From c3ec2b9291ff424ac216316fa90bf7f0ca3ae879 Mon Sep 17 00:00:00 2001
From: William Brawner <me@wbrawner.com>
Date: Sat, 30 Oct 2021 00:05:59 +0000
Subject: [PATCH] Initial commit

---
 Dockerfile |  6 ++++++
 README.md  | 13 +++++++++++++
 new-domain | 22 ++++++++++++++++++++++
 3 files changed, 41 insertions(+)
 create mode 100644 Dockerfile
 create mode 100644 README.md
 create mode 100755 new-domain

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..637363f
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,6 @@
+FROM certbot/dns-digitalocean:latest
+
+COPY new-domain /usr/bin/new-domain
+
+ENTRYPOINT /usr/sbin/crond -f
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..4e50d8d
--- /dev/null
+++ b/README.md
@@ -0,0 +1,13 @@
+# Certbot DigitalOcean
+
+This container wraps the dns-digitalocean certbot container with an additional
+script to help with requesting new domains: [new-domain](./new-domain).
+
+When using, make sure to mount the following folders:
+
+Mount|Note
+---|---
+`/etc/letsencrypt`|Used to store requested certs
+`/var/lib/letsencrypt`|Needed by LE
+`/root/digitalocean.ini`|Needed for authentication with DO
+
diff --git a/new-domain b/new-domain
new file mode 100755
index 0000000..f262dc8
--- /dev/null
+++ b/new-domain
@@ -0,0 +1,22 @@
+#!/usr/bin/env python3
+
+from os.path import exists
+import sys
+import subprocess
+
+ini_file = '/root/digitalocean.ini'
+if not exists(ini_file):
+    print("ERROR: digitalocean credentials not present at " + ini_file)
+
+cmd = ['certbot', 'certonly',
+        '--dns-digitalocean',
+        '--dns-digitalocean-credentials',
+        ini_file,
+        '--dns-digitalocean-propagation-seconds',
+        '90',
+        ]
+
+for domain in sys.argv[1:]:
+    cmd.extend(['-d', domain])
+
+print(run(cmd, stdout=PIPE, stderr=PIPE).stdout.decode('utf=8'))