From 8eb0f01e14f1d80d7542ba070e00c23efb35c02e Mon Sep 17 00:00:00 2001
From: Maksim <18454392+silentdigit@users.noreply.github.com>
Date: Fri, 6 Dec 2019 23:29:05 +1100
Subject: [PATCH] adding scripts

---
 Dockerfile         |  0
 LICENSE            |  0
 README.md          |  0
 scripts/auth.sh    |  3 +++
 scripts/cert.sh    | 16 ++++++++++++++++
 scripts/cleanup.sh |  2 ++
 scripts/start.sh   | 25 +++++++++++++++++++++++++
 7 files changed, 46 insertions(+)
 mode change 100644 => 100755 Dockerfile
 mode change 100644 => 100755 LICENSE
 mode change 100644 => 100755 README.md
 create mode 100755 scripts/auth.sh
 create mode 100755 scripts/cert.sh
 create mode 100755 scripts/cleanup.sh
 create mode 100755 scripts/start.sh

diff --git a/Dockerfile b/Dockerfile
old mode 100644
new mode 100755
diff --git a/LICENSE b/LICENSE
old mode 100644
new mode 100755
diff --git a/README.md b/README.md
old mode 100644
new mode 100755
diff --git a/scripts/auth.sh b/scripts/auth.sh
new file mode 100755
index 0000000..e552aec
--- /dev/null
+++ b/scripts/auth.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+[[ "$(curl -s "https://www.duckdns.org/update?domains=${CERTBOT_DOMAIN%.duckdns.org}&token=${DUCKDNS_TOKEN}&txt=${CERTBOT_VALIDATION}")" = "OK" ]]
+
diff --git a/scripts/cert.sh b/scripts/cert.sh
new file mode 100755
index 0000000..f4c70ff
--- /dev/null
+++ b/scripts/cert.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Initial check for certificates
+#TODO check if `certbot certonly` can automatically skip renewal (eliminated need for document here operator)
+certbot certonly --manual --preferred-challenges dns --manual-auth-hook /scripts/auth \
+	--manual-cleanup-hook /scripts/cleanup -m "${LETSENCRYPT_EMAIL}" --no-eff-email \
+	-d "${LETSENCRYPT_DOMAIN}" --agree-tos --manual-public-ip-logging-ok << EOF
+1
+EOF
+
+# Loop generation at a random time every 12 hours
+while :; do
+	# Generate random delay within 12 hours of seconds
+	# sleep the required time
+	# Run renew command
+done
diff --git a/scripts/cleanup.sh b/scripts/cleanup.sh
new file mode 100755
index 0000000..0bce0a1
--- /dev/null
+++ b/scripts/cleanup.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+[[ "$(curl -s "https://www.duckdns.org/update?domains=${CERTBOT_DOMAIN%.duckdns.org}&token=${DUCKDNS_TOKEN}&txt=${CERTBOT_VALIDATION}&clear=true")" = "OK" ]]
diff --git a/scripts/start.sh b/scripts/start.sh
new file mode 100755
index 0000000..9269ef4
--- /dev/null
+++ b/scripts/start.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# Check variables DUCKDNS_TOKEN, DUCKDNS_DOMAIN, LETSENCRYPT_EMAIL
+if [ -z "$DUCKDNS_TOKEN" ]; then
+	echo ERROR: Variable DUCKDNS_TOKEN is unset
+	exit 1
+fi
+
+if [ -z "$DUCKDNS_DOMAIN" ]; then
+	echo ERROR: Variable DUCKDNS_DOMAIN is unset
+	exit 1
+fi
+
+if [ -z "$LETSENCRYPT_EMAIL" ]; then
+	echo ERROR: Variable LETSENCRYPT_EMAIL is unset
+	exit 1
+fi
+
+# Print variables
+echo DUCKDNS_TOKEN: $DUCKDNS_TOKEN
+echo DUCKDNS_DOMAIN: $DUCKDNS_DOMAIN
+echo LETSENCRYPT_EMAIL: $LETSENCRYPT_EMAIL
+
+# Start automatic ssl certificate generation
+/bin/sh /scripts/cert.sh