· 6 years ago · Nov 16, 2019, 02:44 PM
1#!/bin/bash
2
3# Get your API key from https://www.cloudflare.com/a/account/my-account
4API_KEY="your-api-key"
5EMAIL="your.email@example.com"
6
7# Strip only the top domain to get the zone id
8DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')
9
10# Get the Cloudflare zone id
11ZONE_EXTRA_PARAMS="status=active&page=1&per_page=20&order=status&direction=desc&match=all"
12ZONE_ID=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones?name=$DOMAIN&$ZONE_EXTRA_PARAMS" \
13 -H "X-Auth-Email: $EMAIL" \
14 -H "X-Auth-Key: $API_KEY" \
15 -H "Content-Type: application/json" | python -c "import sys,json;print(json.load(sys.stdin)['result'][0]['id'])")
16
17# Create TXT record
18CREATE_DOMAIN="_acme-challenge.$CERTBOT_DOMAIN"
19RECORD_ID=$(curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records" \
20 -H "X-Auth-Email: $EMAIL" \
21 -H "X-Auth-Key: $API_KEY" \
22 -H "Content-Type: application/json" \
23 --data '{"type":"TXT","name":"'"$CREATE_DOMAIN"'","content":"'"$CERTBOT_VALIDATION"'","ttl":120}' \
24 | python -c "import sys,json;print(json.load(sys.stdin)['result']['id'])")
25# Save info for cleanup
26if [ ! -d /tmp/CERTBOT_$CERTBOT_DOMAIN ];then
27 mkdir -m 0700 /tmp/CERTBOT_$CERTBOT_DOMAIN
28fi
29echo $ZONE_ID > /tmp/CERTBOT_$CERTBOT_DOMAIN/ZONE_ID
30echo $RECORD_ID > /tmp/CERTBOT_$CERTBOT_DOMAIN/RECORD_ID
31
32# Sleep to make sure the change has time to propagate over to DNS
33sleep 25