RuhNetConsulting
/
getssl
mirror of https://github.com/srvrco/getssl
1
0
Fork 0
Code Issues 0 Projects 0 Releases 51 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1116 Commits
14 Branches
15 MiB
 
 
 
 
 
 
Tree: df38d77ce5
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'df38d77ce5'
${ noResults }
getssl/dns_scripts/Yandex-README.md

2.4 KiB
Raw Blame History

Yandex DNS management via Yandex API

Requrements

  • JQ command-line JSON processor needed

Useful links

Yandex Auth parameters in domain config file

  1. Authorize in Your Yandex Account in web browser. You must have Administartor rights
  2. Get OrgId from Your Comapny Profile - https://admin.yandex.ru/company-profile (You have Your first important variable YANDEX_ORGID now!)
  3. Create Your new application for DNS management - https://oauth.yandex.ru/client/new/id
  4. Get ClientID for this application on application page
  5. Get OAuthToken for this application from URL https://oauth.yandex.ru/authorize?response_type=token&client_id=ClientID in authtorised browser where ClientID code from previous step. This is Your second secret variable YANDEX_OAUTH!
  6. Define this variables in domain config file
# Use the following 3 variables if you want to validate via DNS
VALIDATE_VIA_DNS="true"
DNS_ADD_COMMAND="/usr/share/getssl/dns_scripts/dns_yandex add"
DNS_DEL_COMMAND="/usr/share/getssl/dns_scripts/dns_yandex del"
DNS_WAIT="600" # Waiting 10 minutes. Very-very-very slow distrbution

# Yandex base DNS
AUTH_DNS_SERVER="77.88.8.8"

# Yandex Authentication credintals
export YANDEX_ORGID="<OrgId>"
export YANDEX_OAUTH="<OAuthToken>"

Manual run

  • /usr/share/getssl/dns_scripts/dns_yandex add domain.tld <token> - add <token> TXT _acme-challenge.domain.tld record

  • /usr/share/getssl/dns_scripts/dns_yandex add subdomain.domain.tld <token> - add <token> TXT _acme-challenge.subdomain.domain.tld record

  • /usr/share/getssl/dns_scripts/dns_yandex del domain.tld <token> - delete <token> TXT _acme-challenge.domain.tld record

  • /usr/share/getssl/dns_scripts/dns_yandex del subdomain.domain.tld <token> - delete <token> TXT _acme-challenge.subdomain.domain.tld record

  • /usr/share/getssl/dns_scripts/dns_yandex cleanup domain.tld - cleanup all dangling _acme-challenge records from DNS for <domain.tld>

  • /usr/share/getssl/dns_scripts/dns_yandex cleanup subdomain.domain.tld - cleanup all dangling _acme-challenge.subdomain records from DNS for <subdomain.domain.tld>

  • /usr/share/getssl/dns_scripts/dns_yandex cleanup [subdomain.]domain.tld <token> - cleanup all dangling _acme-challenge domain or subdomain records with <token>