Init commit.
This commit is contained in:
commit
066eb808cc
9 changed files with 73 additions and 0 deletions
9
certbot-auth
Executable file
9
certbot-auth
Executable file
|
@ -0,0 +1,9 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -x
|
||||
|
||||
baseurl='https://www.duckdns.org/update?domains=%s&token=%s&txt=%s'
|
||||
result="$(printf "url=$baseurl\n" "$DUCKDNS_DOMAIN" "$DUCKDNS_TOKEN" "$CERTBOT_VALIDATION" | curl -K -)"
|
||||
# give some time for the record to update
|
||||
sleep 120
|
||||
test "$result" = 'OK'
|
6
certbot-cleanup
Executable file
6
certbot-cleanup
Executable file
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -x
|
||||
|
||||
baseurl='https://www.duckdns.org/update?domains=%s&token=%s&txt=&clear=True%s'
|
||||
test "$(printf "url=$baseurl\n" "$DUCKDNS_DOMAIN" "$DUCKDNS_TOKEN" "$CERTBOT_VALIDATION" | curl -K -)" = 'OK'
|
12
certbot-duckdns
Executable file
12
certbot-duckdns
Executable file
|
@ -0,0 +1,12 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -x
|
||||
|
||||
certbot certonly --manual --preferred-challenges dns-01 --keep \
|
||||
--email="$LE_EMAIL" --domains="$DUCKDNS_DOMAIN.duckdns.org,*.$DUCKDNS_DOMAIN.duckdns.org" \
|
||||
--agree-tos --no-eff-email --manual-public-ip-logging-ok \
|
||||
--manual-auth-hook=certbot-auth --manual-cleanup-hook=certbot-cleanup
|
||||
|
||||
logfile=/var/log/duckdns.log
|
||||
baseurl='https://www.duckdns.org/update?domains=%s&token=%s&txt=%s'
|
||||
printf "url=$baseurl\n" "$DUCKDNS_DOMAIN" "$DUCKDNS_TOKEN" "$txt" | curl -o "$logfile" -K -
|
11
certbot-duckdns.Dockerfile
Normal file
11
certbot-duckdns.Dockerfile
Normal file
|
@ -0,0 +1,11 @@
|
|||
FROM alpine:latest
|
||||
|
||||
RUN apk update && apk upgrade
|
||||
RUN apk add curl certbot openssl
|
||||
|
||||
RUN mkdir /etc/cron.d
|
||||
COPY certbot-* duckdns start-certbot-duckdns.sh /usr/local/bin/
|
||||
COPY etc/cron.d/* /etc/cron.d/
|
||||
|
||||
ENTRYPOINT ["start-certbot-duckdns.sh"]
|
||||
CMD []
|
7
duckdns
Executable file
7
duckdns
Executable file
|
@ -0,0 +1,7 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -x
|
||||
|
||||
logfile=/var/log/duckdns.log
|
||||
baseurl='https://www.duckdns.org/update?domains=%s&token=%s&ip='
|
||||
printf "url=$baseurl\n" "$DUCKDNS_DOMAIN" "$DUCKDNS_TOKEN" | curl -o "$logfile" -K -
|
3
etc/cron.d/certbot
Normal file
3
etc/cron.d/certbot
Normal file
|
@ -0,0 +1,3 @@
|
|||
SHELL=/bin/sh
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||
* */12 * * * root sh -c 'sleep \$RANDOM && certbot-duckdns'
|
3
etc/cron.d/duckdns
Normal file
3
etc/cron.d/duckdns
Normal file
|
@ -0,0 +1,3 @@
|
|||
SHELL=/bin/sh
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||
*/5 * * * * root duckdns >/dev/null 2>&1
|
9
readme.md
Normal file
9
readme.md
Normal file
|
@ -0,0 +1,9 @@
|
|||
# Certbot with duckdns wildcard certificate
|
||||
|
||||
Just run it with the correct environment variables and enjoy.
|
||||
|
||||
## ENV Variables
|
||||
|
||||
- DUCKDNS_DOMAIN: The domain to update, ex: DUCKDNS_DOMAIN=redxef for redxef.duckdns.org
|
||||
- DUCKDNS_TOKEN: Your duckdns api tokne
|
||||
- LE_EMAIL: Your email for certificate related notifications
|
13
start-certbot-duckdns.sh
Executable file
13
start-certbot-duckdns.sh
Executable file
|
@ -0,0 +1,13 @@
|
|||
#!/usr/bin/env sh
|
||||
|
||||
set -x
|
||||
|
||||
dhparamfile='/etc/letsencrypt/ssl-dhparams.pem'
|
||||
ssl_includefile='/etc/letsencrypt/options-ssl-nginx.conf'
|
||||
|
||||
echo "Updating duckdns record"
|
||||
duckdns
|
||||
echo "Acquiering letsencrypt certificates"
|
||||
certbot-duckdns
|
||||
echo "Starting crond"
|
||||
exec crond -f
|
Loading…
Reference in a new issue