From ff80d5b8099e6a572b0c538c42ddf61b9c2f8714 Mon Sep 17 00:00:00 2001 From: Andrew DeFaria Date: Fri, 7 Jan 2022 10:21:41 -0800 Subject: [PATCH] Added debug logging to certbot scripts --- bin/certbot_authentication.sh | 42 +++++++++++++++++++++++++---------- bin/certbot_cleanup.sh | 11 +++++++-- 2 files changed, 39 insertions(+), 14 deletions(-) diff --git a/bin/certbot_authentication.sh b/bin/certbot_authentication.sh index b026810..b804ec9 100755 --- a/bin/certbot_authentication.sh +++ b/bin/certbot_authentication.sh @@ -14,7 +14,7 @@ # # See also: https://help.dreamhost.com/hc/en-us/articles/217555707-DNS-API-commands # -# Crontab: 0 0 1 * * certbot renew --manual-auth-hook /path/to/certbot_authentication.sh --manual-cleanup-hook /path/to/certbot_cleanup.sh +# Crontab: 0 0 1 * * certbot renew --manual-aacmeuth-hook /path/to/certbot_authentication.sh --manual-cleanup-hook /path/to/certbot_cleanup.sh # # Author: Andrew@DeFaria.com # Created: Fri 04 Jun 2021 11:20:16 PDT @@ -31,11 +31,22 @@ # _acme-challenge.subdomain.example.com for a subdomain # Note: Pass in $1 for testing or use the default of # CERTBOT_DOMAIN -domain=${1:-CERTBOT_DOMAIN} +domain=${1:-$CERTBOT_DOMAIN} # CERTBOT_VALIDATION: The validation string. Pass in $2 or use the default of # CERTBOT_VALIDATION -value=${2:-CERTBOT_VALIDATION} +value=${2:-$CERTBOT_VALIDATION} + +logfile=/tmp/debug.log +rm -f $logfile + +function log { + #echo $1 + echo $1 >> $logfile +} # log + +log "domain = $domain" +log "value = $value" # Dreamhost key - generate at https://panel.dreamhost.com/?tree=home.api key=KHY6UJQXD9MEJZHR @@ -45,12 +56,14 @@ url="https://api.dreamhost.com/?key=$key" # Add a TXT record to domain function addTXT { - echo "Adding TXT record $domain = $value)" - cmd="$url&unique_id=$(uuidgen)&cmd=dns-add_record&record=$domain&type=TXT&value=$value" + log "Adding TXT record $domain = $value" >> $logfile + cmd="$url&unique_id=$(uuidgen)&cmd=dns-add_record&record=&type=TXT&value=_acme-challenge.$domain=$value" + + log "cmd = $cmd" >> $logfile response=$(wget -O- -q "$cmd") - echo "$response" + log "Response = $response" >> $logfile } # addTXT # Verifies that the TXT record has propogated. Note that this cannot be @@ -58,6 +71,7 @@ function addTXT { # However, we are not concerned with when the removal is propagated, it can # do so on its own time function verifyPropagation { + log "Enter verifyPropagation" >> $logfile # We will try 4 times waiting 5 minutes in between max_attempts=4 time_between_attempts=300 @@ -65,24 +79,28 @@ function verifyPropagation { # Obviously it's not propagated immediately so first wait attempt=0 while [ $attempt -lt 4 ]; do - echo "Waiting 5 minutes for TXT record $domain to propagate..." + log "Waiting 5 minutes for TXT record $domain to propagate..." >> $logfile sleep $time_between_attempts ((attempt++)) - echo "Attempt #$attempt: Validating of propagation of TXT record $domain" - TXT=$(nslookup -type=TXT $domain | grep -v "can't find" | grep $domain) + log "Attempt #$attempt: Validating of propagation of TXT record $domain" >> $logfile + TXT=$(nslookup -type=TXT $domain | grep -vi "can't find" | grep $domain) if [ -n "$TXT" ]; then - echo "TXT record $name.$domain propagated" + log "TXT record $name.$domain propagated" >> $logfile return else - echo "TXT record $name.$domain not propagated yet" + log "TXT record $name.$domain not propagated yet" >> $logfile fi done - echo "ERROR: Unable to validate propagation" + log "ERROR: Unable to validate propagation" >> $logfile exit 1 } # verifyPropagation +log "Calling addTXT" >> $logfile addTXT +log "Returned from addTXT" >> $logfile +log "calling verifyPropagation" >> $logfile verifyPropagation +log "Returned from verifyPropagation" >> $logfile diff --git a/bin/certbot_cleanup.sh b/bin/certbot_cleanup.sh index a337cf5..ea94728 100755 --- a/bin/certbot_cleanup.sh +++ b/bin/certbot_cleanup.sh @@ -35,6 +35,13 @@ domain=${1:-CERTBOT_DOMAIN} # CERTBOT_VALIDATION value=${2:-CERTBOT_VALIDATION} +logfile=/tmp/debug.log + +function log { + #echo $1 + echo $1 >> $logfile +} # log + # Dreamhost key - generate at https://panel.dreamhost.com/?tree=home.api key=KHY6UJQXD9MEJZHR @@ -43,12 +50,12 @@ url="https://api.dreamhost.com/?key=$key" # Remove a TXT record. Oddly you must also specify the value. function removeTXT { - echo "Removing TXT record $CERTBOT_DOMAIN_DOMAIN = $CERTBOT_VALIDATION" + log "Removing TXT record $CERTBOT_DOMAIN = $CERTBOT_VALIDATION" cmd="$url&unique_id=$(uuidgen)&cmd=dns-remove_record&record=$CERTBOT_DOMAIN&type=TXT&value=$CERTBOT_VALIDATION" response=$(wget -O- -q "$cmd") - echo "$response" + log "$response" } # removeTXT removeTXT -- 2.17.1