diff --git a/auth-hook.sh b/auth-hook.sh new file mode 100755 index 0000000..1af3f95 --- /dev/null +++ b/auth-hook.sh @@ -0,0 +1,15 @@ +# ownDynDNS auth script for certbot dns-01 challenge + +# install curl +$(apk --no-cache add curl) + +ACME_PREFIX="_acme-challenge" + +if [ -z "${DDNS_HOST}" ]; then DDNS_HOST=${ACME_PREFIX}; else DDNS_HOST=${ACME_PREFIX}.${DDNS_HOST}; fi + +PAYLOAD="force=true&user=${DDNS_USER}&password=${DDNS_PASS}&txt=${CERTBOT_VALIDATION}&domain=${DDNS_DOMAIN}&host=${DDNS_HOST}&create=true" + +# echo ${PAYLOAD} + +curl -sSL -X POST --data "${PAYLOAD}" ${DDNS_SCRIPT} \ +&& sleep 300 diff --git a/docker-compose.yml b/docker-compose.yml index 39616f7..3d25462 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,11 +3,11 @@ services: container_name: dyndns image: niiwiicamo/owndyndns environment: - DDNS_USER: changeme - DDNS_PASS: changeme - NETCUP_APIKEY: 12345asdf - NETCUP_APIPASS: asdf12345 - NETCUP_CUSTOMERID: 01234 + DDNS_USER: ${DDNS_USER} + DDNS_PASS: ${DDNS_PASS} + NETCUP_APIKEY: ${NETCUP_APIKEY} + NETCUP_APIPASS: ${NETCUP_APIPASS} + NETCUP_CUSTOMERID: ${NETCUP_CUSTOMERID} DDNS_DEBUG: 0 # optional, default: 0 DDNS_LOG: 0 # optional, default: 1 # DDNS_LOGFILE: log.json # optional, default: log.json @@ -16,5 +16,26 @@ services: # DDNS_RESTRICTDOMAIN: 0 # optional, default: 0 # DDNS_FORCEDDOMAIN: example.net # optional, default empty # DDNS_FORCEDHOST: hostname # optional, default empty - ports: - - 8080:8080 + # ports: + # - 8080:8080 + + certbot: + container_name: certbot + image: certbot/certbot + depends_on: + owndyndns: + condition: service_healthy + environment: + DDNS_USER: ${DDNS_USER} + DDNS_PASS: ${DDNS_PASS} + DDNS_HOST: ${DDNS_HOST} + DDNS_DOMAIN: ${DDNS_DOMAIN} + DDNS_SCRIPT: http://dyndns:8080/update.php + DDNS_EMAIL: ${DDNS_EMAIL} # the email used for LetsEncrypt registration + volumes: + - ./auth-hook.sh:/auth-hook.sh + - letsencrypt:/etc/letsencrypt + command: "certonly --manual --preferred-challenges=dns --agree-tos --email ${DDNS_EMAIL} --non-interactive --manual-auth-hook /auth-hook.sh -d ${DDNS_HOST}.${DDNS_DOMAIN}" + +volumes: + letsencrypt: \ No newline at end of file