Merge pull request #46 from Neilpang/dnsapi

how to use cloudflare api and create custom api
2025-10-30 18:07:15 +00:00 · 2016-01-30 23:18:04 +08:00 · 2016-01-30 23:18:04 +08:00 · 1e867b3b40
commit 1e867b3b40
parent bda6909d53 ab49796192
3 changed files with 109 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -139,9 +139,6 @@ Support the latest dns-01 challenge.
 le  issue   dns   aa.com  www.aa.com,user.aa.com
 ```

-Use domain api to automatically add dns record is not finished yet.
-So, you must manually add the txt record to finish verifying.
-
 You will get the output like bellow:
 ```
 Add the following txt record:
@ -165,6 +162,48 @@ Ok, it's finished.



+# Use CloudFlare domain api to automatically issue cert
+
+For now, we support clourflare integeration.
+
+First you need to login to your clourflare account to get you apikey.
+
+Then open `~/.le/dnsapi/dns-cf.sh`, and fill your api key and email there:
+and uncomment the lines:
+```
+CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
+
+CF_Email="xxxx@sss.com"
+
+```
+
+Ok, let's issue cert now:
+```
+le.sh   issue   dns-cf   aa.com  www.aa.com
+```
+
+More api integerations are coming. Godaddy, Dnspod, etc....
+
+
+# Use custom api
+
+If your api is not supported yet,  you can write your own dns api.
+
+Let's assume you want to name it 'myapi',
+
+1. Create a bash script named  `~/.le/dns-myapi.sh`,
+2. In the scrypt, you must have a function named `dns-myapi-add()`. Which will be called by le.sh to add dns records.
+3. Then you can use your api to issue cert like:
+
+```
+le.sh  issue  dns-myapi  aa.com  www.aa.com
+```
+
+For more details, please check our sample script: `dnsapi/dns-myapi.sh`
+
+
+
+
 #Under the Hood

 Speak ACME language with bash directly to Let's encrypt.
--- a/dnsapi/dns-cf.sh
+++ b/dnsapi/dns-cf.sh
@ -16,6 +16,12 @@ dns-cf-add() {
  fulldomain=$1
  txtvalue=$2
  
+  if [ -z "$CF_Key" ] || [ -z "$CF_Email" ] ; then
+    _err "You don't specify cloudflare api key and email yet."
+    _err "Please create you key and try again."
+    return 1
+  fi
+  
  _debug "First detect the root zone"
  if ! _get_root $fulldomain ; then
    _err "invalid domain"
--- a/dnsapi/dns-myapi.sh
+++ b/dnsapi/dns-myapi.sh
@ -0,0 +1,61 @@
+#!/bin/bash
+
+#Here is a sample custom api script.
+#This file name is "dhs-myapi.sh"
+#So, here must be a method   dhs-myapi-add()
+#Which will be called by le.sh to add the txt record to your api system.
+#returns 0 meanst success, otherwise error.
+
+
+
+########  Public functions #####################
+
+#Usage: add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns-myapi-add() {
+  fulldomain=$1
+  txtvalue=$2
+  _err "Not implemented!"
+  return 1;
+}
+
+
+
+
+
+
+
+
+
+####################  Private functions bellow ##################################
+
+
+_debug() {
+
+  if [ -z "$DEBUG" ] ; then
+    return
+  fi
+  
+  if [ -z "$2" ] ; then
+    echo $1
+  else
+    echo "$1"="$2"
+  fi
+}
+
+_info() {
+  if [ -z "$2" ] ; then
+    echo "$1"
+  else
+    echo "$1"="$2"
+  fi
+}
+
+_err() {
+  if [ -z "$2" ] ; then
+    echo "$1" >&2
+  else
+    echo "$1"="$2" >&2
+  fi
+}
+
+