Skip to content

Instantly share code, notes, and snippets.

@UnixSage
Last active May 20, 2023 14:27
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save UnixSage/08384045e36cdad622516d10bfcf5431 to your computer and use it in GitHub Desktop.
Save UnixSage/08384045e36cdad622516d10bfcf5431 to your computer and use it in GitHub Desktop.
Script to use with CertBot's --manual-auth-hook switch
#!/bin/bash
KEY="GoDaddyAuthKey"
SECRET="GoDaddySecret"
APISITE="api.godaddy.com"
BASEDOMAIN=`echo ${CERTBOT_DOMAIN} | awk -F. '{OFS="."; print $(NF-1),$(NF)}'`
SUBDOMAIN=`echo ${CERTBOT_DOMAIN} | sed -e 's/'${BASEDOMAIN}'//' -e 's/\.$//'`
if [ -z ${SUBDOMAIN} ] ; then
DNSRECORD="_acme-challenge"
else
DNSRECORD="_acme-challenge.${SUBDOMAIN}"
fi
NAMESERVER=`dig -t ns +noall +answer ${BASEDOMAIN} | awk 'NR==1{print $5}'`
curl -X PUT "https://${APISITE}/v1/domains/${BASEDOMAIN}/records/TXT/${DNSRECORD}" -H "accept: application/json" -H "Content-Type: application/json" -H "Authorization: sso-key ${KEY}:${SECRET}" -d "[ { \"data\": \"${CERTBOT_VALIDATION}\", \"port\": 53, \"priority\": 0, \"protocol\": \"string\", \"service\": \"string\", \"ttl\": 600, \"weight\": 1 }]"
echo "Testing Validation Record"
TRY=0
while [ $TRY -ne 12 ] ; do
CURRENT_DATA=`dig @${NAMESERVER} -t txt +noall +answer ${DNSRECORD}.${BASEDOMAIN} | awk '{gsub("\"",""); print $5}'`
if [ ! -z ${CURRENT_DATA} ] ; then
if [ ${CURRENT_DATA} == ${CERTBOT_VALIDATION} ] ; then
echo Succeeded: ${CERTBOT_DOMAIN}
echo sleep 30 seconds
sleep 30
exit 0
fi
fi
let TRY=$TRY+1
sleep 5
done
echo Domain: ${CERTBOT_DOMAIN}
echo "Timed Out"
@gdiazs
Copy link

gdiazs commented Jan 28, 2022

Hello!, does it work for wildcards?

Thanks

@UnixSage
Copy link
Author

Yes, that is what I use it for.. I maintain several LetsEncrypt wildcard certs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment