From b9fbafc3923694c5ded70cac57732abec740837d Mon Sep 17 00:00:00 2001 From: root Date: Sun, 23 Feb 2020 19:37:06 +0100 Subject: [PATCH] Added hook scripts --- .gitignore | 1 + letsencrypt/lets_authenticator.sh | 42 +++++++++++++++++++++++++++++++ letsencrypt/lets_cleanup.sh | 41 ++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+) create mode 100755 letsencrypt/lets_authenticator.sh create mode 100755 letsencrypt/lets_cleanup.sh diff --git a/.gitignore b/.gitignore index cbf8671..9d76d13 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +certbot-auto etc/ #.*# .*~ diff --git a/letsencrypt/lets_authenticator.sh b/letsencrypt/lets_authenticator.sh new file mode 100755 index 0000000..8039ba3 --- /dev/null +++ b/letsencrypt/lets_authenticator.sh @@ -0,0 +1,42 @@ +LOG_FILE='/tmp/lets_auth.log' +DNS_DB_MYCNF="/usr/local/ortiche/otcerts/etc/dns_db.conf" + +echo "Auth $CERTBOT_DOMAIN" + +echo "" >> $LOG_FILE +date >> $LOG_FILE + +RECORD_NAME='_acme-challenge' +RECORD_FQDN="$RECORD_NAME.$CERTBOT_DOMAIN" + +DOMAIN_ID=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY + SELECT domains.id FROM domains WHERE domains.name='$CERTBOT_DOMAIN' +END_QUERY` + +if [ -z "$DOMAIN_ID" ]; then + echo "ERROR: Nameservers are not managed for domain $CERTBOT_DOMAIN" >> $LOG_FILE + exit 255 +fi + +echo "Selected domain_id $DOMAIN_ID" >> $LOG_FILE + +echo "Creating $RECORD_FQDN TXT entry with value $CERTBOT_VALIDATION" >> $LOG_FILE + +QUERY_RES=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY + INSERT INTO records (domain_id, name, type, content, ttl, prio, label) + VALUES ($DOMAIN_ID, '$RECORD_FQDN', 'TXT', '"$CERTBOT_VALIDATION"', 5, 60, '"$CERTBOT_VALIDATION"') +END_QUERY` + +# echo "Done updating" >> $LOG_FILE +RECORD_ID=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY + SELECT id FROM records WHERE (type='TXT' and name='$RECORD_FQDN') +END_QUERY` + +echo "After update $RECORD_ID ." >> $LOG_FILE +echo "Done updating, sleeping 10 secs .. " >> $LOG_FILE +sleep 5 +echo "Done sleeping." >> $LOG_FILE +# dig @172.19.0.102 $RECORD_FQDN TXT +short >> $LOG_FILE +# dig @dns.contaminati.net $RECORD_FQDN TXT +short >> $LOG_FILE +# dig @dns.ortiche.net $RECORD_FQDN TXT +short >> $LOG_FILE +exit 0 diff --git a/letsencrypt/lets_cleanup.sh b/letsencrypt/lets_cleanup.sh new file mode 100755 index 0000000..d60fec1 --- /dev/null +++ b/letsencrypt/lets_cleanup.sh @@ -0,0 +1,41 @@ +LOG_FILE='/tmp/lets_clean.log' +DNS_DB_MYCNF="/usr/local/ortiche/otcerts/etc/dns_db.conf" + +echo "" >> $LOG_FILE +date >> $LOG_FILE + + + +echo "CERTBOT_AUTH_OUTPUT = $CERTBOT_AUTH_OUTPUT" >> $LOG_FILE + +RECORD_NAME='_acme-challenge' +RECORD_FQDN="$RECORD_NAME.$CERTBOT_DOMAIN" + +DOMAIN_ID=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY + SELECT domains.id FROM domains WHERE domains.name='$CERTBOT_DOMAIN' +END_QUERY` + +if [ -z "$DOMAIN_ID" ]; then + echo "ERROR: Nameservers are not managed for domain $CERTBOT_DOMAIN" >> $LOG_FILE + exit 255 +fi + +RECORD_ID=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY + SELECT id FROM records WHERE (type='TXT' and name='$RECORD_FQDN') +END_QUERY` + +echo "Cleaning $RECORD_FQDN TXT entry, record id $RECORD_ID" >> $LOG_FILE + +# QUERY_RES=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY +# UPDATE records SET content='""' WHERE id=$RECORD_ID +# END_QUERY` + +# To complete delete +DELETE_RES=`mysql --defaults-extra-file=$DNS_DB_MYCNF -s -N << END_QUERY + DELETE FROM records WHERE (domain_id=$DOMAIN_ID AND name='$RECORD_FQDN') +END_QUERY` + +echo "Done cleaning, sleeping 5 secs .. " >> $LOG_FILE +sleep 5 +echo "Done sleeping." >> $LOG_FILE +exit 0