Commit e286ca94 authored by Jakob Lenfers's avatar Jakob Lenfers

First version

parent 6d6aab11
#!/usr/bin/env bash
# based upon the example in
# https://github.com/lukas2511/dehydrated/wiki/example-dns-01-nsupdate-script
set -e
set -u
set -o pipefail
exit_with_error() {
echo "$*"
exit 1;
}
SCRIPT_DIR="$(dirname "$0")"
SAMBA_CONFIG="$SCRIPT_DIR/samba.sh.conf"
[[ -f "${SAMBA_CONFIG}" ]] && . "${SAMBA_CONFIG}"
[[ -n "${SAMBA_PRINCIPAL:-}" ]] || exit_with_error "Set SAMBA_PRINCIPAL in dehydrated.conf or ${SAMBA_CONFIG}"
[[ -n "${SAMBA_DNSSERVER:-}" ]] || exit_with_error "Set SAMBA_DNSSERVER in dehydrated.conf or ${SAMBA_CONFIG}"
[[ -n "${SAMBA_DOMAIN:-}" ]] || exit_with_error "Set SAMBA_DOMAIN in dehydrated.conf or ${SAMBA_CONFIG}"
[[ -n "${SAMBA_KEYTAB:-}" ]] || exit_with_error "Set SAMBA_KEYTAB in dehydrated.conf or ${SAMBA_CONFIG}"
[[ -n "${SAMBA_TICKETCACHE:-}" ]] || exit_with_error "Set SAMBA_TICKETCACHE in dehydrated.conf or ${SAMBA_CONFIG}"
[[ -n "${SAMBA_DNSWAIT:-}" ]] || SAMBA_DNSWAIT=180
export KRB5CCNAME=${SAMBA_TICKETCACHE}
case "$1" in
"deploy_challenge")
kinit --no-forwardable --use-keytab --keytab=${SAMBA_KEYTAB} ${SAMBA_PRINCIPAL} && \
samba-tool dns add ${SAMBA_DNSSERVER} ${SAMBA_DOMAIN} "_acme-challenge.${2%.${SAMBA_DOMAIN}}" TXT "${4}"
sleep ${SAMBA_DNSWAIT}
;;
"clean_challenge")
kinit --no-forwardable --use-keytab --keytab=${SAMBA_KEYTAB} ${SAMBA_PRINCIPAL} && \
samba-tool dns delete ${SAMBA_DNSSERVER} ${SAMBA_DOMAIN} "_acme-challenge.${2%.${SAMBA_DOMAIN}}" TXT "${4}"
;;
"deploy_cert")
# do nothing for now
;;
"unchanged_cert")
# do nothing for now
;;
"startup_hook")
# do nothing for now
;;
"exit_hook")
[ -f ${KRB5CCNAME} ] && kdestroy --cache=${KRB5CCNAME}
;;
esac
exit 0
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment