From 16e6a55d4b703dfed126fdf7919e9d57aa8fa4cc Mon Sep 17 00:00:00 2001 From: Marcel Waldvogel Date: Wed, 19 Jul 2017 11:25:52 +0200 Subject: [PATCH] Configurationless `nsupdate -l`-like mode When `nsupdate -l` works, `-dnsapi nsupdate` requires no further configuration. It does not use `nsupdate -l` (would imply more code and more code changes), but points `nsupdate -k` at the key which would be used by `nsupdate -l`. --- dnsapi/README.md | 4 ++++ dnsapi/dns_nsupdate.sh | 6 ++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index d3dff12a..a74e0404 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -100,6 +100,10 @@ https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api ## 7. Use nsupdate to automatically issue cert +If `nsupdate -l` already works for the domain in question, you are all set: +neither preparation nor environment variables are required. +Otherwise, follow these instructions: + First, generate a key for updating the zone ``` b=$(dnssec-keygen -a hmac-sha512 -b 512 -n USER -K /tmp foo) diff --git a/dnsapi/dns_nsupdate.sh b/dnsapi/dns_nsupdate.sh index 7acb2ef7..4dcbcded 100755 --- a/dnsapi/dns_nsupdate.sh +++ b/dnsapi/dns_nsupdate.sh @@ -7,7 +7,6 @@ dns_nsupdate_add() { fulldomain=$1 txtvalue=$2 _checkKeyFile || return 1 - [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost" # save the dns server and key to the account conf file. _saveaccountconf NSUPDATE_SERVER "${NSUPDATE_SERVER}" _saveaccountconf NSUPDATE_KEY "${NSUPDATE_KEY}" @@ -29,7 +28,6 @@ EOF dns_nsupdate_rm() { fulldomain=$1 _checkKeyFile || return 1 - [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost" _info "removing ${fulldomain}. txt" nsupdate -k "${NSUPDATE_KEY}" <