Hook scripts for automating the issue and renewal of Let's Encrypt certificates when using Linode's DNS platform.

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Andy Heathershaw 5ec4620664 Added additional boundary checking to grep commands		4 years ago
README.md	Added a caution about Linode's 15-minute delay in deploying records	4 years ago
linode-auth-hook.sh	Added checking to ensure the correct domain is located	4 years ago
linode-cleanup-hook.sh	Added additional boundary checking to grep commands	4 years ago

README.md

Let's Encrypt plugin scripts for Linode DNS

Hook scripts for automating the issue and renewal of Let's Encrypt certificates when using Linode's DNS platform.

Installation

These scripts use Linode's official CLI client to interact with the Linode API.

Install the official Linode CLI client using Linode's official guide.

Download the linode-auth-hook.sh and linode-cleanup-hook.sh shell scripts and make a note of where you have downloaded them to.

Usage

To use the scripts for a new domain renewal, use the "manual" plugin with the extra "hook" options.

This example requests a wildcard certificate for the domain yourdomain.com - change accordingly.

certbot certonly --manual -d *.yourdomain.com -d yourdomain.com --preferred-challenges dns-01 --manual-auth-hook /path/to/linode-auth-hook.sh --manual-cleanup-hook /path/to/linode-cleanup-hook.sh.

Please note: Linode only deploy changes to their nameservers roughly every 15 minutes, so DNS records do not show up immediately. The authorisation script waits for 20 minutes after creating a record before exiting to allow the DNS records to be deployed before Let's Encrypt verifies them. Therefore this script can take some time to run. Once a certificate has been issued, renewals happen non-interactively.