diff --git a/.gitignore b/.gitignore index 636e7ee..f007981 100644 --- a/.gitignore +++ b/.gitignore @@ -1,33 +1,14 @@ -__pycache__ +.vscode/* !.vscode/extensions.json !.vscode/launch.json !.vscode/settings.json !.vscode/tasks.json -!gradle-wrapper.jar + +__pycache__ .classpath .DS_Store .gradle .history -.idea_modules/ -.idea/**/contentModel.xml -.idea/**/dataSources.ids -.idea/**/dataSources.local.xml -.idea/**/dataSources/ -.idea/**/dbnavigator.xml -.idea/**/dictionaries -.idea/**/dynamic.xml -.idea/**/gradle.xml -.idea/**/libraries -.idea/**/mongoSettings.xml -.idea/**/shelf -.idea/**/sqlDataSources.xml -.idea/**/tasks.xml -.idea/**/uiDesigner.xml -.idea/**/usage.statistics.xml -.idea/**/workspace.xml -.idea/caches/build_file_checksums.ser -.idea/httpRequests -.idea/replstate.xml .kobalt .mtj.tmp/ .mvn/timing.properties @@ -36,20 +17,39 @@ __pycache__ .project .scannerwork .settings -.vscode/* *.class *.code-workspace *.ctxt -*.ear *.iws -*.jar *.log *.nar *.rar *.sublime-* *.tar.gz -*.war *.zip +/**/.idea_modules/ +/**/.idea/**/caches/build_file_checksums.ser +/**/.idea/**/contentModel.xml +/**/.idea/**/dataSources.ids +/**/.idea/**/dataSources.local.xml +/**/.idea/**/dataSources/ +/**/.idea/**/dbnavigator.xml +/**/.idea/**/dictionaries +/**/.idea/**/dynamic.xml +/**/.idea/**/gradle.xml +/**/.idea/**/httpRequests +/**/.idea/**/libraries +/**/.idea/**/mongoSettings.xml +/**/.idea/**/replstate.xml +/**/.idea/**/shelf +/**/.idea/**/shelf/ +/**/.idea/**/sqlDataSources.xml +/**/.idea/**/tasks.xml +/**/.idea/**/uiDesigner.xml +/**/.idea/**/usage.statistics.xml +/**/.idea/**/workspace.xml +/**/.idea/$CACHE_FILE$ +/**/.idea/$PRODUCT_WORKSPACE_FILE$ atlassian-ide-plugin.xml bin/ build/ diff --git a/.idea/codeStyles/codeStyleConfig.xml b/.idea/codeStyles/codeStyleConfig.xml new file mode 100644 index 0000000..a55e7a1 --- /dev/null +++ b/.idea/codeStyles/codeStyleConfig.xml @@ -0,0 +1,5 @@ + + + + \ No newline at end of file diff --git a/.idea/copyright/Erik_s_Copyright_Notice.xml b/.idea/copyright/Erik_s_Copyright_Notice.xml index 08660a1..c6b12fd 100644 --- a/.idea/copyright/Erik_s_Copyright_Notice.xml +++ b/.idea/copyright/Erik_s_Copyright_Notice.xml @@ -1,6 +1,6 @@ - \ No newline at end of file diff --git a/.idea/misc.xml b/.idea/misc.xml index cfbc99a..6649a8c 100644 --- a/.idea/misc.xml +++ b/.idea/misc.xml @@ -3,5 +3,5 @@ - + \ No newline at end of file diff --git a/.idea/namesilo-letsencrypt.iml b/.idea/namesilo-letsencrypt.iml index 85c7612..ddc01a4 100644 --- a/.idea/namesilo-letsencrypt.iml +++ b/.idea/namesilo-letsencrypt.iml @@ -1,5 +1,8 @@ + + @@ -7,7 +10,4 @@ - - \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..0a79563 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,25 @@ +# Changelog + +## [0.9.2](https://github.com/ethauvin/namesilo-letsencrypt/tree/0.9.2) (2020-05-28) + +[Full Changelog](https://github.com/ethauvin/namesilo-letsencrypt/compare/0.9.1...0.9.2) + +**Closed issues:** + +- Do not support multiple \_acme-challenge records [\#1](https://github.com/ethauvin/namesilo-letsencrypt/issues/1) + +**Merged pull requests:** + +- make python3.4 compatible. add subdomains support [\#2](https://github.com/ethauvin/namesilo-letsencrypt/pull/2) ([Junker](https://github.com/Junker)) + +## [0.9.1](https://github.com/ethauvin/namesilo-letsencrypt/tree/0.9.1) (2020-03-15) + +[Full Changelog](https://github.com/ethauvin/namesilo-letsencrypt/compare/0.9.0...0.9.1) + +## [0.9.0](https://github.com/ethauvin/namesilo-letsencrypt/tree/0.9.0) (2019-04-30) + +[Full Changelog](https://github.com/ethauvin/namesilo-letsencrypt/compare/8a91146faebd196b223f7653e470428130f26246...0.9.0) + + + +\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)* diff --git a/LICENSE.md b/LICENSE.md deleted file mode 100644 index 1b82601..0000000 --- a/LICENSE.md +++ /dev/null @@ -1,12 +0,0 @@ -### Copyright © 2019, [Erik C. Thauvin](mailto:erik@thauvin.net) -#### All rights reserved. - -Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - -* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - -* Neither the name of this project nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. - -*THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.* diff --git a/LICENSE.txt b/LICENSE.txt new file mode 100644 index 0000000..e6551d0 --- /dev/null +++ b/LICENSE.txt @@ -0,0 +1,27 @@ +Copyright (c) 2019-2020, Erik C. Thauvin (erik@thauvin.net) +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of this project nor the names of its contributors may be + used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/README.md b/README.md index b65f8b4..3e2232a 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # NameSilo Let's Encrypt -[![License (3-Clause BSD)](https://img.shields.io/badge/license-BSD%203--Clause-blue.svg?style=flat-square)](http://opensource.org/licenses/BSD-3-Clause) -[![Python 3.7](https://img.shields.io/badge/python-3.7-blue.svg)](https://www.python.org/) +[![License (3-Clause BSD)](https://img.shields.io/badge/license-BSD%203--Clause-blue.svg?style=flat-square)](https://opensource.org/licenses/BSD-3-Clause) +[![Python 3.4](https://img.shields.io/badge/python-3.4-blue.svg)](https://www.python.org/) Python scripts (hook) to automate obtaining [Let's Encrypt](https://letsencrypt.org/) certificates, using [Certbot](https://certbot.eff.org/) DNS-01 challenge validation for domains DNS hosted on @@ -9,19 +9,21 @@ using [Certbot](https://certbot.eff.org/) DNS-01 challenge validation for domain ## Setup -The scripts use the [untangle](https://untangle.readthedocs.io/en/latest/) library, if not already installed on your system: +The scripts use the [tldextract](https://github.com/john-kurkowski/tldextract) and [untangle](https://untangle.readthedocs.io/en/latest/) libraries, if not already installed on your system: ``` -pip install untangle +pip install tldextract untangle ``` +Download the [latest release](https://github.com/ethauvin/namesilo-letsencrypt/releases) archive and expand it in the desired directory. + ## Configuration -Add your [NameSilo API key](https://www.namesilo.com/account_api.php) +Add your [NameSilo API key](https://www.namesilo.com/account/api-manager) to the top of the `config.py` file: ```python -# Get your API Key from: https://www.namesilo.com/account_api.php +# Get your API Key from: https://www.namesilo.com/account/api-manager apikey = "YOUR_API_KEY" ``` @@ -29,7 +31,7 @@ Alternatively, the API key can be set in the `NAMESILO_API` environment variable ## Using with Certbot -To issue a new certificate using the hook scripts, try something like: +To issue or renew a certificate using the hook scripts, try something like: 
 certbot certonly --manual --email you@example.com \
@@ -40,17 +42,4 @@ certbot certonly --manual --email you@example.com \
 -d *.example.com -d example.com
-Or to renew an existing certificate: - -
-certbot renew --manual --email you@example.com \
---agree-tos --manual-public-ip-logging-ok \
---preferred-challenges=dns \
---manual-auth-hook /path/to/authenticator.py \
---manual-cleanup-hook /path/to/cleanup.py \
--d *.example.com -d example.com
-
- -Please note that NameSilo DNS propagation takes up to **15 minutes**, -so the scripts will wait 16 minutes before completing. - +Please note that NameSilo DNS propagation takes up to **15 minutes**. The scripts will wait **25 minutes** before completing, just to be safe. diff --git a/authenticator.py b/authenticator.py old mode 100644 new mode 100755 index 30d88e6..510aa1f --- a/authenticator.py +++ b/authenticator.py @@ -1,8 +1,8 @@ -#!/usr/bin/env python3.7 +#!/usr/bin/env python3 # authenticator.py # -# Copyright (c) 2019, Erik C. Thauvin (erik@thauvin.net) +# Copyright (c) 2019-2020, Erik C. Thauvin (erik@thauvin.net) # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -22,14 +22,14 @@ # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# AREDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVERCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USEOF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +# THE POSSIBILITY OF SUCH DAMAGE. import os import sys @@ -37,28 +37,41 @@ import tempfile import time import urllib.request +import tldextract import untangle -from config import apikey +from config import apikey, wait + + +def sleep(minutes): + if minutes < 16: + minutes = 16 + time.sleep(minutes * 60) + domain = os.environ['CERTBOT_DOMAIN'] validation = os.environ['CERTBOT_VALIDATION'] -tmpdir = os.path.join(tempfile.gettempdir(), f"CERTBOT_{domain}") +tmpdir = os.path.join(tempfile.gettempdir(), "CERTBOT_" + domain) +rrhost = "_acme-challenge" if "NAMESILO_API" in os.environ: apikey = os.environ['NAMESILO_API'] -url = f"https://www.namesilo.com/api/dnsAddRecord?\ -version=1&type=xml&key={apikey}&domain={domain}&rrtype=TXT\ -&rrhost=_acme-challenge&rrvalue={validation}&rrttl=3600" +tld = tldextract.extract(domain) +nsdomain = tld.domain + "." + tld.suffix +if tld.subdomain: + rrhost += "." + tld.subdomain + +url = "https://www.namesilo.com/api/dnsAddRecord?\ +version=1&type=xml&key=" + apikey + "&domain=" + nsdomain + "&rrtype=TXT\ +&rrhost=" + rrhost + "&rrvalue=" + validation + "&rrttl=3600" req = urllib.request.Request( url, data=None, headers={ - 'User-Agent': ('Mozilla/5.0 (X11; CrOS x86_64 11647.154.0) ' - 'AppleWebKit/537.36 (KHTML, like Gecko) ' - 'Chrome/73.0.3683.114 Safari/537.36') + 'User-Agent': ('Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) ' + 'Gecko/20100101 Firefox/74.0') } ) @@ -79,5 +92,5 @@ else: xml.namesilo.reply.code.cdata), file=sys.stderr) sys.exit(1) -# Sleep 16 minutes -time.sleep(960) +# Sleep X minutes +sleep(wait) diff --git a/cleanup.py b/cleanup.py old mode 100644 new mode 100755 index 27d38c4..c15d05c --- a/cleanup.py +++ b/cleanup.py @@ -1,8 +1,8 @@ -#!/usr/bin/env python3.7 +#!/usr/bin/env python3 # cleanup.py # -# Copyright (c) 2019, Erik C. Thauvin (erik@thauvin.net) +# Copyright (c) 2019-2020, Erik C. Thauvin (erik@thauvin.net) # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -22,32 +22,36 @@ # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# AREDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVERCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -# ARISING IN ANY WAY OUT OF THE USEOF THIS SOFTWARE, EVEN IF ADVISED OF THE -# POSSIBILITY OF SUCH DAMAGE. +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +# THE POSSIBILITY OF SUCH DAMAGE. import os import sys import tempfile import urllib.request +import tldextract import untangle from config import apikey domain = os.environ['CERTBOT_DOMAIN'] -tmpdir = os.path.join(tempfile.gettempdir(), f"CERTBOT_{domain}") +tmpdir = os.path.join(tempfile.gettempdir(), "CERTBOT_" + domain) if "NAMESILO_API" in os.environ: apikey = os.environ['NAMESILO_API'] -url = f"https://www.namesilo.com/api/dnsDeleteRecord\ -?version=1&type=xml&key={apikey}&domain={domain}&rrid=" +tld = tldextract.extract(domain) +nsdomain = tld.domain + "." + tld.suffix + +url = "https://www.namesilo.com/api/dnsDeleteRecord\ +?version=1&type=xml&key=" + apikey + "&domain=" + nsdomain + "&rrid=" def getrequest(record_id): @@ -55,9 +59,8 @@ def getrequest(record_id): url + record_id, data=None, headers={ - 'User-Agent': ('Mozilla/5.0 (X11; CrOS x86_64 11647.154.0) ' - 'AppleWebKit/537.36 (KHTML, like Gecko) ' - 'Chrome/73.0.3683.114 Safari/537.36') + 'User-Agent': ('Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) ' + 'Gecko/20100101 Firefox/74.0') } ) diff --git a/config.py b/config.py index b30c1c3..0bcd226 100644 --- a/config.py +++ b/config.py @@ -1,2 +1,4 @@ -# Get your API Key from: https://www.namesilo.com/account_api.php +# Get your API Key from: https://www.namesilo.com/account/api-manager apikey = "YOUR_API_KEY" +# Minutes to wait for DNS changes to complete. +wait = 25 diff --git a/release.sh b/release.sh new file mode 100755 index 0000000..6689a1b --- /dev/null +++ b/release.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +RELEASE=release + +if [ $# != 1 ]; +then + echo "Usage: $(basename "$0") " + exit 2 +else + if ! [ -d "$RELEASE" ] + then + mkdir "$RELEASE" + fi + PROJECT=$(basename "$(pwd)") + DIR="${PROJECT}-${1}" + mkdir "$DIR" + cp ./*.py ./*.md ./*.txt "$DIR" + dos2unix "$DIR"/*.* + touch "$DIR" "$DIR"/*.* + tar -czvf "${RELEASE}/${DIR}.tar.gz" "$DIR" + zip --to-crlf -r "${RELEASE}/${DIR}.zip" "$DIR" + touch "$RELEASE"/*.* + rm -rf "${DIR}" +fi diff --git a/release/namesilo-letsencrypt-0.9.2.tar.gz b/release/namesilo-letsencrypt-0.9.2.tar.gz new file mode 100644 index 0000000..711d070 Binary files /dev/null and b/release/namesilo-letsencrypt-0.9.2.tar.gz differ diff --git a/release/namesilo-letsencrypt-0.9.2.zip b/release/namesilo-letsencrypt-0.9.2.zip new file mode 100644 index 0000000..4affb98 Binary files /dev/null and b/release/namesilo-letsencrypt-0.9.2.zip differ