Bash script to keep up-to-date with free certs from letsencrypt.org
Assumptions:
/etc/bind/acme.key
The script is meant to be installed in /usr/local/sbin/newcert
.
In theory, this could be done without a subdomain, but I don't like what dynamic DNS does to my zone files. So, I decided to localize the mess to a tiny zone with no other purpose. It also lets me set the TTL absurdly low without affecting real zones.