]> git.pld-linux.org Git - packages/dehydrated.git/blob - hook-dns-01.sh
projects / packages / dehydrated.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add hook-dns-01.sh
[packages/dehydrated.git] / hook-dns-01.sh
1 #!/bin/bash
2
3 # based on https://github.com/lukas2511/dehydrated/wiki/example-dns-01-nsupdate-script
4
5 set -e
6 set -u
7 set -o pipefail
8
9 case "$1" in
10         "deploy_challenge")
11                 echo ""
12                 echo "Add the following to the zone definition of ${2}:"
13                 echo "'_acme-challenge.${2}:${4}:300"
14                 echo ""
15                 echo -n "Press enter to continue..."
16                 read tmp
17                 echo ""
18         ;;
19         "clean_challenge")
20                 echo ""
21                 echo "Now you can remove the following from the zone definition of ${2}:"
22                 echo "'_acme-challenge.${2}:${4}:300"
23                 echo ""
24                 echo -n "Press enter to continue..."
25                 read tmp
26                 echo ""
27         ;;
28         "deploy_cert")
29                 DOMAIN="$2"
30                 PRIVKEY="$3"
31                 CERT="$4"
32                 FULLCHAINCERT="$5"
33                 CHAINCERT="$6"
34                 TIMESTAMP="$7"
35                 if [ -x /etc/rc.d/init.d/apache ]; then
36                         echo " + Hook: Overwritting /etc/httpd/ssl/server.{crt,key}, /etc/httpd/ssl/ca.crt and reloading Apache..."
37                         cp -a /etc/apache/server.crt /etc/apache/server.crt.letsencrypt~
38                         cp -a /etc/apache/server.key /etc/apache/server.key.letsencrypt~
39                         cp -a /etc/apache/ca.crt /etc/apache/ca.crt.letsencrypt~
40                         cat "$CERT" > /etc/apache/server.crt
41                         cat "$PRIVKEY" > /etc/apache/server.key
42                         cat "$CHAINCERT" > /etc/apache/ca.crt
43                         /sbin/service apache restart
44                 fi
45         ;;
46         "unchanged_cert")
47                 # do nothing for now
48         ;;
49         *)
50                 echo "Unknown hook \"${1}\""
51                 exit 1
52         ;;
53 esac
54
55 exit 0
56
letsencrypt/acme client implemented as a shell-script
This page took 0.025126 seconds and 3 git commands to generate.