Last active
November 12, 2025 13:30
-
-
Save sudotac/7da3701b24f11e21d788132f3b21e0cd to your computer and use it in GitHub Desktop.
DNS-01 challenge hook script of uacme for MyDNS.jp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # SPDX-License-Identifier: GPL-3.0-or-later | |
| # | |
| # This script is originally derived from uacme: | |
| # https://github.com/ndilieto/uacme/blob/0fc608d380b51a5228a6e3214e6868490340990c/nsupdate.sh | |
| # | |
| # This script is licensed under the GNU General Public License <http://www.gnu.org/licenses/>. | |
| # | |
| # shellcheck disable=SC3043 | |
| MYDNSJP_URL='https://www.mydns.jp/directedit.html' | |
| MYDNSJP_MASTERID="${UACME_MYDNSJP_MASTERID:?}" | |
| MYDNSJP_MASTERPWD="${UACME_MYDNSJP_MASTERPWD:?}" | |
| ARGS=5 | |
| E_BADARGS=85 | |
| if [ $# -ne "$ARGS" ]; then | |
| echo "Usage: $(basename "$0") method type ident token auth" 1>&2 | |
| exit $E_BADARGS | |
| fi | |
| METHOD="$1" | |
| TYPE="$2" | |
| IDENT="$3" | |
| # TOKEN="$4" # HTTP-01 only | |
| AUTH="$5" | |
| mydnsjp_api() { | |
| local cmd="$1" | |
| local domain="$2" | |
| local validation="$3" | |
| local auth | |
| auth='Basic '"$(printf '%s:%s' "$MYDNSJP_MASTERID" "$MYDNSJP_MASTERPWD" | base64)" | |
| wget --header "Authorization: $auth" \ | |
| --post-data "CERTBOT_DOMAIN=$domain&CERTBOT_VALIDATION=$validation&EDIT_CMD=$cmd" \ | |
| -q -o /dev/null -O - \ | |
| "$MYDNSJP_URL" \ | |
| 1>/dev/null | |
| } | |
| mydnsjp_regist() { | |
| mydnsjp_api 'REGIST' "$@" | |
| } | |
| mydnsjp_delete() { | |
| mydnsjp_api 'DELETE' "$@" | |
| } | |
| # wait until registered txt record is actually appeared on DNS server | |
| wait_for_txt_record() { | |
| local domain="$1" | |
| local content="$2" | |
| for _ in $(seq 10); do | |
| if out="$(nslookup -type=txt "$domain")"; then | |
| txt="$(echo "$out" | grep 'text = ' | sed 's/^.*"\(.*\)"/\1/')" | |
| if [ "$txt" = "$content" ]; then | |
| break | |
| fi | |
| fi | |
| sleep 60 | |
| done | |
| } | |
| case "$METHOD" in | |
| 'begin') | |
| case "$TYPE" in | |
| dns-01) | |
| mydnsjp_regist "$IDENT" "$AUTH" || exit $? | |
| wait_for_txt_record "_acme-challenge.$IDENT" "$AUTH" | |
| ;; | |
| *) | |
| exit 1 | |
| ;; | |
| esac | |
| ;; | |
| 'done'|'failed') | |
| case "$TYPE" in | |
| dns-01) | |
| mydnsjp_delete "$IDENT" "$AUTH" | |
| exit $? | |
| ;; | |
| *) | |
| exit 1 | |
| ;; | |
| esac | |
| ;; | |
| *) | |
| echo "$0: invalid method" 1>&2 | |
| exit 1 | |
| esac | |
| # vi: sw=4 ts=4 et |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment