Notes on a New World Order

Would you like fries with your Universe?

certbot-dns-01-hook.sh (Source)

#!/bin/bash
CHALLENGE_PREFIX="_acme-challenge"
CHALLENGE_TTL=10
MASTER_NS="ns1.enimihil.net"
ID_DOMAIN=$(echo "$CERTBOT_DOMAIN" | sed 's/\./_/g')
TXT_RECORD="${CHALLENGE_PREFIX}\t${CHALLENGE_TTL}\tIN\tTXT\t\\\"${CERTBOT_VALIDATION}\\\""
cat > challenges/${ID_DOMAIN}_challenge.yml <<EOF
---
${ID_DOMAIN}_challenge: "$TXT_RECORD"
EOF
# FIXME: need to find a good way to update the data/hash so ansible updates the serial only when needed.
touch roles/dns-server/templates/${CERTBOT_DOMAIN}.zone.j2
./update-dns.sh
while true; do
    if ./check-challenge.sh "${CERTBOT_DOMAIN}" "${CERTBOT_VALIDATION}"; then
        echo "Challenge updated on all NS"
        exit 0
    fi
    echo "Wait 10 seconds and try again."
    sleep 10
done