network/roles/certbot_dns/templates/certbot-cleanup.j2

12 lines
255 B
Django/Jinja

#!/bin/sh
dns={{ dns[0] }}
ldap_user={{ lookup("passwordstore", "hosts/"~inventory_hostname, subkey="ldap_user") }}
kinit -k -t /etc/krb5.keytab "${ldap_user}"
nsupdate -g <<EOF
server ${dns}
update delete _acme-challenge.${CERTBOT_DOMAIN} TXT
send
EOF