/lets-encrypt-gandi

Shell script wrapper with minimal dependencies to create/renew easily Let'encrypt certificates using dns challenge and Gandi Live DNS API

Primary LanguageShellGNU General Public License v3.0GPL-3.0

Description

This is a small wrapper, written in bash, with minimal dependencies to create/renew easily Let'encrypt certificates using dns challenge and Gandi Live DNS API.

This wrapper is composed of two scripts :

  • run.sh : main script which does some background check, then call dehydrated to create / renew Let's encrypt certs
  • hook.sh : Dehydrated hook to handle Gandi Live DNS API.

This scripts can be used from minimal environment like OpenWRT router for example.

Dependencies

Usage

From shell

Create a directory to store configuration, then launch run.sh, passing configuration through environment variables

git clone https://github.com/tchabaud/lets-encrypt-gandi
cd lets-encrypt-gandi
mkdir data # To store configuration and certs
WORKDIR=data DOMAIN='*.mydomain.tld' API_KEY="Your_Gandi_Live_DNS_API_KEY" ./run.sh

From Docker image

You can also use the Docker image if you prefer (in a crontab for example)

docker run -e DOMAIN='*.mydomain.tld' -e API_KEY="Your_Gandi_Live_DNS_API_KEY" -v /directory/to/your/conf:/data --rm tchabaud/letsencrypt

Enjoy, and feel free to open issues if you encounter problems.