Newer
Older
certbot-dns-inwx / README.md
# script collection for certbot dns authentification for domains hosted by inwx.de

This script collection is in alpha state and only useable on linux systems.
Tested with debian 10 and ubuntu 20.04.


## requirements

### python

```
pip3 install inwx-domrobot
```
or
```
pip3 install -r requirements.txt
```
Look at the [inwx git repository](https://github.com/inwx/python-client) for more details.

### config

A file `conf.cfg` with inwx settings must exist in the repository root folder like:
```
[live]
username = [USERNAME]
password = [PASSWORD]
shared_secret = your_shared_secret
```

## example usage

### command line

```
certbot certonly --manual --server https://acme-v02.api.letsencrypt.org/directory --preferred-challenges=dns --manual-auth-hook [path to this repositry]/certbot-dns-auth.py  --manual-cleanup-hook [path to this repositry]/certbot-dns-clean.py -d example.com -d *.example.com
```

### with config file

`wildcard-ini`:

```
email = [YOUR@EMAIL.com]
cert-name = [USERNAME]
rsa-key-size = 4096

server = https://acme-v02.api.letsencrypt.org/directory
authenticator = manual
manual-auth-hook = [path to this repositry]/certbot-dns-auth.py
manual-cleanup-hook = [path to this repositry]/certbot-dns-clean.py

domains = example.com, *.example.com
```

Command: 

```
certbot certonly -c wildcard-ini
```

### use as basic dynamic dns sesrvice
```
./update-record.py -p -m update -c conf.cfg -t 300 -r AAAA device.example.com
```

## help
```
usage: update-record.py [-h] -r type -m mode [-p] [-c path] [-t TTL] [-s section] [-v] [-d] domain [content]

inwx subdomain update

positional arguments:
  domain                full domain like subdomain.example.com
  content               ip or string to fill/update into subdomain domain entry

optional arguments:
  -h, --help            show this help message and exit
  -r type, --record-type type
                        record type (A, AAAA, TXT, CNAME, TLSA)
  -m mode, --mode mode  operation mode (create, update, delete) update:update all existing records if one exists, or create if not existing delete: delete existing record with given content, or delete all records if no content is given
  -p, --public-ip       insert public ip. Use -r A for ip4 an -r AAAA for ipv6
  -c path, --config_file path
                        path to configuration file
  -t TTL, --ttl TTL     TTL (time to live) of the nameserver record in seconds (default 3600)
  -s section, --config_section section
                        configuration section (live, ote) default: live
  -v, --verbose         verbose
  -d, --debug           debug
```

## Licences

Get some code snippets from the [inwx documentation](https://www.inwx.de/de/help/apidoc/f/ch01s05.html#idm144) and from the [pyhton 2.7 inwx repository](https://github.com/inwx/python2.7-client).