Skip to content

Instantly share code, notes, and snippets.

@zenlor

zenlor/hook.sh

Forked from jimmycuadra/hook.sh
Last active November 21, 2016 10:56
Show Gist options
  • Save zenlor/0f529849706259db2a5dc0e1ad3206f8 to your computer and use it in GitHub Desktop.
Save zenlor/0f529849706259db2a5dc0e1ad3206f8 to your computer and use it in GitHub Desktop.
Download ZIP
letsencrypt.sh hook script for dns-01 challenge using AWS Route 53
Raw
hook.sh
#!/bin/sh
HOSTED_ZONE="Route53 zone ID"
payload() {
local action=$1
cat <<EOF
{
"Changes": [
{ "Action": "${action}",
"ResourceRecordSet": { "Name: "_acme-challenge.${altname}",
"Type": "TXT",
"TTL": 60,
"ResourceRecords": [ { "Value": "\\\"${keyauth_hook}\\\"" } ]
}
}
]
}
EOF
}
# Options: update, delete challenge
altname="$2"
challenge_token="$3"
keyauth_hook="$4"
# Options: deploy certificate
domain="$2"
private_key="$3"
cert="$4"
chain="$5"
case "$1" in
"clean_challenge")
aws route53 \
change-resource-record-sets \
--hosted-zone-id $HOSTED_ZONE \
--change-batch \
`payload DELETE`
;;
"deploy_challenge")
aws route53 \
change-resource-record-sets \
--hosted-zone-id $HOSTED_ZONE \
--change-batch \
`payload UPSERT`
sleep 20
;;
"deploy_cert")
echo "COPY CERT TO THE RIGHT LOCATION"
;;
debug)
echo "Payloads:"
DEL=`payload DELETE`
UPS=`payload UPSERT`
echo " == DELETE => $DEL"
echo " == UPSERT => $UPS"
;;
esac
# vim: set et sts=4 sw=4 tw=120 ft=sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment