Skip to content

Instantly share code, notes, and snippets.

@tache

tache/hook.rb

Forked from asimihsan/hook.rb
Last active Jan 11, 2018
Embed
What would you like to do?
Hook for letsencrypt.sh to do DNS challenges
#!/usr/bin/env ruby
require 'aws-sdk'
require 'pry'
require 'awesome_print'
require 'domainatrix'
# ------------------------------------------------------------------------------
# Credentials
# ------------------------------------------------------------------------------
# pick up AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY by default from environment
Aws.config.update({
region: 'us-east-1',
})
# ------------------------------------------------------------------------------
def setup_dns(domain, fqdn, txt_challenge)
route53 = Aws::Route53::Client.new()
# ap route53.list_hosted_zones_by_name({dns_name: "#{fqdn}."}).hosted_zones[0]
hosted_zone = route53.list_hosted_zones_by_name({dns_name: "#{fqdn}."}).hosted_zones[0]
changes = []
changes << {
action: "UPSERT",
resource_record_set: {
name: "_acme-challenge.#{domain}.",
type: "TXT",
ttl: 60,
resource_records: [
value: "\"#{txt_challenge}\"",
],
},
}
resp = route53.change_resource_record_sets({
hosted_zone_id: hosted_zone.id,
change_batch: {
changes: changes,
},
})
ap resp
sleep 20
end
# ------------------------------------------------------------------------------
def delete_dns(domain, fqdn, txt_challenge)
route53 = Aws::Route53::Client.new()
hosted_zone = route53.list_hosted_zones_by_name({dns_name: "#{fqdn}."}).hosted_zones[0]
changes = []
changes << {
action: "DELETE",
resource_record_set: {
name: "_acme-challenge.#{domain}.",
type: "TXT",
ttl: 60,
resource_records: [
value: "\"#{txt_challenge}\"",
],
},
}
resp = route53.change_resource_record_sets({
hosted_zone_id: hosted_zone.id,
change_batch: {
changes: changes,
},
})
ap resp
sleep 5
end
# ------------------------------------------------------------------------------
if __FILE__ == $0
puts "-------------------->"
hook_stage = ARGV[0]
domain = ARGV[1]
txt_challenge = ARGV[3]
url = Domainatrix.parse("#{domain}")
fqdn = "#{url.domain}.#{url.public_suffix}"
puts " Domain: #{domain}"
puts " Root: #{fqdn}"
puts " Stage: #{hook_stage}"
if hook_stage == "deploy_challenge"
puts "Challenge: #{txt_challenge}" unless hook_stage == "deploy_cert"
setup_dns(domain, fqdn, txt_challenge)
elsif hook_stage == "clean_challenge"
delete_dns(domain, fqdn, txt_challenge)
elsif hook_stage == "deploy_cert"
puts " Certs: #{txt_challenge}" if hook_stage == "deploy_cert"
end
puts "--------------------<"
end
@jmreicha

This comment has been minimized.

Copy link

@jmreicha jmreicha commented Aug 8, 2016

I'm getting the following error when I run the letsencrypt.sh script with your hook, ./letsencrypt.sh --cron --domain my.domain.com --hook ./route53.rb --challenge dns-01.

/Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/formatter.rb:122:in `method': undefined method `to_hash' for class `Seahorse::Client::Response' (NameError)
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/formatter.rb:122:in `convert_to_hash'
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/formatter.rb:55:in `awesome_self'
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/formatter.rb:36:in `format'
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/inspector.rb:148:in `unnested'
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/inspector.rb:115:in `awesome'
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/core_ext/kernel.rb:10:in `ai'
    from /Library/Ruby/Gems/2.0.0/gems/awesome_print-1.7.0/lib/awesome_print/core_ext/kernel.rb:20:in `ap'
    from ./route53.rb:46:in `setup_dns'
    from ./route53.rb:100:in `<main>'
@jmreicha

This comment has been minimized.

Copy link

@jmreicha jmreicha commented Aug 8, 2016

Changing to version 1.6 of awesome_print works. It would be nice to have the updated version working but whatever.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.