coolaj86
/
acme-dns-01-cli.js
1
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Compare commits

base: coolaj86:cb5a079ea2a09871174ae1cce6080afbe73327a8
Branches Tags
coolaj86:master
coolaj86:v2.3
coolaj86:v2.2
coolaj86:v3.0.7
coolaj86:v3.0.6
coolaj86:v3.0.5
coolaj86:v3.0.4
coolaj86:v3.0.3
coolaj86:v3.0.2
coolaj86:v3.0.1
coolaj86:v3.0.0
coolaj86:v2.3.2
coolaj86:v2.3.1
coolaj86:v2.3.0
coolaj86:v2.2.1
coolaj86:v2.0.3
coolaj86:v2.0.2
coolaj86:v2.0.1
coolaj86:v2.0.0
..
compare: coolaj86:8ed6e3cdcc351754153429a236f7fbad5add36ff
Branches Tags
coolaj86:master
coolaj86:v2.3
coolaj86:v2.2
coolaj86:v3.0.7
coolaj86:v3.0.6
coolaj86:v3.0.5
coolaj86:v3.0.4
coolaj86:v3.0.3
coolaj86:v3.0.2
coolaj86:v3.0.1
coolaj86:v3.0.0
coolaj86:v2.3.2
coolaj86:v2.3.1
coolaj86:v2.3.0
coolaj86:v2.2.1
coolaj86:v2.0.3
coolaj86:v2.0.2
coolaj86:v2.0.1
coolaj86:v2.0.0

No commits in common. "cb5a079ea2a09871174ae1cce6080afbe73327a8" and "8ed6e3cdcc351754153429a236f7fbad5add36ff" have entirely different histories.
cb5a079ea2 ... 8ed6e3cdcc

3 changed files with 33 additions and 137 deletions
Show Stats Expand all files Collapse all files

2
README.md
View File

@ -8,6 +8,8 @@ le-challenge-dns
| [acme-v2.js](https://git.coolaj86.com/coolaj86/acme-v2.js) | [acme-v2.js](https://git.coolaj86.com/coolaj86/acme-v2.js)
| |
**For production** use [`le-challenge-ddns`](https://git.coolaj86.com/coolaj86/le-challenge-ddns) (or a similar ddns tool)
A manual (interactive CLI) dns-based strategy for node-letsencrypt for setting, retrieving, A manual (interactive CLI) dns-based strategy for node-letsencrypt for setting, retrieving,
and clearing ACME DNS-01 challenges issued by the ACME server and clearing ACME DNS-01 challenges issued by the ACME server

66
index.js
View File

@ -4,8 +4,6 @@ var PromiseA = require('bluebird');
var dns = PromiseA.promisifyAll(require('dns')); var dns = PromiseA.promisifyAll(require('dns'));
var Challenge = module.exports; var Challenge = module.exports;
var leDnsResponse;
Challenge.create = function (defaults) { Challenge.create = function (defaults) {
return { return {
getOptions: function () { getOptions: function () {
@ -26,39 +24,32 @@ Challenge.set = function (args, domain, challenge, keyAuthorization, cb) {
.replace(/\//g, '_') .replace(/\//g, '_')
.replace(/=+$/g, '') .replace(/=+$/g, '')
; ;
var challengeDomain = domain; var challengeDomain = (args.test || '') + args.acmeChallengeDns + domain;
if (this.leDnsResponse) { console.info("");
this.leDnsResponse(challenge, keyAuthorization, keyAuthDigest, challengeDomain, domain) console.info("Challenge for '" + domain + "'");
.then((successMessage) => { console.info("");
cb(null); console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge");
}); console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:");
} else { console.info(challenge);
console.info(""); console.info(keyAuthorization);
console.info("Challenge for '" + domain + "'"); console.info(keyAuthDigest);
console.info(""); console.info("");
console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge"); console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60");
console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:"); console.info("");
console.info(challenge); console.info(JSON.stringify({
console.info(keyAuthorization); domain: domain
console.info(keyAuthDigest); , challenge: challenge
console.info(""); , keyAuthorization: keyAuthorization
console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60"); , keyAuthDigest: keyAuthDigest
console.info(""); }, null, ' ').replace(/^/gm, '\t'));
console.info(JSON.stringify({ console.info("");
domain: domain console.info("hit enter to continue...");
, challenge: challenge process.stdin.resume();
, keyAuthorization: keyAuthorization process.stdin.on('data', function () {
, keyAuthDigest: keyAuthDigest process.stdin.pause();
}, null, ' ').replace(/^/gm, '\t')); cb(null);
console.info(""); });
console.info("hit enter to continue...");
process.stdin.resume();
process.stdin.on('data', function () {
process.stdin.pause();
cb(null);
});
}
}; };
// nothing to do here, that's why it's manual // nothing to do here, that's why it's manual
@ -68,7 +59,12 @@ Challenge.get = function (defaults, domain, challenge, cb) {
// might as well tell the user that whatever they were setting up has been checked // might as well tell the user that whatever they were setting up has been checked
Challenge.remove = function (args, domain, challenge, cb) { Challenge.remove = function (args, domain, challenge, cb) {
console.info("Challenge for '" + domain + "' complete. You may remove it."); console.info("Challenge for '" + domain + "' complete. You may remove it.");
console.info("");
//console.info("hit enter to continue...");
//process.stdin.resume();
//process.stdin.on('data', function () {
// process.stdin.pause();
cb(null); cb(null);
//}); //});
}; };

102
moz_test.js
View File

@ -1,102 +0,0 @@
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
'use strict';
var le;
var fetch = require('node-fetch');
var LE = require('greenlock');
var leChallengeDns = require('./index.js').create({ debug: false })
// Storage Backend
var leStore = require('le-store-certbot').create({
configDir: '~/letsencrypt/etc' // or /etc/letsencrypt or wherever
, debug: true
, logsDir: '~/letsencrypt/var/log'
});
function leAgree(opts, agreeCb) {
// opts = { email, domains, tosUrl }
agreeCb(null, opts.tosUrl);
}
let subdomain = String(Math.random()).replace('.','');
le = LE.create({
server: LE.productionServerUrl // Change to LE.productionServerUrl in production
, challengeType: 'dns-01'
, challenges: {
'dns-01': leChallengeDns
}
, approveDomains: [ subdomain + '.box.knilxof.org' ]
, agreeToTerms: leAgree // hook to allow user to view and accept LE TOS
, debug: true
, store: leStore
});
// Check in-memory cache of certificates for the named domain
le.check({ domains: [ subdomain + '.box.knilxof.org' ] }).then(function (results) {
if (results) {
// we already have certificates
return;
}
let token;
let challenge;
// promise to be called when LE has the dns challenge ready for us
leChallengeDns.leDnsResponse = function(challenge, keyAuthorization, keyAuthDigest, challengeDomain, domain){
console.info("");
console.info("Challenge for '" + domain + "'");
console.info("");
console.info("We now present (for you copy-and-paste pleasure) your ACME Challenge");
console.info("public Challenge and secret KeyAuthorization and Digest, in that order, respectively:");
console.info(challenge);
console.info(keyAuthorization);
console.info(keyAuthDigest);
console.info("");
console.info(challengeDomain + "\tTXT " + keyAuthDigest + "\tTTL 60");
console.info("");
console.info(JSON.stringify({
domain: domain
, challenge: challenge
, keyAuthorization: keyAuthorization
, keyAuthDigest: keyAuthDigest
}, null, ' ').replace(/^/gm, '\t'));
console.info("");
return new Promise((resolve, reject) => {
// ok now that we have a challenge, we call our gateway to setup the TXT record
fetch('http://knilxof.org//dnsconfig?token=' + token + '&challenge=' + keyAuthDigest)
.then(function(res) { return res.text(); }).then(function(body) {
console.log(body);
resolve("Success!");
});
});
}
fetch('http://knilxof.org/subscribe?name=' + subdomain)
.then(function (res) { return res.text(); })
.then(function (body) {
const jsonBody = JSON.parse(body);
token = jsonBody.token;
// Register Let's Encrypt
le.register({
domains: [subdomain + '.box.knilxof.org'] // CHANGE TO YOUR DOMAIN (list for SANS)
, email: 'john.doe@example.com' // CHANGE TO YOUR EMAIL
, agreeTos: true // set to tosUrl string (or true) to pre-approve (and skip agreeToTerms)
, rsaKeySize: 2048 // 2048 or higher
, challengeType: 'dns-01' // http-01, tls-sni-01, or dns-01
}).then(function (results) {
console.log('success');
}, function (err) {
console.error('[Error]: node-greenlock/examples/standalone');
console.error(err.stack);
});
});
});