill2key.pem --certfile ~/bill2certfile/pem --full-certchain ~/bill2ca.pem >>> this will create files.
To add to PiHole -> there's a great FAQ in the PiHole discourse section:
Now, personally? Do you NEED TLS if the PiHole web interface is ONLY accessed when you're at home? Prob not. BUT, it's not a bad idea if you're super concerned about security AND (in my opinion) it's fun!
Hope I helped in clearing up some uncertainties!