Newer
Older
certbot-dns-inwx / README.md

script collection for certbot dns authentification for domains hosted by inwx.de

This script collection is in alpha state and only useable on linux systems. Tested with debian 10 and ubuntu 20.04.

requirements

python

pip3 install inwx-domrobot

or

pip3 install -r requirements.txt

Look at the inwx git repository for more details.

config

A file conf.cfg with inwx settings must exist in the repository root folder like:

[live]
username = [USERNAME]
password = [PASSWORD]
shared_secret = your_shared_secret

example usage

command line

certbot certonly --manual --server https://acme-v02.api.letsencrypt.org/directory --preferred-challenges=dns --manual-auth-hook [path to this repositry]/certbot-dns-auth.py  --manual-cleanup-hook [path to this repositry]/certbot-dns-clean.py -d example.com -d *.example.com

with config file

wildcard-ini:

email = [YOUR@EMAIL.com]
cert-name = [USERNAME]
rsa-key-size = 4096

server = https://acme-v02.api.letsencrypt.org/directory
authenticator = manual
manual-auth-hook = [path to this repositry]/certbot-dns-auth.py
manual-cleanup-hook = [path to this repositry]/certbot-dns-clean.py

domains = example.com, *.example.com

Command:

certbot certonly -c wildcard-ini

use as basic dynamic dns sesrvice

./update-record.py -p -m update -c conf.cfg -t 300 -r AAAA device.example.com

help

usage: update-record.py [-h] -r type -m mode [-p] [-c path] [-t TTL] [-s section] [-v] [-d] domain [content]

inwx subdomain update

positional arguments:
  domain                full domain like subdomain.example.com
  content               ip or string to fill/update into subdomain domain entry

optional arguments:
  -h, --help            show this help message and exit
  -r type, --record-type type
                        record type (A, AAAA, TXT, CNAME, TLSA)
  -m mode, --mode mode  operation mode (create, update, delete) update:update all existing records if one exists, or create if not existing delete: delete existing record with given content, or delete all records if no content is given
  -p, --public-ip       insert public ip. Use -r A for ip4 an -r AAAA for ipv6
  -c path, --config_file path
                        path to configuration file
  -t TTL, --ttl TTL     TTL (time to live) of the nameserver record in seconds (default 3600)
  -s section, --config_section section
                        configuration section (live, ote) default: live
  -v, --verbose         verbose
  -d, --debug           debug

Licences

Get some code snippets from the inwx documentation and from the pyhton 2.7 inwx repository.