-
Notifications
You must be signed in to change notification settings - Fork 17
/
certbot.default.sh
executable file
·73 lines (68 loc) · 2.54 KB
/
certbot.default.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/usr/bin/env sh
#
set -euf -o pipefail
# ************** USAGE **************
#
# This is an example hook that can be used with Certbot.
#
# Example usage (with certbot-auto and this hook file saved in /root/):
#
# sudo ./certbot-auto -d example.org -d www.example.org -a manual -i nginx --preferred-challenges dns \
# --manual-auth-hook "/root/certbot.default.sh auth" --manual-cleanup-hook "/root/certbot.default.sh cleanup"
#
# This hook requires configuration, continue reading.
#
# ************** CONFIGURATION **************
#
# Please configure PROVIDER and PROVIDER_CREDENTIALS.
#
# PROVIDER:
# Set this to whatever DNS host your domain is using:
#
# route53 cloudflare cloudns cloudxns digitalocean
# dnsimple dnsmadeeasy dnspark dnspod easydns gandi
# glesys godaddy linode luadns memset namecheap namesilo
# nsone ovh pointhq powerdns rackspace rage4 softlayer
# transip vultr yandex zonomi
#
# The full list is in Lexicon's README.
# Defaults to Cloudflare.
#
PROVIDER=${DNS_PROVIDER}
#
# PROVIDER_CREDENTIALS:
# Lexicon needs to know how to authenticate to your DNS Host.
# This will vary from DNS host to host.
# To figure out which flags to use, you can look at the Lexicon help.
# For example, for help with Cloudflare:
#
# lexicon cloudflare -h
#
#PROVIDER_CREDENTIALS=("--auth-username=${DNS_USERNAME}" "--auth-token=${DNS_TOKEN}")
#
# PROVIDER_UPDATE_DELAY:
# How many seconds to wait after updating your DNS records. This may be required,
# depending on how slow your DNS host is to begin serving new DNS records after updating
# them via the API. 30 seconds is a safe default, but some providers can be very slow
# (e.g. Linode).
#
# Defaults to 30 seconds.
#
PROVIDER_UPDATE_DELAY=30
# To be invoked via Certbot's --manual-auth-hook
function auth {
lexicon "${PROVIDER}" --auth-username="${DNS_USERNAME}" --auth-token="${DNS_TOKEN}" \
create "${CERTBOT_DOMAIN}" TXT --name "_acme-challenge.${CERTBOT_DOMAIN}" --content "${CERTBOT_VALIDATION}"
echo "[Lexicon] Added _acme-challenge.${CERTBOT_DOMAIN}"
sleep "${PROVIDER_UPDATE_DELAY}"
}
# To be invoked via Certbot's --manual-cleanup-hook
function cleanup {
lexicon "${PROVIDER}" --auth-username="${DNS_USERNAME}" --auth-token="${DNS_TOKEN}" \
delete "${CERTBOT_DOMAIN}" TXT --name "_acme-challenge.${CERTBOT_DOMAIN}" --content "${CERTBOT_VALIDATION}"
echo "[Lexicon] Deleted _acme-challenge.${CERTBOT_DOMAIN}"
}
HANDLER=$1; shift;
if [ -n "$(type -t $HANDLER)" ] && [ "$(type -t $HANDLER)" = function ]; then
$HANDLER "$@"
fi