From 1b0ef7ed5bbd5f39cecfc86bddf2e55a536ef109 Mon Sep 17 00:00:00 2001
From: Yann Hourdel <yann@hourdel.fr>
Date: Sun, 15 Apr 2018 19:22:28 +0200
Subject: [PATCH 1/5] Rebase on certbot image for latest version and use latest
 server to support wildcard domains

---
 Dockerfile          | 4 ++--
 bin/update-certs.sh | 1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index bc43a37..be07adf 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
-FROM alpine:latest
+FROM certbot/certbot:latest
 
 RUN apk add --update \
-	certbot curl && \
+	curl && \
 	rm -rf /var/cache/apk/*
 
 VOLUME /etc/letsencrypt
diff --git a/bin/update-certs.sh b/bin/update-certs.sh
index ba37fe3..f35e936 100755
--- a/bin/update-certs.sh
+++ b/bin/update-certs.sh
@@ -15,6 +15,7 @@ while true; do
 		--post-hook reload-nginx.sh \
 		--email "$EMAIL" \
 		-d "$DOMAINS" \
+		--server https://acme-v02.api.letsencrypt.org/directory
 		"$@"
 
 	sleep 5d

From 40b902625baa901d5a01b1c1c3a3e9c8a2f258ed Mon Sep 17 00:00:00 2001
From: Yann Hourdel <yann@hourdel.fr>
Date: Sun, 15 Apr 2018 19:39:31 +0200
Subject: [PATCH 2/5] Allow environment variables to be passed elsewhere

---
 bin/update-certs.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/update-certs.sh b/bin/update-certs.sh
index f35e936..db2421c 100755
--- a/bin/update-certs.sh
+++ b/bin/update-certs.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-. /etc/update-certs/config
+[[ -f /etc/update-certs/config ]] && . /etc/update-certs/config
 
 while true; do
 	certbot certonly --manual \

From 9cf7efa6eae3434b4e51149b56d9ea6d0471898a Mon Sep 17 00:00:00 2001
From: PiflY <juliendussart.fr@gmail.com>
Date: Mon, 16 Apr 2018 10:30:55 +0200
Subject: [PATCH 3/5] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c0568bf..0259cd5 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 docker-letsencrypt-gandi
 ========================
 
-This container generates [LetsEncrypt](https://www.letsencrypt.org) certificates for subdomains at [Gandi](https://www.gandi.net) using the DNS-01 challange type and Gandi's new LiveDNS API. It can also send a SIGHUP signal to a [Nginx container](https://store.docker.com/images/nginx) which tells it to reload its certificates.
+This container generates [LetsEncrypt](https://www.letsencrypt.org) certificates for subdomains at [Gandi](https://www.gandi.net) using the DNS-01 challenge type and Gandi's new LiveDNS API. It can also send a SIGHUP signal to a [Nginx container](https://store.docker.com/images/nginx) which tells it to reload its certificates.
 
 This image is based on Alpine and uses [Certbot](https://certbot.eff.org/) to communicate with Letsencrypt.
 

From c6e7d513ee71ae6cb94b6ccddf344db85be0492b Mon Sep 17 00:00:00 2001
From: Yann Hourdel <yann@hourdel.fr>
Date: Mon, 16 Apr 2018 19:40:44 +0200
Subject: [PATCH 4/5] allow root wildcard certificates

---
 bin/authenticate.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bin/authenticate.sh b/bin/authenticate.sh
index f2f5c29..520b81c 100755
--- a/bin/authenticate.sh
+++ b/bin/authenticate.sh
@@ -5,10 +5,16 @@ api='https://dns.api.gandi.net/api/v5'
 domain=$(echo "$CERTBOT_DOMAIN" | sed -r 's/.+\.(.+\..+)/\1/')
 subdomain=$(echo "$CERTBOT_DOMAIN" | sed -r 's/(.+)\..+\..+/\1/')
 
+if [ $subdomain == $domain ]; then
+  record_name="_acme-challenge"
+else
+  record_name="_acme-challenge.$subdomain"
+fi
+
 curl -s -X POST \
 	-H 'Content-Type: application/json' \
 	-H "X-Api-Key: $GANDI_API_KEY" \
-	-d "{\"rrset_name\": \"_acme-challenge.$subdomain\",
+	-d "{\"rrset_name\": \"$record_name\",
 	     \"rrset_type\": \"TXT\",
 	     \"rrset_ttl\": 300,
 	     \"rrset_values\": [\"$CERTBOT_VALIDATION\"]}" \

From d83c1859db7900a77ee6ac76542fc8d0b15fde11 Mon Sep 17 00:00:00 2001
From: Yann Hourdel <yann@hourdel.fr>
Date: Mon, 16 Apr 2018 19:48:09 +0200
Subject: [PATCH 5/5] fix cleanup script too

---
 bin/cleanup.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bin/cleanup.sh b/bin/cleanup.sh
index 78204ad..b9895a6 100755
--- a/bin/cleanup.sh
+++ b/bin/cleanup.sh
@@ -5,7 +5,13 @@ api='https://dns.api.gandi.net/api/v5'
 domain=$(echo "$CERTBOT_DOMAIN" | sed -r 's/.+\.(.+\..+)/\1/')
 subdomain=$(echo "$CERTBOT_DOMAIN" | sed -r 's/(.+)\..+\..+/\1/')
 
+if [ $subdomain == $domain ]; then
+  record_name="_acme-challenge"
+else
+  record_name="_acme-challenge.$subdomain"
+fi
+
 curl -s -X DELETE \
 	-H 'Content-Type: application/json' \
 	-H "X-Api-Key: $GANDI_API_KEY" \
-	"$api/domains/$domain/records/_acme-challenge.$subdomain/TXT" >&2
+	"$api/domains/$domain/records/$record_name/TXT" >&2