From 7172af10e11acfbfd9fccdbffb817feddb611988 Mon Sep 17 00:00:00 2001
From: germeier <markus@germeier.com>
Date: Sun, 31 Jan 2016 16:14:49 +0100
Subject: [PATCH] Created Example hook script using dns-01 with nsupdate
 (markdown)

---
 ...-hook-script-using-dns-01-with-nsupdate.md | 49 +++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 Example-hook-script-using-dns-01-with-nsupdate.md

diff --git a/Example-hook-script-using-dns-01-with-nsupdate.md b/Example-hook-script-using-dns-01-with-nsupdate.md
new file mode 100644
index 0000000..c33c12a
--- /dev/null
+++ b/Example-hook-script-using-dns-01-with-nsupdate.md
@@ -0,0 +1,49 @@
+# Example hook script using **Dynamic DNS update utility** for _dns-01_ challenge
+
+This hook script uses the nsupdate utility from the bind package to solve dns-01 challenges.
+
+## Code
+
+```bash
+#!/usr/bin/env bash
+
+#
+# Example how to deploy a DNS challange using nsupdate
+#
+
+set -e
+set -u
+set -o pipefail
+umask 077
+
+updatefile="$(mktemp)"
+
+NSUPDATE="nsupdate -k /path/to/Kdnsupdatekey.private"
+done="no"
+
+if [[ "$1" = "deploy_challenge" ]]; then
+    printf "update add _acme-challenge.%s. 300 in TXT \"%s\"\n\n" "${2}" "${4}" > "${updatefile}"
+    $NSUPDATE "${updatefile}"
+    done="yes"
+fi
+
+if [[ "$1" = "clean_challenge" ]]; then
+    printf "update delete _acme-challenge.%s. 300 in TXT \"%s\"\n\n" "${2}" "${4}" > "${updatefile}"
+    $NSUPDATE "${updatefile}"
+    done="yes"
+fi
+
+if [[ "${1}" = "deploy_cert" ]]; then
+    # do nothing for now
+    done="yes"
+fi
+
+rm -f "${updatefile}"
+
+if [[ ! "${done}" = "yes" ]]; then
+    echo Unkown hook "${1}"
+    exit 1
+fi
+
+exit 0
+```
\ No newline at end of file