=== BookMyName hooks for LE-Certbot ===

The following **crude** scripts can be used as hooks to authenticate domains hosted by [[https://www.bookmyname.com|BookMyName]] (super cheap domains) using DNS challenges with this initial [[https://certbot.eff.org/|certbot]] command:

<code>
certbot certonly --manual --preferred-challenges=dns --manual-auth-hook /path/to/bmn-JXXXXX-auth.sh --manual-cleanup-hook /path/to/bmn-AAXXXX-cleanup.sh -d yourdomain.com -d *.yourdomain.com
</code>

BMN has a pseudo API, though it's slow as hell to update (~15/20 minutes)

Obviously: place files where only your certbot runs, lock them down to be read only by whatever user runs your certonly/renew commands, often root, and change the BMN_USER/PASS variables

Feel free to have the cleanup script loop through a ''dig _acme-challenge.$DOMAIN TXT +short | tr -d "\"" '' and clean each entry, if entries get stranded, the answer would end up to long to validate a cert request

<file bash bmn-JXXXXX-auth.sh>
#!/bin/bash

# public DNS servers might be less sticky than ISP ones
DNSSERVER="8.8.8.8"

BMN_USER="JXXXXX-FREE"
BMN_PASS="plikplok"

DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')

# Bare TLD gets written off
if [[ $DOMAIN == "" ]]
then
  DOMAIN=$CERTBOT_DOMAIN
fi

echo "All Domains for this cert: $CERTBOT_ALL_DOMAINS"
echo "Remaing Challenges for this cert: $CERTBOT_REMAINING_CHALLENGES"
echo "Challenging Domain: $DOMAIN"

curl -s -u $BMN_USER:$BMN_PASS "https://www.bookmyname.com/dyndns/?hostname=_acme-challenge.$DOMAIN&type=txt&ttl=300&do=add&value=\"$CERTBOT_VALIDATION\""

loopcount=0
while true
do
  if [[ $loopcount == 40 ]]
  then
    echo "Failed to validate :-("
    exit 1
  fi

  ((loopcount=loopcount+1))
  echo -n "Try number $loopcount ..."
  recordset=$(dig @$DNSSERVER _acme-challenge.$DOMAIN TXT +short | tr -d "\""  | grep "$CERTBOT_VALIDATION")
  echo -n "Found '$recordset' ..."
  if [[ $recordset == $CERTBOT_VALIDATION ]]
  then
    echo "GOOD!"
    sleep 10s
    exit 0
  else
    echo "Having a nap..."
    sleep 1m
  fi
done
</file>

<file bash bmn-JXXXXX-cleanup.sh>
#!/bin/bash

BMN_USER="JXXXXX-FREE"
BMN_PASS="plikplok"

DOMAIN=$(expr match "$CERTBOT_DOMAIN" '.*\.\(.*\..*\)')

if [[ $DOMAIN == "" ]]
then
  DOMAIN=$CERTBOT_DOMAIN
fi

echo Domain: $DOMAIN
curl -s -u $BMN_USER:$BMN_PASS "https://www.bookmyname.com/dyndns/?hostname=_acme-challenge.$DOMAIN&type=txt&ttl=300&do=remove&value=\"$CERTBOT_VALIDATION\""
exit 0

</file>