Fabio/certbot-domainvalidation-dynu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit.

Browse source
This commit is contained in:
aney1 2019-07-28 14:51:11 +02:00 committed by GitHub
parent 6bb75c0af1
commit 0d465840d6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 61 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
README.md Normal file
View file

@ -0,0 +1,17 @@
This repository conatins everything needed to create and renew LetsEncrypt certificates (incl. wildcard certificates) on Dynu (https://www.dynu.com/).
This should work on machine that can run docker (I'm using it on a QNAP NAS).
If you already have certbot installed you can also just use the scripts in the scripts folder, without docker.
h1. Usage with docker-compose:
You will need Docker and Docker-Compose:
https://docs.docker.com/install/
https://docs.docker.com/compose/install/
docker-compose -f <PATH_TO_FILES>/certbot/docker-compose.yml up
Cronjob to run it twice daily (like recomended by Certbot, certificates are only renewed when needed):
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && docker-compose -f <PATH_TO_FILES>/certbot/docker-compose.yml up
h1. Usage with locally installed certbot:
Required packages: certbot, jq, curl
certbot certonly --manual-public-ip-logging-ok --non-interactive --agree-tos --email <PUT_YOUR_EMAIL_HERE> --manual --preferred-challenges=dns --manual-auth-hook <PATH_TO_FILES>/script-pre.sh --manual-cleanup-hook <PATH_TO_FILES>/script-post.sh -d YOURDOMAIN.TLD -d *.YOURDOMAIN.TLD

5
certbot/Dockerfile Normal file
View file

@ -0,0 +1,5 @@
FROM certbot/certbot:latest
RUN apk update \
&& apk add jq curl\
&& rm -rf /var/cache/apk/*

14
docker-compose.yml Normal file
View file

@ -0,0 +1,14 @@
version: "3"
services:
certbot:
build: certbot
volumes:
- /etc/letsencrypt/:/etc/letsencrypt/
- ./scripts:/scripts/
logging:
driver: json-file
options:
max-size: "10m"
max-file: "1"
command: certonly --manual-public-ip-logging-ok --non-interactive --agree-tos --email <PUT_YOUR_EMAIL_HERE> --manual --preferred-challenges=dns --manual-auth-hook /scripts/script-pre.sh --manual-cleanup-hook /scripts/script-post.sh -d YOURDOMAIN.TLD -d *.YOURDOMAIN.TLD

16
scripts/script-post.sh Normal file
View file

@ -0,0 +1,16 @@
#!/bin/sh
api_key='<PUT_YOUR_API_KEY_HERE>'
domainID='<PUT_YOUR_DOMAIN_ID_HERE>'
while
records=$(curl -s -X GET "https://api.dynu.com/v2/dns/$domainID/record" -H "accept: application/json" -H "API-Key: $api_key")
identifier=$(echo $records | jq '.dnsRecords[] | select(.nodeName=="_acme-challenge")' | jq '.id' | head -n 1)
if [ ! -z "$identifier" ]
then
echo "Delete: $identifier"
curl -s -X DELETE "https://api.dynu.com/v2/dns/$domainID/record/$identifier" -H "accept: application/json" -H "API-Key: $api_key"
fi
[[ ! -z "$identifier" ]]
do
continue
done

9
scripts/script-pre.sh Normal file
View file

@ -0,0 +1,9 @@
#!/bin/sh
api_key='<PUT_YOUR_API_KEY_HERE>'
domainID='<PUT_YOUR_DOMAIN_ID_HERE>'
#Create record
resultCreate=$(curl -s -X POST "https://api.dynu.com/v2/dns/$domainID/record" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"nodeName\":\"_acme-challenge\",\"recordType\":\"TXT\",\"ttl\":60,\"state\":true,\"group\":\"\",\"textData\":\"$CERTBOT_VALIDATION\"}" -H "API-Key: $api_key")
echo $resultCreate
sleep 30