sympl-ssl 918 Bytes
Newer Older
Paul Cammish's avatar
Paul Cammish committed
1
2
#!/bin/bash -e

3
# Workaround wrapper script for sympl-ssl to fix a bug in IPv6 only resolution of the LE API DNS.
Paul Cammish's avatar
Paul Cammish committed
4
5

# If theres no IPv4 address assigned...
6
if [ $( sympl-ip -a | grep -c '\.' ) == 0 ] || [ $( getent hosts ipv4only.arpa | grep -c ':' ) != 0 ] ; then
Paul Cammish's avatar
Paul Cammish committed
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
  if [[ $@ == *'--verbose'* ]]; then echo 'Applying IPv6 only workaround...'; fi

  # Do a DNS lookup for acme-v01.api.letsencrypt.org...
  ipv6=$( dig -t AAAA acme-v01.api.letsencrypt.org +short | grep ':' | head -n 1 )
  # ... and add it to /etc/hosts
  echo -e "$ipv6\facme-v01.api.letsencrypt.org # sympl-ssl workaround" >> /etc/hosts
  # run sympl-ssl with all the parameters passed
  /usr/sbin/sympl-ssl.rb $@
  # and then remove the line from /etc/hosts
  sed -i -n '/# sympl-ssl workaround/!p' /etc/hosts

  if [[ $@ == *'--verbose'* ]]; then echo 'Removed IPv6 only workaround'; fi
else
  # Just run it nomally...
  /usr/sbin/sympl-ssl.rb $@
fi