dns-wildcard-cert/entrypoint.sh

#!/bin/bash
set -e

# Default values
EMAIL="${EMAIL:-}"
DOMAINS="${DOMAINS:-}"
DNS_ADDRESS="${DNS_ADDRESS:-0.0.0.0}"
DNS_IPV6_ADDRESS="${DNS_IPV6_ADDRESS:-::}"
DNS_PORT="${DNS_PORT:-53}"
STAGING="${STAGING:-false}"
DRY_RUN="${DRY_RUN:-false}"

# Validate required environment variables
if [ -z "$EMAIL" ]; then
    echo "ERROR: EMAIL environment variable is required"
    echo "Usage: docker run -e EMAIL=you@example.com -e DOMAINS='-d example.com -d *.example.com' ..."
    exit 1
fi

if [ -z "$DOMAINS" ]; then
    echo "ERROR: DOMAINS environment variable is required"
    echo "Usage: docker run -e EMAIL=you@example.com -e DOMAINS='-d example.com -d *.example.com' ..."
    exit 1
fi

# Build certbot command
CMD="certbot --non-interactive --agree-tos --email ${EMAIL} certonly"
CMD="${CMD} --authenticator dns-standalone"
CMD="${CMD} --dns-standalone-address=${DNS_ADDRESS}"
CMD="${CMD} --dns-standalone-ipv6-address=${DNS_IPV6_ADDRESS}"
CMD="${CMD} --dns-standalone-port=${DNS_PORT}"

# Add staging flag if requested (useful for testing)
if [ "$STAGING" = "true" ]; then
    CMD="${CMD} --staging"
fi

# Add dry-run flag if requested
if [ "$DRY_RUN" = "true" ]; then
    CMD="${CMD} --dry-run"
fi

# Add domains
CMD="${CMD} ${DOMAINS}"

echo "Running: ${CMD}"
exec ${CMD}