diff options
| -rw-r--r-- | DO_NOT_LOOSE_ME | 3 | ||||
| -rw-r--r-- | __pycache__/godaddy_add_txt.cpython-37.pyc | bin | 0 -> 910 bytes | |||
| -rw-r--r-- | __pycache__/godaddy_del_txt.cpython-37.pyc | bin | 0 -> 769 bytes | |||
| -rwxr-xr-x | godaddy_add_txt.py | 33 | ||||
| -rwxr-xr-x | godaddy_del_txt.py | 28 | ||||
| -rwxr-xr-x | push.sh | 9 | ||||
| -rwxr-xr-x | renew_certificate.sh | 13 |
7 files changed, 86 insertions, 0 deletions
diff --git a/DO_NOT_LOOSE_ME b/DO_NOT_LOOSE_ME new file mode 100644 index 0000000..59b3c7e --- /dev/null +++ b/DO_NOT_LOOSE_ME @@ -0,0 +1,3 @@ +[{"data":"v=spf1 a mx ip4:45.63.74.172 ~all","name":"@","ttl":3600,"type":"TXT"},{"data":"\"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl3FIIGHyRm+oLf1rBn3gJiR7BtLHYeuIIP+0Olo9aw4ywkmkPunDbFjT1o+pz2yvRGH2t3W16amQ3JGBf1Dy2EyBXgcdZg1/xIqBGtGD7udWVokydY0ZCcc6aO7BnCQNI7LcaIiF5VCULJh2n5QrCNsu4CR56EguDiGw9auM2c14kJ3yhhKUsDiklHbPbavEU0IluuXnJWh38\" \t \"aQE+bfk2Y2dw8VDDSA19fivaWqXd/UJFXjqtxxfplXwoH2p3TWJ01jVeACRrqeaH1vQwnqIgnPXJfGT5VVwXT7FChC1W5xM7SOMUC4gyl6+OK+/xHasWUMxEmIa/mGiJVCGFjuZQIDAQAB\"","name":"2020._domainkey","ttl":3600,"type":"TXT"},{"data":"AeG3oTpDImoT5fJ2Mq1_fSkI76gVPGYnKLeWG5DfqeM","name":"_acme-challenge","ttl":3600,"type":"TXT"},{"data":"v=DMARC1; p=none","name":"_dmarc","ttl":3600,"type":"TXT"}] + +<bound method Response.json of <Response [200]>> diff --git a/__pycache__/godaddy_add_txt.cpython-37.pyc b/__pycache__/godaddy_add_txt.cpython-37.pyc Binary files differnew file mode 100644 index 0000000..00430a4 --- /dev/null +++ b/__pycache__/godaddy_add_txt.cpython-37.pyc diff --git a/__pycache__/godaddy_del_txt.cpython-37.pyc b/__pycache__/godaddy_del_txt.cpython-37.pyc Binary files differnew file mode 100644 index 0000000..f391f71 --- /dev/null +++ b/__pycache__/godaddy_del_txt.cpython-37.pyc diff --git a/godaddy_add_txt.py b/godaddy_add_txt.py new file mode 100755 index 0000000..4733bb1 --- /dev/null +++ b/godaddy_add_txt.py @@ -0,0 +1,33 @@ +#!/usr/bin/env python3 +import requests +import json +from os import environ +from time import sleep + +if not 'CERTBOT_DOMAIN' in environ: + print("Environment variable CERTBOT_DOMAIN is not set.\nMake sure you're running this script as a certbot hook.") + exit(1) + +if not 'CERTBOT_VALIDATION' in environ: + print("Environment variable CERTBOT_VALIDATION is not set.\nMake sure you're running this script as a certbot hook.") + exit(1) + +domain = environ['CERTBOT_DOMAIN'] +validation = environ['CERTBOT_VALIDATION'] + +key = 'e4NBykPszU4u_AQSkww3bDD4mBYUn4jERAL' +secret = 'Wg9Pr9Du82cPU3FP6H6CNr' + +s = requests.session() +s.headers.update({ + 'Authorization' : "sso-key {}:{}".format(key, secret) + }) + +data = {"name": "_acme-challenge", + "data": validation, + "ttl": 600, + "type": "TXT"} + +r = s.patch("https://api.godaddy.com/v1/domains/{}/records".format(domain), json = [data]) + +sleep(20) diff --git a/godaddy_del_txt.py b/godaddy_del_txt.py new file mode 100755 index 0000000..cdf8ef4 --- /dev/null +++ b/godaddy_del_txt.py @@ -0,0 +1,28 @@ +#!/usr/bin/env python3 +import requests +import json +from os import environ + +if not 'CERTBOT_DOMAIN' in environ: + print("Environment variable CERTBOT_DOMAIN is not set.\nMake sure you're running this script as a certbot hook.") + exit(1) + +domain = environ['CERTBOT_DOMAIN'] + +key = 'e4NBykPszU4u_AQSkww3bDD4mBYUn4jERAL' +secret = 'Wg9Pr9Du82cPU3FP6H6CNr' + +s = requests.session() +s.headers.update({ + 'Authorization' : "sso-key {}:{}".format(key, secret) + }) + +records = s.get("https://api.godaddy.com/v1/domains/{}/records/TXT".format(domain)).json() + +for rnum, r in enumerate(records): + if r['name'] == "_acme-challenge": + records.pop(rnum) + +re = s.put("https://api.godaddy.com/v1/domains/{}/records/TXT".format(domain), json = records) + + @@ -0,0 +1,9 @@ +#!/bin/bash +sftp root@bpcspace.com << EOF +put godaddy_add_txt.py /root/scripts/maintenance/ssl_renewal +put godaddy_del_txt.py /root/scripts/maintenance/ssl_renewal +put renew_certificate.sh /root/scripts/maintenance/ssl_renewal +EOF +ssh root@bpcspace.com << EOF +chmod a+x /root/scripts/maintenance/ssl_renewal/* +EOF diff --git a/renew_certificate.sh b/renew_certificate.sh new file mode 100755 index 0000000..448c1aa --- /dev/null +++ b/renew_certificate.sh @@ -0,0 +1,13 @@ +#!/bin/bash +echo "Renewing SSL certificates for bpcspace.com on $(date)" | mail 19132286776@messaging.sprintpcs.com +certbot certonly --domains "bpcspace.com, *.bpcspace.com" --manual --manual-public-ip-logging-ok --agree-tos --text --manual-auth-hook "/root/scripts/maintenance/ssl_renewal/godaddy_add_txt.py" --manual-cleanup-hook "/root/scripts/maintenance/ssl_renewal/godaddy_del_txt.py" --preferred-challenges dns +error=$? +if [ $error -ne 0 ]; then + echo "Failed with error code $error." | mail 19132286776@messaging.sprintpcs.com +fi + +systemctl restart apache2 +systemctl restart filebin-server +systemctl restart postfix + + |