From b9883fe1059cbe23db3d5b1073eeaf4b8c2b1f66 Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Fri, 25 Nov 2016 10:36:50 -0700
Subject: [PATCH 1/6] Update README.md

---
 README.md | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 06dcc78..8f44d13 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,16 @@
+Daplie is Taking Back the Internet!
+--------------
+
+[![](https://daplie.github.com/igg/images/ad-developer-rpi-white-890x275.jpg?v2)](https://daplie.com/preorder/)
+
+Stop serving the empire and join the rebel alliance!
+
+* [Invest in Daplie on Wefunder](https://daplie.com/invest/)
+* [Pre-order Cloud](https://daplie.com/preorder/), The World's First Home Server for Everyone
+
+le-challenge-dns
+================
+
 [![Join the chat at https://gitter.im/Daplie/letsencrypt-express](https://badges.gitter.im/Daplie/letsencrypt-express.svg)](https://gitter.im/Daplie/letsencrypt-express?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 
 | [letsencrypt](https://github.com/Daplie/node-letsencrypt) (library)
@@ -7,9 +20,6 @@
 | [letsencrypt-hapi](https://github.com/Daplie/letsencrypt-hapi)
 |
 
-le-challenge-dns
-================
-
 **For production** use [`le-challenge-ddns`](https://github.com/Daplie/le-challenge-ddns) (or a similar ddns tool)
 
 A manual (interactive CLI) dns-based strategy for node-letsencrypt for setting, retrieving,

From d5a61df0e828c966af161471828e2c15bdcbbf7c Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Fri, 30 Dec 2016 02:22:02 -0700
Subject: [PATCH 2/6] auto-update ad

---
 README.md | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 8f44d13..b711d0c 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,17 @@
-Daplie is Taking Back the Internet!
+<!-- AD_TPL_BEGIN -->
+
+About Daplie: We're taking back the Internet!
 --------------
 
-[![](https://daplie.github.com/igg/images/ad-developer-rpi-white-890x275.jpg?v2)](https://daplie.com/preorder/)
+Down with Google, Apple, and Facebook!
 
-Stop serving the empire and join the rebel alliance!
+We're re-decentralizing the web and making it read-write again - one home cloud system at a time.
 
-* [Invest in Daplie on Wefunder](https://daplie.com/invest/)
-* [Pre-order Cloud](https://daplie.com/preorder/), The World's First Home Server for Everyone
+Tired of serving the Empire? Come join the Rebel Alliance:
+
+<a href="mailto:jobs@daplie.com">jobs@daplie.com</a> | [Invest in Daplie on Wefunder](https://daplie.com/invest/) | [Pre-order Cloud](https://daplie.com/preorder/), The World's First Home Server for Everyone
+
+<!-- AD_TPL_END -->
 
 le-challenge-dns
 ================

From dea11513a843c05d0a9aa622702dc934b9fac59f Mon Sep 17 00:00:00 2001
From: AJ ONeal <awesome@coolaj86.com>
Date: Fri, 30 Dec 2016 02:39:35 -0700
Subject: [PATCH 3/6] auto-update banner

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index b711d0c..9b7c805 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-<!-- AD_TPL_BEGIN -->
+<!-- BANNER_TPL_BEGIN -->
 
 About Daplie: We're taking back the Internet!
 --------------
@@ -11,7 +11,7 @@ Tired of serving the Empire? Come join the Rebel Alliance:
 
 <a href="mailto:jobs@daplie.com">jobs@daplie.com</a> | [Invest in Daplie on Wefunder](https://daplie.com/invest/) | [Pre-order Cloud](https://daplie.com/preorder/), The World's First Home Server for Everyone
 
-<!-- AD_TPL_END -->
+<!-- BANNER_TPL_END -->
 
 le-challenge-dns
 ================

From f6788d185a8b919f0312112c002e6cf1a49a9b30 Mon Sep 17 00:00:00 2001
From: Tim Caswell <tim@creationix.com>
Date: Wed, 19 Apr 2017 16:51:48 -0500
Subject: [PATCH 4/6] Copy test from ddns module

---
 index.js | 40 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index d1ba9bb..19cb102 100644
--- a/index.js
+++ b/index.js
@@ -5,7 +5,7 @@ var dns = PromiseA.promisifyAll(require('dns'));
 var Challenge = module.exports;
 
 Challenge.create = function (defaults) {
-  return  {
+  return {
     getOptions: function () {
       return defaults || {};
     }
@@ -74,3 +74,41 @@ Challenge.loopback = function (defaults, domain, challenge, done) {
   console.log("dig TXT +noall +answer @8.8.8.8 '" + challengeDomain + "' # " + challenge);
   dns.resolveTxtAsync(challengeDomain).then(function (x) { done(null, x); }, done);
 };
+
+Challenge.test = function (args, domain, challenge, keyAuthorization, done) {
+  var me = this;
+
+  args.test = args.test || '_test.';
+  defaults.test = args.test;
+
+  me.set(args, domain, challenge, keyAuthorization || challenge, function (err, k) {
+    if (err) { done(err); return; }
+
+    me.loopback(defaults, domain, challenge, function (err, arr) {
+      if (err) { done(err); return; }
+
+      if (!arr.some(function (a) {
+        return a.some(function (keyAuthDigest) {
+          return keyAuthDigest === k;
+        });
+      })) {
+        err = new Error("txt record '" + challenge + "' doesn't match '" + k + "'");
+      }
+
+      me.remove(defaults, domain, challenge, function (_err) {
+        if (_err) { done(_err); return; }
+
+        // TODO needs to use native-dns so that specific nameservers can be used
+        // (otherwise the cache will still have the old answer)
+        done(err || null);
+        /*
+        me.loopback(defaults, domain, challenge, function (err) {
+          if (err) { done(err); return; }
+
+          done();
+        });
+        */
+      });
+    });
+  });
+}

From 3dcd2f4c43c66d2e1761f4683bebd6dd765d2046 Mon Sep 17 00:00:00 2001
From: Andre Natal <anatal@gmail.com>
Date: Mon, 19 Jun 2017 15:44:55 -0700
Subject: [PATCH 5/6] Full test working

---
 index.js    |  60 ++++++++++++++++++-------------
 moz_test.js | 102 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 137 insertions(+), 25 deletions(-)
 create mode 100644 moz_test.js

diff --git a/index.js b/index.js
index 19cb102..142c6d1 100644
--- a/index.js
+++ b/index.js
@@ -4,6 +4,8 @@ var PromiseA = require('bluebird');
 var dns = PromiseA.promisifyAll(require('dns'));
 var Challenge = module.exports;
 
+var leDnsResponse;
+
 Challenge.create = function (defaults) {
   return {
     getOptions: function () {
@@ -24,32 +26,40 @@ Challenge.set = function (args, domain, challenge, keyAuthorization, cb) {
     .replace(/\//g, '_')
     .replace(/=+$/g, '')
     ;
-  var challengeDomain = (args.test || '') + args.acmeChallengeDns + domain;
+  var challengeDomain = domain;
 
-  console.info("");
-  console.info("Challenge for '" + domain + "'");
-  console.info("");
-  console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge");
-  console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:");
-  console.info(challenge);
-  console.info(keyAuthorization);
-  console.info(keyAuthDigest);
-  console.info("");
-  console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60");
-  console.info("");
-  console.info(JSON.stringify({
-    domain: domain
-  , challenge: challenge
-  , keyAuthorization: keyAuthorization
-  , keyAuthDigest: keyAuthDigest
-  }, null, '  ').replace(/^/gm, '\t'));
-  console.info("");
-  console.info("hit enter to continue...");
-  process.stdin.resume();
-  process.stdin.on('data', function () {
-    process.stdin.pause();
-    cb(null);
-  });
+  if (this.leDnsResponse) {
+      this.leDnsResponse(challenge, keyAuthorization, keyAuthDigest, challengeDomain, domain)
+      .then((successMessage) => {
+          console.log("Yay! " + successMessage);
+          cb(null);
+      });
+  } else {
+    console.info("");
+    console.info("Challenge for '" + domain + "'");
+    console.info("");
+    console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge");
+    console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:");
+    console.info(challenge);
+    console.info(keyAuthorization);
+    console.info(keyAuthDigest);
+    console.info("");
+    console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60");
+    console.info("");
+    console.info(JSON.stringify({
+      domain: domain
+    , challenge: challenge
+    , keyAuthorization: keyAuthorization
+    , keyAuthDigest: keyAuthDigest
+    }, null, '  ').replace(/^/gm, '\t'));
+    console.info("");
+    console.info("hit enter to continue...");
+    process.stdin.resume();
+    process.stdin.on('data', function () {
+      process.stdin.pause();
+      cb(null);
+    });
+  }
 };
 
 // nothing to do here, that's why it's manual
diff --git a/moz_test.js b/moz_test.js
new file mode 100644
index 0000000..1f4a1b2
--- /dev/null
+++ b/moz_test.js
@@ -0,0 +1,102 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+'use strict';
+
+var le;
+var fetch = require('node-fetch');
+var LE = require('greenlock');
+var leChallengeDns = require('./index.js').create({ debug: false })
+// Storage Backend
+var leStore = require('le-store-certbot').create({
+  configDir: '~/letsencrypt/etc'   // or /etc/letsencrypt or wherever
+, debug: true
+, logsDir: '~/letsencrypt/var/log'
+});
+
+function leAgree(opts, agreeCb) {
+  // opts = { email, domains, tosUrl }
+  agreeCb(null, opts.tosUrl);
+}
+
+let subdomain = String(Math.random()).replace('.','');
+
+le = LE.create({
+  server: LE.productionServerUrl                               // Change to LE.productionServerUrl in production
+, challengeType: 'dns-01'
+, challenges: {
+    'dns-01': leChallengeDns
+  }
+, approveDomains: [  subdomain + '.box.knilxof.org' ]
+, agreeToTerms: leAgree                                   // hook to allow user to view and accept LE TOS
+, debug: true
+, store: leStore
+});
+
+
+
+// Check in-memory cache of certificates for the named domain
+le.check({ domains: [ subdomain + '.box.knilxof.org' ] }).then(function (results) {
+
+    if (results) {
+        // we already have certificates
+        return;
+    }
+
+    let token;
+    let challenge;
+
+    // promise to be called when LE has the dns challenge ready for us
+    leChallengeDns.leDnsResponse = function(challenge, keyAuthorization, keyAuthDigest, challengeDomain, domain){
+
+        console.info("");
+        console.info("Challenge for '" + domain + "'");
+        console.info("");
+        console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge");
+        console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:");
+        console.info(challenge);
+        console.info(keyAuthorization);
+        console.info(keyAuthDigest);
+        console.info("");
+        console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60");
+        console.info("");
+        console.info(JSON.stringify({
+          domain: domain
+        , challenge: challenge
+        , keyAuthorization: keyAuthorization
+        , keyAuthDigest: keyAuthDigest
+        }, null, '  ').replace(/^/gm, '\t'));
+        console.info("");
+
+        return new Promise((resolve, reject) => {
+            // ok now that we have a challenge, we call our gateway to setup the TXT record
+            fetch('http://knilxof.org//dnsconfig?token=' + token + '&challenge=' + keyAuthDigest)
+            .then(function(res) { return res.text(); }).then(function(body) {
+                console.log(body);
+                resolve("Success!");
+            });
+        });
+    }
+
+    fetch('http://knilxof.org/subscribe?name=' + subdomain)
+        .then(function (res) { return res.text(); })
+        .then(function (body) {
+        const jsonBody = JSON.parse(body);
+        token = jsonBody.token;
+        // Register Let's Encrypt
+        le.register({
+            domains: [subdomain + '.box.knilxof.org']                           // CHANGE TO YOUR DOMAIN (list for SANS)
+            , email: 'john.doe@example.com'                                    // CHANGE TO YOUR EMAIL
+            , agreeTos: true                                              // set to tosUrl string (or true) to pre-approve (and skip agreeToTerms)
+            , rsaKeySize: 2048                                           // 2048 or higher
+            , challengeType: 'dns-01'                                   // http-01, tls-sni-01, or dns-01
+        }).then(function (results) {
+            console.log('success');
+        }, function (err) {
+            console.error('[Error]: node-greenlock/examples/standalone');
+            console.error(err.stack);
+        });
+    });
+});
+

From 6e44d2d5b1dcecc525542cd37504fae400e7e8af Mon Sep 17 00:00:00 2001
From: Andre Natal <anatal@gmail.com>
Date: Wed, 21 Jun 2017 14:55:19 -0700
Subject: [PATCH 6/6] Fixing messages

---
 index.js | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/index.js b/index.js
index 142c6d1..d3d3795 100644
--- a/index.js
+++ b/index.js
@@ -31,7 +31,6 @@ Challenge.set = function (args, domain, challenge, keyAuthorization, cb) {
   if (this.leDnsResponse) {
       this.leDnsResponse(challenge, keyAuthorization, keyAuthDigest, challengeDomain, domain)
       .then((successMessage) => {
-          console.log("Yay! " + successMessage);
           cb(null);
       });
   } else {
@@ -69,12 +68,7 @@ Challenge.get = function (defaults, domain, challenge, cb) {
 
 // might as well tell the user that whatever they were setting up has been checked
 Challenge.remove = function (args, domain, challenge, cb) {
-  console.info("Challenge for '" + domain + "' complete. You may remove it.");
-  console.info("");
-  //console.info("hit enter to continue...");
-  //process.stdin.resume();
-  //process.stdin.on('data', function () {
-  //  process.stdin.pause();
+    console.info("Challenge for '" + domain + "' complete. You may remove it.");
     cb(null);
   //});
 };