From ab49796192c752ec10253ae9a6b1bb308f65e97d Mon Sep 17 00:00:00 2001 From: neil Date: Sat, 30 Jan 2016 23:15:30 +0800 Subject: [PATCH] how to use cloudflare api and create custom api --- README.md | 45 ++++++++++++++++++++++++++++++--- dnsapi/dns-cf.sh | 6 +++++ dnsapi/dns-myapi.sh | 61 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 109 insertions(+), 3 deletions(-) create mode 100644 dnsapi/dns-myapi.sh diff --git a/README.md b/README.md index 7069f04..f3e18b7 100644 --- a/README.md +++ b/README.md @@ -139,9 +139,6 @@ Support the latest dns-01 challenge. le issue dns aa.com www.aa.com,user.aa.com ``` -Use domain api to automatically add dns record is not finished yet. -So, you must manually add the txt record to finish verifying. - You will get the output like bellow: ``` Add the following txt record: @@ -165,6 +162,48 @@ Ok, it's finished. +# Use CloudFlare domain api to automatically issue cert + +For now, we support clourflare integeration. + +First you need to login to your clourflare account to get you apikey. + +Then open `~/.le/dnsapi/dns-cf.sh`, and fill your api key and email there: +and uncomment the lines: +``` +CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" + +CF_Email="xxxx@sss.com" + +``` + +Ok, let's issue cert now: +``` +le.sh issue dns-cf aa.com www.aa.com +``` + +More api integerations are coming. Godaddy, Dnspod, etc.... + + +# Use custom api + +If your api is not supported yet, you can write your own dns api. + +Let's assume you want to name it 'myapi', + +1. Create a bash script named `~/.le/dns-myapi.sh`, +2. In the scrypt, you must have a function named `dns-myapi-add()`. Which will be called by le.sh to add dns records. +3. Then you can use your api to issue cert like: + +``` +le.sh issue dns-myapi aa.com www.aa.com +``` + +For more details, please check our sample script: `dnsapi/dns-myapi.sh` + + + + #Under the Hood Speak ACME language with bash directly to Let's encrypt. diff --git a/dnsapi/dns-cf.sh b/dnsapi/dns-cf.sh index 888e9b3..7cb086b 100755 --- a/dnsapi/dns-cf.sh +++ b/dnsapi/dns-cf.sh @@ -16,6 +16,12 @@ dns-cf-add() { fulldomain=$1 txtvalue=$2 + if [ -z "$CF_Key" ] || [ -z "$CF_Email" ] ; then + _err "You don't specify cloudflare api key and email yet." + _err "Please create you key and try again." + return 1 + fi + _debug "First detect the root zone" if ! _get_root $fulldomain ; then _err "invalid domain" diff --git a/dnsapi/dns-myapi.sh b/dnsapi/dns-myapi.sh new file mode 100644 index 0000000..463a44c --- /dev/null +++ b/dnsapi/dns-myapi.sh @@ -0,0 +1,61 @@ +#!/bin/bash + +#Here is a sample custom api script. +#This file name is "dhs-myapi.sh" +#So, here must be a method dhs-myapi-add() +#Which will be called by le.sh to add the txt record to your api system. +#returns 0 meanst success, otherwise error. + + + +######## Public functions ##################### + +#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +dns-myapi-add() { + fulldomain=$1 + txtvalue=$2 + _err "Not implemented!" + return 1; +} + + + + + + + + + +#################### Private functions bellow ################################## + + +_debug() { + + if [ -z "$DEBUG" ] ; then + return + fi + + if [ -z "$2" ] ; then + echo $1 + else + echo "$1"="$2" + fi +} + +_info() { + if [ -z "$2" ] ; then + echo "$1" + else + echo "$1"="$2" + fi +} + +_err() { + if [ -z "$2" ] ; then + echo "$1" >&2 + else + echo "$1"="$2" >&2 + fi +} + +