Created
February 14, 2024 04:11
-
-
Save md-riaz/836a3395dc3c57ee9d89e75ea9861f85 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Configuration variables | |
DOMAIN="example.com" | |
WILDCARD="*.example.com" | |
EMAIL="admin@example.com" | |
API_ENDPOINT="https://your-api-endpoint.com/update-dns-record" | |
SLEEP_INTERVAL=86400 # 24 hours in seconds | |
# Function to add DNS record using custom API request | |
add_dns_record() { | |
local subdomain="$1" | |
local record_value="$2" | |
# Custom API request to add DNS record | |
# Replace this with your actual API request logic | |
# Example: curl -X POST -d "subdomain=$subdomain&value=$record_value" $API_ENDPOINT | |
echo "Adding DNS record for $subdomain with value $record_value" | |
} | |
# Function to renew SSL certificate using Certbot | |
renew_ssl_certificate() { | |
echo "Renewing SSL certificate..." | |
sudo certbot renew --quiet || { echo "Error: Certbot renewal failed"; exit 1; } | |
} | |
# Loop to check for renewal every 24 hours | |
while true; do | |
# Generate SSL certificate if not already installed | |
if ! sudo certbot certificates | grep -q "$DOMAIN"; then | |
echo "Generating wildcard SSL certificate..." | |
sudo certbot certonly --manual --preferred-challenges=dns --email $EMAIL --agree-tos -d $DOMAIN -d $WILDCARD --manual-public-ip-logging-ok || { echo "Error: Certbot certificate generation failed"; exit 1; } | |
fi | |
# Extract DNS challenge information | |
challenge_domain="_acme-challenge.$DOMAIN" | |
challenge_value=$(sudo cat /etc/letsencrypt/live/$DOMAIN/DNS_challenge.txt) | |
# Add DNS record using custom API request | |
add_dns_record $challenge_domain $challenge_value || { echo "Error: Adding DNS record failed"; exit 1; } | |
# Wait for DNS record propagation | |
echo "Waiting for DNS record propagation (may take a few minutes)..." | |
sleep 60 | |
# Verify DNS record and renew SSL certificate | |
renew_ssl_certificate | |
# Wait for the next check | |
echo "Waiting for $SLEEP_INTERVAL seconds before the next renewal check..." | |
sleep $SLEEP_INTERVAL | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment