This is a small wrapper, written in bash, with minimal dependencies to create/renew easily Let'encrypt certificates using dns challenge and Gandi Live DNS API.
This wrapper is composed of two scripts :
- run.sh : main script which does some background check, then call dehydrated to create / renew Let's encrypt certs
- hook.sh : Dehydrated hook to handle Gandi Live DNS API.
This scripts can be used from minimal environment like OpenWRT router for example.
- bash
- curl
- Dehydrated (automatically downloaded from Github if missing)
- openssl
- diffutils
- A Gandi Live DNS API key
Create a directory to store configuration, then launch run.sh, passing configuration through environment variables
git clone https://github.com/tchabaud/lets-encrypt-gandi
cd lets-encrypt-gandi
mkdir data # To store configuration and certs
WORKDIR=data DOMAIN='*.mydomain.tld' API_KEY="Your_Gandi_Live_DNS_API_KEY" ./run.sh
You can also use the Docker image if you prefer (in a crontab for example)
docker run -e DOMAIN='*.mydomain.tld' -e API_KEY="Your_Gandi_Live_DNS_API_KEY" -v /directory/to/your/conf:/data --rm tchabaud/letsencrypt
Enjoy, and feel free to open issues if you encounter problems.