From 049e4249570fe629b0ddf46ca2bccde82e48a392 Mon Sep 17 00:00:00 2001
From: chaptergy <26956711+chaptergy@users.noreply.github.com>
Date: Wed, 14 Oct 2020 09:20:52 +0200
Subject: [PATCH] Adds special case for Route53

---
 backend/internal/certificate.js | 23 ++++++++++++++++++++---
 global/certbot-dns-plugins.js   |  4 +++-
 2 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/backend/internal/certificate.js b/backend/internal/certificate.js
index 98e5274..06b0990 100644
--- a/backend/internal/certificate.js
+++ b/backend/internal/certificate.js
@@ -792,20 +792,32 @@ const internalCertificate = {
 		const credentials_cmd = 'echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
 		const prepare_cmd     = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version;
 
-		const main_cmd = 
+		// Whether the plugin has a --<name>-credentials argument
+		const has_config_arg = certificate.meta.dns_provider !== 'route53';
+
+		let main_cmd = 
 			certbot_command + ' certonly --non-interactive ' +
 			'--cert-name "npm-' + certificate.id + '" ' +
 			'--agree-tos ' +
 			'--email "' + certificate.meta.letsencrypt_email + '" ' +			
 			'--domains "' + certificate.domain_names.join(',') + '" ' +
 			'--authenticator ' + dns_plugin.full_plugin_name + ' ' +
-			'--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"' +
+			(
+				has_config_arg 
+					? '--' + dns_plugin.full_plugin_name + '-credentials "' + credentials_loc + '"' 
+					: ''
+			) +
 			(
 				certificate.meta.propagation_seconds !== undefined 
 					? ' --' + dns_plugin.full_plugin_name + '-propagation-seconds ' + certificate.meta.propagation_seconds 
 					: ''
 			) +
 			(le_staging ? ' --staging' : '');
+
+			// Prepend the path to the credentials file as an environment variable
+			if (certificate.meta.dns_provider === 'route53') {
+				main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd
+			}
 		
 		const teardown_cmd = `rm '${credentials_loc}'`;
 
@@ -914,12 +926,17 @@ const internalCertificate = {
 		const credentials_cmd = 'echo \'' + certificate.meta.dns_provider_credentials.replace('\'', '\\\'') + '\' > \'' + credentials_loc + '\' && chmod 600 \'' + credentials_loc + '\'';
 		const prepare_cmd     = 'pip3 install ' + dns_plugin.package_name + '==' + dns_plugin.package_version;
 
-		const main_cmd =
+		let main_cmd = 
 			certbot_command + ' renew --non-interactive ' +
 			'--cert-name "npm-' + certificate.id + '" ' +
 			'--disable-hook-validation' +
 			(le_staging ? ' --staging' : '');
 
+		// Prepend the path to the credentials file as an environment variable
+		if (certificate.meta.dns_provider === 'route53') {
+			main_cmd = 'AWS_CONFIG_FILE=\'' + credentials_loc + '\' ' + main_cmd
+		}
+
 		const teardown_cmd = `rm '${credentials_loc}'`;
 
 		if (debug_mode) {
diff --git a/global/certbot-dns-plugins.js b/global/certbot-dns-plugins.js
index a0a5c9a..724a339 100644
--- a/global/certbot-dns-plugins.js
+++ b/global/certbot-dns-plugins.js
@@ -235,7 +235,9 @@ dns_rfc2136_algorithm = HMAC-SHA512`,
     display_name: "Route 53 (Amazon)",
     package_name: "certbot-dns-route53",
     package_version: "1.8.0",
-    credentials: false,
+    credentials: `[default]
+aws_access_key_id=AKIAIOSFODNN7EXAMPLE
+aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY`,
     full_plugin_name: "dns-route53",
   },
   //####################################################//