From 1a2c4bfb19ec031c50823534abd6f55195624748 Mon Sep 17 00:00:00 2001
From: Mark Tearle <mtearle@ucc.asn.au>
Date: Mon, 8 Feb 2021 18:06:41 +0800
Subject: [PATCH] Add hook script to repo

---
 scripts/certbot-hook-quovadis.sh | 60 ++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 mode change 100644 => 100755 scripts/certbot-hook-quovadis.sh

diff --git a/scripts/certbot-hook-quovadis.sh b/scripts/certbot-hook-quovadis.sh
old mode 100644
new mode 100755
index e69de29..3985794
--- a/scripts/certbot-hook-quovadis.sh
+++ b/scripts/certbot-hook-quovadis.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+# certbot-hook-quovadis.sh
+
+# INSTALL:
+
+#  mkdir mkdir /etc/letsencrypt/ucc-hooks
+#  cp certbot-hook-quovadis.sh /etc/letsencrypt/ucc-hooks
+
+# CONFIG:
+
+# Create a config file config.sh in the same directory as the script
+# containing
+
+#   QV_API_KEY=<your API key>
+#   UCC_USERNAME=<your UCC username>
+
+# USAGE:
+# Script runs as a manual auth hook with certbot
+
+# Example command line is:
+
+# certbot certonly --server https://acme-v02.api.letsencrypt.org/directory \
+#                  --manual \
+#                  --preferred-challenges=dns 
+#                  --manual-auth-hook /etc/letsencrypt/ucc-hooks/certbot-hook-quovadis.sh \
+#                  -d <the hostname>.ucc.asn.au
+
+
+SOURCE="${BASH_SOURCE[0]}"
+while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink
+  DIR="$( cd -P "$( dirname "$SOURCE" )" >/dev/null 2>&1 && pwd )"
+  SOURCE="$(readlink "$SOURCE")"
+  # if $SOURCE was a relative symlink, we need to resolve it relative 
+  # to the path where the symlink file was located
+  [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" 
+done
+DIR="$( cd -P "$( dirname "$SOURCE" )" >/dev/null 2>&1 && pwd )"
+
+if [ -f "$DIR/config.sh" ]; then
+	source $DIR/config.sh
+else
+	echo "config.sh not found in same directory as script"
+fi
+
+
+# Strip only the top domain to get the zone id
+DOMAIN=$(expr match "$CERTBOT_DOMAIN" '\(.*\)\.ucc\..*')
+
+BASE_API="${BASE_API:-https://quovadis.ucc.asn.au/}"
+
+# Create TXT record
+RECORD_ID=$(curl -s -X POST "$BASE_API/update-challenge" \
+	-d "username=$UCC_USERNAME" \
+	-d "api_key=$QV_API_KEY" \
+	-d "challenge=$DOMAIN" \
+	-d "value=$CERTBOT_VALIDATION")
+
+# Sleep to make sure the change has time to propagate over to DNS
+sleep 25
-- 
GitLab