Skip to content
A small cli utility for automating the letsencrypt dns-01 challenge for domains hosted by inwx.
Branch: master
Clone or download
Latest commit dbc66f6 Mar 16, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
etc
src
.dockerignore
.editorconfig
.gitignore
Cargo.lock
Cargo.toml
Dockerfile
LICENSE.txt
README.md

README.md

letsencrypt-inwx CircleCI Docker Pulls Crates.io

A small cli utility for automating the letsencrypt dns-01 challenge for domains hosted by inwx. This allows you to obtain wildcard certificates from letsencrypt.

Installation

Ubuntu / Debian

  • Build the .deb package or download it from releases and install it with sudo dpkg -i <path_to_the_deb_file>

Other linux

  • Build the executable or download it from releases and copy it to /usr/bin/
  • Copy both certbot scripts from ./etc/ to /usr/lib/letsencrypt-inwx/

With cargo

  • Run cargo install letsencrypt-inwx

Configuration

You can store the configuration file at /etc/letsencrypt-inwx.json or at ~/.config/letsencrypt-inwx.json when used with certbot or specify it's path with the -c option. The configuration file should look like this (without the comments):

{
    "accounts": [
        {
            "username": "user",
            "password": "pass",
            // optional, if the domain is not configured all accounts will be tried
            "domains": [
                "example.com"
            ],
            // optional, if true the public inwx test server will be used
            "ote": false
        }
    ],
    // optional
    "options": {
        // optional, if true letsencrypt-inwx will not wait until the created record is publicly visible, default: false
        "no_dns_check": false,
        // optional, the amount of time in seconds to wait after creating a record, default: 5 seconds
        "wait_interval": 5,
        // optional: the dns server to use, default: the google public dns server
        "dns_server": "8.8.8.8"
    }
}

Usage

With Docker and certbot

  • Generate your certificate by running docker run --rm -it -v /etc/letsencrypt-inwx.json:/etc/letsencrypt-inwx.json -v /etc/letsencrypt:/etc/letsencrypt kegato/letsencrypt-inwx certonly --email <your_email> --preferred-challenges=dns-01 --manual --manual-auth-hook /usr/lib/letsencrypt-inwx/certbot-inwx-auth --manual-cleanup-hook /usr/lib/letsencrypt-inwx/certbot-inwx-cleanup --manual-public-ip-logging-ok -d <your_domain>
  • You can find your certificate in /etc/letsencrypt/live/<your_domain>/
  • You can renew your certificate by running docker run --rm -it -v /etc/letsencrypt-inwx.json:/etc/letsencrypt-inwx.json -v /etc/letsencrypt:/etc/letsencrypt kegato/letsencrypt-inwx renew

With certbot

  • You can get certificates from certbot by running sudo certbot certonly -n --agree-tos --email <your_email> --preferred-challenges=dns-01 --manual --manual-auth-hook /usr/lib/letsencrypt-inwx/certbot-inwx-auth --manual-cleanup-hook /usr/lib/letsencrypt-inwx/certbot-inwx-cleanup --manual-public-ip-logging-ok -d <your_domain>

Manually

  • Create a txt record with letsencrypt-inwx create -c <config_file> -d _acme-challenge.<your_domain> -v <acme_token>
  • Delete it with letsencrypt-inwx delete -c <config_file> -d _acme-challenge.<your_domain>

Building

Requirements

libssl-dev and pkg-config are required when building on Ubuntu / Debian see here.

.deb package

  • Install cargo-deb by running cargo install cargo-deb
  • Run cargo deb to build the package

only the executable

  • Run cargo build --release to build the letsencrypt-inwx executable
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.