This short bash script creates a function called letsverify_dns, which looks up the NS records for a domain using whois. All Name Servers then get querried for the _acme-challenge token/validation-code, and we don’t return until all the servers return the correct auth token.
I was using this to test my DNS and make sure that it was updating correctly.
DNS_VALIDATION_CODE=abc123potato
DNS_DOMAIN=example.com
DNS_TYPE=TXT
DNS_RECORD=_acme-challenge.$DNS_DOMAIN
letsverify_dns() {
ar_SERVERS=($(dig +short -t NS $DNS_DOMAIN))
echo "Start at: $(date)"
while [[ "${#ar_SERVERS[@]}" -gt 0 ]] ; do
for E in ${!ar_SERVERS[@]} ; do
S=${ar_SERVERS[E]}
if ( dig +short -t $DNS_TYPE $DNS_RECORD @$S | egrep "^\"$DNS_VALIDATION_CODE\"" ) &> /dev/null ; then
echo "Server '$S' verified at: $(date)"
unset -v ar_SERVERS[E]
fi
done ; unset E S
if [[ "${#ar_SERVERS[@]}" -gt 0 ]] ; then
echo "Number of servers remaining: ${#ar_SERVERS[@]}. Still waiting on: ${ar_SERVERS[@]}"
fi
sleep 1
done
echo "Done at: $(date)"
}
letsverify_dns
Maybe this comes in handy for someone.