dns-rfc2136 python module updater

certbot-dns-rfc2136.sh

#!/bin/bash
# If you use certbot auto renawal with DNS validation you need exact version of dns-rfc2136 python module with certbot.
# This script simply updates dns-rfc2136 python module with pip ACCORDING TO CERTBOT VERSION to prevent breaking certificate renew automations if needed.
# Even you have fully updated system in some linux distros there may be version mismatch beetween these two packages.Then you get parse errors probably.
# This script rely on pip instead of package manager! If your distro repository has certbot-dns-rfc2136 package and already installed using pip can break things.
# One possible solution could be masking certbot-dns-rfc2136 updates from your package manager and rely on this script(pip). 
# But this could also break other packages that depends certbot-dns-rfc2136. This depends which linux distro runs on your system. Be careful.
# Crontab:
# 0 4 * * * /path/scripts/certbot-dns-rfc2136.sh >/dev/null 2>&1

# Adjust mail options:
mail_to="[email protected]"
mail_from="From: Gentoo System <[email protected]>"
mail_subject="ATTENTION! dns-rfc2136 | certbot version mismatch detected"

# Check pip first.
if ! command -v pip >/dev/null 2>&1; then
        exit 0
fi

# For gentoo we need --user parameter for pip.
if grep -q gentoo /etc/os-release; then
        parameter="--user"
        else
                parameter=" "
fi

# Check current package versions.
version() {
        rfc2136_ver=$(pip show certbot-dns-rfc2136 | grep "Version" | awk '{print $2}')
        certbot_ver=$(certbot --version | awk '{print $2}')
}

# Take action to fix version mismatch if exist.
version
if [[ $rfc2136_ver != $certbot_ver ]]; then
        pip install $parameter certbot-dns-rfc2136==$certbot_ver
        else
                echo "Versions matched!"
fi

# Notify system admin.
version
if [[ $rfc2136_ver != $certbot_ver ]]; then
         echo "Manual actions needed!" | mail -s "$mail_subject" -a "$mail_from" "$mail_to"
fi