diff --git a/Example-of-DNS-01-via-GoDaddy-API.md b/Example-of-DNS-01-via-GoDaddy-API.md deleted file mode 100644 index 251a958..0000000 --- a/Example-of-DNS-01-via-GoDaddy-API.md +++ /dev/null @@ -1,103 +0,0 @@ -## Basic - - #!/usr/bin/env bash - - # - # dns-01 challenge through GoDaddy API. - # https://developer.godaddy.com/doc#!/_v1_domains - # - - set -e - set -u - set -o pipefail - - domain="" - apikey="" - secret="" - - case "$1" in - "deploy_challenge") - curl -X PUT https://api.godaddy.com/v1/domains/$domain/records/TXT -H "Authorization: sso-key $apikey:$secret" -H "Content-Type: application/json" -d "[{\"name\": \"_acme-challenge.${2}\", \"ttl\": 600, \"data\": \"${4}\"}]" - ;; - "clean_challenge") - curl -X PUT https://api.godaddy.com/v1/domains/$domain/records/TXT -H "Authorization: sso-key $apikey:$secret" -H "Content-Type: application/json" -d "[{\"name\": \"_acme-challenge.${2}\", \"ttl\": 600, \"data\": \"--removed--\"}]" - ;; - "deploy_cert") - ;; - "unchanged_cert") - ;; - *) - echo Unknown hook "${1}" - exit 1 - ;; - esac - -## More Robust - -This example requires user interaction to verify that the DNS has propagated (via `nslookup`) before continuing. -And the DNS updates don't wipe out other existing TXT records (see https://github.com/lukas2511/dehydrated/issues/430). -The `deploy_cert` example is specific to nginx and comes from https://github.com/lukas2511/dehydrated/blob/master/docs/examples/hook.sh - - #!/usr/bin/env bash - - # Hook script for dns-01 challenge via GoDaddy API - # - # https://developer.godaddy.com/doc#!/_v1_domains - # https://github.com/lukas2511/dehydrated/blob/master/docs/examples/hook.sh - - set -e - set -u - set -o pipefail - - GODADDY_KEY='example-key' - GODADDY_SECRET='example-secret' - - deploy_challenge() { - local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}" - echo -n " - Sending TXT record to GoDaddy _acme-challenge.${DOMAIN}=${TOKEN_VALUE}" - curl -X PUT https://api.godaddy.com/v1/domains/${DOMAIN}/records/TXT/_acme-challenge \ - -H "Authorization: sso-key ${GODADDY_KEY}:${GODADDY_SECRET}" \ - -H "Content-Type: application/json" \ - -d "[{\"name\": \"_acme-challenge\", \"ttl\": 600, \"data\": \"${TOKEN_VALUE}\"}]" - echo - echo " - Waiting for DNS to propagate." - while - sleep 10 - nslookup -q=TXT "_acme-challenge.${DOMAIN}" - read -r -p "Does nslookup show the token yet? [y/N] " response - do - case "$response" in - [yY][eE][sS]|[yY]) - break; - ;; - *) - echo " - Waiting a little longer" - ;; - esac - done - } - - clean_challenge() { - local DOMAIN="${1}" TOKEN_FILENAME="${2}" TOKEN_VALUE="${3}" - echo -n " - Removing TXT record from GoDaddy _acme-challenge.${DOMAIN}=--removed--" - curl -X PUT https://api.godaddy.com/v1/domains/${DOMAIN}/records/TXT/_acme-challenge \ - -H "Authorization: sso-key ${GODADDY_KEY}:${GODADDY_SECRET}" \ - -H "Content-Type: application/json" \ - -d "[{\"name\": \"_acme-challenge\", \"ttl\": 600, \"data\": \"--removed--\"}]" - echo - } - - deploy_cert() { - cp "${KEYFILE}" "${FULLCHAINFILE}" /etc/nginx/ssl/; chown -R nginx: /etc/nginx/ssl - systemctl reload nginx - } - - unchanged_cert() { - local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" - echo "The $DOMAIN certificate is still valid and therefore wasn't reissued." - } - - HANDLER="$1"; shift - if [[ "${HANDLER}" =~ ^(deploy_challenge|clean_challenge|deploy_cert|unchanged_cert)$ ]]; then - "$HANDLER" "$@" - fi \ No newline at end of file