sudo true

mkdir /opt/certbot
cd /opt/certbot || cat >&2
curl -OL https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

sudo ./certbot-auto

sudo -i

cd /etc/cron.weekly || cat >&2
cat > certbot <<EOF
#!/bin/sh
# $SUDO_USER $(date -uIs)
#
# Check Let's Encrypt certs and renew them eventually
#
exec /opt/certbot/certbot-auto renew --noninteractive \\
# last line
EOF

chmod +x certbot

exit

cd /etc/dnscachex/root/servers || cat >&2
dnsip $(host -t ns akamaiedge.net | cut -d " " -f 4) > akamaiedge.net

ORG_NS=`dnsq ns org a.root-servers.net|awk '/additional: .* A /{print $5;exit}'`
# Where letsencrypt.org is resolved
dnsq ns letsencrypt.org $ORG_NS

# Get akam.net nameservers
NET_NS=`dnsq ns net a.root-servers.net|awk '/additional: .* A /{print $5;exit}'`
AKAM_NS=`dnsq ns akam.net $NET_NS|awk '/additional: .* A /{print $5;exit}'`
dnsq ns letsencrypt.org $AKAM_NS|awk '/additional: .* A /{print $5}' > letsencrypt.org

LE_NS=$(head -1 letsencrypt.org)
# Where the update API server is pointed to (api.letsencrypt.org-ng.edgekey.net)
dnsq a acme-v02.api.letsencrypt.org $LE_NS

dnsq ns edgekey.net $NET_NS|awk '/additional: .* A /{print $5}' > edgekey.net

EK_NS=$(head -1 edgekey.net)
# Where the pointer is pointed to (e14990.dscx.akamaiedge.net)
dnsq a api.letsencrypt.org-ng.edgekey.net $EK_NS

dnsq ns akamaiedge.net $NET_NS|awk '/additional: .* A /{print $5}' > akamaiedge.net 

AE_NS=$(head -1 akamaiedge.net)

# Holdon, we must go for dscg.akamaiedge.net
dnsq a e14990.dscx.akamaiedge.net $AE_NS

dnsq ns dscx.akamaiedge.net $AE_NS|awk '/additional: .* A /{print $5}' > dscx.akamaiedge.net 
DAE_NS=$(head -1  dscx.akamaiedge.net)

# We got him
dnsq a e14990.dscx.akamaiedge.net $DAE_NS

# With only these workarounds
ls

sv restart dnscachex dnscache

# Let's test
dnsqr a acme-v02.api.letsencrypt.org