feat(vm201): wildcard *.roa auto-renew via cPanel DNS-01 hook

Fix expirare cert wildcard *.roa.romfast.ro (incident 2026-05-31):
renewal-ul era [Manual] DNS-01, nu rula din Scheduled Task -> 61 erori
-> expirat. Subdomeniile Dokploy (efactura.roa etc.) dadeau
ERR_CERT_DATE_INVALID.

- cpanel-acme-dns.ps1: hook win-ACME DNS-01 (cPanel UAPI mass_edit_zone,
  fallback ZoneEdit) care pune/sterge TXT _acme-challenge automat
- cpanel-dns.config.example.json: template (token-ul real e gitignored)
- monitor-ssl-certificates.sh: sentinel efactura.roa (wildcard) + alerta
  in loc de auto-renew prin guest-exec (dezactivat)
- README + doc cert: flux DNS-01 cPanel + acces OpenSSH VM 201

Renewal nou roa-wildcard-cpanel, auto, due 2026-08-19; vechiul [Manual]
anulat. Cert live valid pana 2026-09-23.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

This commit is contained in:

Claude Agent

2026-06-25 13:23:54 +00:00

parent e8d1889364

commit a41e9d81cf

6 changed files with 305 additions and 3 deletions

4

.gitignore vendored

View File

@@ -12,3 +12,7 @@ input/
 .vscode/
 *.swp
 *.swo
 # Secrets - real cPanel DNS hook config holds an API token (template is committed)
 cpanel-dns.config.json
 **/cpanel-dns.config.json

feat(vm201): wildcard *.roa auto-renew via cPanel DNS-01 hook

4 .gitignore vendored Unescape Escape View File

4

.gitignore vendored

View File