Skip to content

Commit 049e424

Browse files
chaptergychaptergy
committed
Adds special case for Route53
1 parent 07e78ae commit 049e424

File tree

2 files changed

+23
-4
lines changed

2 files changed

+23
-4
lines changed

backend/internal/certificate.js

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -792,20 +792,32 @@ const internalCertificate = {
792792
const credentials_cmd = 'echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
793793
const prepare_cmd = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version;
794794

795-
const main_cmd =
795+
// Whether the plugin has a --<name>-credentials argument
796+
const has_config_arg = certificate.meta.dns_provider !== 'route53';
797+
798+
let main_cmd =
796799
certbot_command + ' certonly --non-interactive ' +
797800
'--cert-name "npm-' + certificate.id + '" ' +
798801
'--agree-tos ' +
799802
'--email "' + certificate.meta.letsencrypt_email + '" ' +
800803
'--domains "' + certificate.domain_names.join(',') + '" ' +
801804
'--authenticator ' + dns_plugin.full_plugin_name + ' ' +
802-
'--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"' +
805+
(
806+
has_config_arg
807+
? '--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"'
808+
: ''
809+
) +
803810
(
804811
certificate.meta.propagation_seconds !== undefined
805812
? ' --' + dns_plugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds
806813
: ''
807814
) +
808815
(le_staging ? ' --staging' : '');
816+
817+
// Prepend the path to the credentials file as an environment variable
818+
if (certificate.meta.dns_provider === 'route53') {
819+
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd
820+
}
809821

810822
const teardown_cmd = `rm '${credentials_loc}'`;
811823

@@ -914,12 +926,17 @@ const internalCertificate = {
914926
const credentials_cmd = 'echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
915927
const prepare_cmd = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version;
916928

917-
const main_cmd =
929+
let main_cmd =
918930
certbot_command + ' renew --non-interactive ' +
919931
'--cert-name "npm-' + certificate.id + '" ' +
920932
'--disable-hook-validation' +
921933
(le_staging ? ' --staging' : '');
922934

935+
// Prepend the path to the credentials file as an environment variable
936+
if (certificate.meta.dns_provider === 'route53') {
937+
main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd
938+
}
939+
923940
const teardown_cmd = `rm '${credentials_loc}'`;
924941

925942
if (debug_mode) {

global/certbot-dns-plugins.js

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -235,7 +235,9 @@ dns_rfc2136_algorithm = HMAC-SHA512`,
235235
display_name: "Route 53 (Amazon)",
236236
package_name: "certbot-dns-route53",
237237
package_version: "1.8.0",
238-
credentials: false,
238+
credentials: `[default]
239+
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
240+
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY`,
239241
full_plugin_name: "dns-route53",
240242
},
241243
//####################################################//

0 commit comments

Comments
 (0)