Whenever my certificates are almost expired I run my script that loads domain.txt so I don’t need to type it manually and remember all my wildcard subdomains on my VPS server. I was thinking to build a Gandi plugin, but seems an hassle, so therefor I made NodeJS script to add keys easily.
sylo.space *.sylo.space *.blog.sylo.space *.oib.sylo.space
mdstn.com *.mdstn.com *.oib.mdstn.com *.otherinbox.mdstn.com
mizu.work *.mizu.work
domain.txt#!/bin/bash
SERVER=https://acme-v02.api.letsencrypt.org/directory
CERTBOTARGS="certonly --agree-tos -m hariantoatwork@gmail.com --manual --manual-public-ip-logging-ok --preferred-challenges dns --server $SERVER"
DNSTXT=domains.txt
IFS=$'\r\n' GLOBIGNORE='*' command eval 'DOMAINS=($(<"$DNSTXT"))'; unset IFS
cd /root/certbot
for DOMAIN in "${DOMAINS[@]}"
{
allDNS=($DOMAIN)
args=()
for dns in "${allDNS[@]}"; do args+=(-d "$dns"); done
echo "###: $DOMAIN"
./certbot-auto $CERTBOTARGS --cert-name ${allDNS[0]} "${args[@]}"
echo ================================
}
renew-cert.shcertonly: Obtain or renew a certificate, but do not install it
--agree-tos: Agree to the ACME server's Subscriber Agreement
-m: Email address for important account notifications
--manual: Obtain certificates interactively, or using shell script
hooks
--manual-public-ip-logging-ok: Auto accept IP logging
--preferred-challenges: Set challenge to DNS
--server: Manual override server for wildcards
