Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5534 Commits
8 Branches
42 Tags
22 MiB
Tree: 1d59d43286
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1d59d43286'
${ noResults }
acme.sh/dnsapi/dns_conoha.sh

264 lines
8.3 KiB
Raw Normal View History

Add support ConoHa DNS API
6 years ago
DNS provider API: structured description Instead of using comments declare info in a special variable. Then the variable can be used to print the DNS API provider usage. The usage can be parsed on UI and show all needed inputs for options. The info is stored in plain string that it's both human-readable and easy to parse: dns_example_info='API name An extended description. Multiline. Domains: list of alternative domains to find Site: the dns provider website e.g. example.com Docs: Link to ACME.sh wiki for the provider Options: VARIABLE1 Title for the option1. VARIABLE2 Title for the option2. Default "default value". VARIABLE3 Title for the option3. Description to show on UI. Optional. Issues: Link to a support ticket on https://github.com/acmesh-official/acme.sh Author: First Lastname <authoremail@example.com>, Another Author <https://github.com/example>; ' Here: VARIABLE1 will be required. VARIABLE2 will be required too but will be populated with a "default value". VARIABLE3 is optional and can be empty. A DNS provider may have alternative options like CloudFlare may use API KEY or API Token. You can use a second section OptionsAlt: section. Some providers may have alternative names or domains e.g. Aliyun and AlibabaCloud. Add them to Domains: section. Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
10 months ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
fix shfmt
4 years ago
Add support ConoHa DNS API
6 years ago
fix indent
6 years ago
Add support ConoHa DNS API
6 years ago
cleanup
6 years ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
  1. #!/usr/bin/env sh
  2. # shellcheck disable=SC2034
  3. dns_conoha_info='ConoHa.jp
  4. Domains: ConoHa.io
  5. Site: ConoHa.jp
  6. Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_conoha
  7. Options:
  8. CONOHA_Username Username
  9. CONOHA_Password Password
  10. CONOHA_TenantId TenantId
  11. CONOHA_IdentityServiceApi Identity Service API. E.g. "https://identity.xxxx.conoha.io/v2.0"
  12. '
  14. CONOHA_DNS_EP_PREFIX_REGEXP="https://dns-service\."
  16. ######## Public functions #####################
  18. #Usage: dns_conoha_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  19. dns_conoha_add() {
  20. fulldomain=$1
  21. txtvalue=$2
  22. _info "Using conoha"
  23. _debug fulldomain "$fulldomain"
  24. _debug txtvalue "$txtvalue"
  26. _debug "Check uesrname and password"
  27. CONOHA_Username="${CONOHA_Username:-$(_readaccountconf_mutable CONOHA_Username)}"
  28. CONOHA_Password="${CONOHA_Password:-$(_readaccountconf_mutable CONOHA_Password)}"
  29. CONOHA_TenantId="${CONOHA_TenantId:-$(_readaccountconf_mutable CONOHA_TenantId)}"
  30. CONOHA_IdentityServiceApi="${CONOHA_IdentityServiceApi:-$(_readaccountconf_mutable CONOHA_IdentityServiceApi)}"
  31. if [ -z "$CONOHA_Username" ] || [ -z "$CONOHA_Password" ] || [ -z "$CONOHA_TenantId" ] || [ -z "$CONOHA_IdentityServiceApi" ]; then
  32. CONOHA_Username=""
  33. CONOHA_Password=""
  34. CONOHA_TenantId=""
  35. CONOHA_IdentityServiceApi=""
  36. _err "You didn't specify a conoha api username and password yet."
  37. _err "Please create the user and try again."
  38. return 1
  39. fi
  41. _saveaccountconf_mutable CONOHA_Username "$CONOHA_Username"
  42. _saveaccountconf_mutable CONOHA_Password "$CONOHA_Password"
  43. _saveaccountconf_mutable CONOHA_TenantId "$CONOHA_TenantId"
  44. _saveaccountconf_mutable CONOHA_IdentityServiceApi "$CONOHA_IdentityServiceApi"
  46. if token="$(_conoha_get_accesstoken "$CONOHA_IdentityServiceApi/tokens" "$CONOHA_Username" "$CONOHA_Password" "$CONOHA_TenantId")"; then
  47. accesstoken="$(printf "%s" "$token" | sed -n 1p)"
  48. CONOHA_Api="$(printf "%s" "$token" | sed -n 2p)"
  49. else
  50. return 1
  51. fi
  53. _debug "First detect the root zone"
  54. if ! _get_root "$fulldomain" "$CONOHA_Api" "$accesstoken"; then
  55. _err "invalid domain"
  56. return 1
  57. fi
  58. _debug _domain_id "$_domain_id"
  59. _debug _sub_domain "$_sub_domain"
  60. _debug _domain "$_domain"
  62. _info "Adding record"
  63. body="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"data\":\"$txtvalue\",\"ttl\":60}"
  64. if _conoha_rest POST "$CONOHA_Api/v1/domains/$_domain_id/records" "$body" "$accesstoken"; then
  65. if _contains "$response" '"data":"'"$txtvalue"'"'; then
  66. _info "Added, OK"
  67. return 0
  68. else
  69. _err "Add txt record error."
  70. return 1
  71. fi
  72. fi
  74. _err "Add txt record error."
  75. return 1
  76. }
  78. #Usage: fulldomain txtvalue
  79. #Remove the txt record after validation.
  80. dns_conoha_rm() {
  81. fulldomain=$1
  82. txtvalue=$2
  83. _info "Using conoha"
  84. _debug fulldomain "$fulldomain"
  85. _debug txtvalue "$txtvalue"
  87. _debug "Check uesrname and password"
  88. CONOHA_Username="${CONOHA_Username:-$(_readaccountconf_mutable CONOHA_Username)}"
  89. CONOHA_Password="${CONOHA_Password:-$(_readaccountconf_mutable CONOHA_Password)}"
  90. CONOHA_TenantId="${CONOHA_TenantId:-$(_readaccountconf_mutable CONOHA_TenantId)}"
  91. CONOHA_IdentityServiceApi="${CONOHA_IdentityServiceApi:-$(_readaccountconf_mutable CONOHA_IdentityServiceApi)}"
  92. if [ -z "$CONOHA_Username" ] || [ -z "$CONOHA_Password" ] || [ -z "$CONOHA_TenantId" ] || [ -z "$CONOHA_IdentityServiceApi" ]; then
  93. CONOHA_Username=""
  94. CONOHA_Password=""
  95. CONOHA_TenantId=""
  96. CONOHA_IdentityServiceApi=""
  97. _err "You didn't specify a conoha api username and password yet."
  98. _err "Please create the user and try again."
  99. return 1
  100. fi
  102. _saveaccountconf_mutable CONOHA_Username "$CONOHA_Username"
  103. _saveaccountconf_mutable CONOHA_Password "$CONOHA_Password"
  104. _saveaccountconf_mutable CONOHA_TenantId "$CONOHA_TenantId"
  105. _saveaccountconf_mutable CONOHA_IdentityServiceApi "$CONOHA_IdentityServiceApi"
  107. if token="$(_conoha_get_accesstoken "$CONOHA_IdentityServiceApi/tokens" "$CONOHA_Username" "$CONOHA_Password" "$CONOHA_TenantId")"; then
  108. accesstoken="$(printf "%s" "$token" | sed -n 1p)"
  109. CONOHA_Api="$(printf "%s" "$token" | sed -n 2p)"
  110. else
  111. return 1
  112. fi
  114. _debug "First detect the root zone"
  115. if ! _get_root "$fulldomain" "$CONOHA_Api" "$accesstoken"; then
  116. _err "invalid domain"
  117. return 1
  118. fi
  119. _debug _domain_id "$_domain_id"
  120. _debug _sub_domain "$_sub_domain"
  121. _debug _domain "$_domain"
  123. _debug "Getting txt records"
  124. if ! _conoha_rest GET "$CONOHA_Api/v1/domains/$_domain_id/records" "" "$accesstoken"; then
  125. _err "Error"
  126. return 1
  127. fi
  129. record_id=$(printf "%s" "$response" | _egrep_o '{[^}]*}' |
  130. grep '"type":"TXT"' | grep "\"data\":\"$txtvalue\"" | _egrep_o "\"id\":\"[^\"]*\"" |
  131. _head_n 1 | cut -d : -f 2 | tr -d \")
  132. if [ -z "$record_id" ]; then
  133. _err "Can not get record id to remove."
  134. return 1
  135. fi
  136. _debug record_id "$record_id"
  138. _info "Removing the txt record"
  139. if ! _conoha_rest DELETE "$CONOHA_Api/v1/domains/$_domain_id/records/$record_id" "" "$accesstoken"; then
  140. _err "Delete record error."
  141. return 1
  142. fi
  144. return 0
  145. }
  147. #################### Private functions below ##################################
  149. _conoha_rest() {
  150. m="$1"
  151. ep="$2"
  152. data="$3"
  153. accesstoken="$4"
  155. export _H1="Accept: application/json"
  156. export _H2="Content-Type: application/json"
  157. if [ -n "$accesstoken" ]; then
  158. export _H3="X-Auth-Token: $accesstoken"
  159. fi
  161. _debug "$ep"
  162. if [ "$m" != "GET" ]; then
  163. _secure_debug2 data "$data"
  164. response="$(_post "$data" "$ep" "" "$m")"
  165. else
  166. response="$(_get "$ep")"
  167. fi
  168. _ret="$?"
  169. _secure_debug2 response "$response"
  170. if [ "$_ret" != "0" ]; then
  171. _err "error $ep"
  172. return 1
  173. fi
  175. response="$(printf "%s" "$response" | _normalizeJson)"
  176. return 0
  177. }
  179. _conoha_get_accesstoken() {
  180. ep="$1"
  181. username="$2"
  182. password="$3"
  183. tenantId="$4"
  185. accesstoken="$(_readaccountconf_mutable conoha_accesstoken)"
  186. expires="$(_readaccountconf_mutable conoha_tokenvalidto)"
  187. CONOHA_Api="$(_readaccountconf_mutable conoha_dns_ep)"
  189. # can we reuse the access token?
  190. if [ -n "$accesstoken" ] && [ -n "$expires" ] && [ -n "$CONOHA_Api" ]; then
  191. utc_date="$(_utc_date | sed "s/ /T/")"
  192. if expr "$utc_date" "<" "$expires" >/dev/null; then
  193. # access token is still valid - reuse it
  194. _debug "reusing access token"
  195. printf "%s\n%s\n" "$accesstoken" "$CONOHA_Api"
  196. return 0
  197. else
  198. _debug "access token expired"
  199. fi
  200. fi
  201. _debug "getting new access token"
  203. body="$(printf '{"auth":{"passwordCredentials":{"username":"%s","password":"%s"},"tenantId":"%s"}}' "$username" "$password" "$tenantId")"
  204. if ! _conoha_rest POST "$ep" "$body" ""; then
  205. _err error "$response"
  206. return 1
  207. fi
  208. accesstoken=$(printf "%s" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | _head_n 1 | cut -d : -f 2 | tr -d \")
  209. expires=$(printf "%s" "$response" | _egrep_o "\"expires\":\"[^\"]*\"" | _head_n 1 | cut -d : -f 2-4 | tr -d \" | tr -d Z) #expect UTC
  210. if [ -z "$accesstoken" ] || [ -z "$expires" ]; then
  211. _err "no acccess token received. Check your Conoha settings see $WIKI"
  212. return 1
  213. fi
  214. _saveaccountconf_mutable conoha_accesstoken "$accesstoken"
  215. _saveaccountconf_mutable conoha_tokenvalidto "$expires"
  217. CONOHA_Api=$(printf "%s" "$response" | _egrep_o 'publicURL":"'"$CONOHA_DNS_EP_PREFIX_REGEXP"'[^"]*"' | _head_n 1 | cut -d : -f 2-3 | tr -d \")
  218. if [ -z "$CONOHA_Api" ]; then
  219. _err "failed to get conoha dns endpoint url"
  220. return 1
  221. fi
  222. _saveaccountconf_mutable conoha_dns_ep "$CONOHA_Api"
  224. printf "%s\n%s\n" "$accesstoken" "$CONOHA_Api"
  225. return 0
  226. }
  228. #_acme-challenge.www.domain.com
  229. #returns
  230. # _sub_domain=_acme-challenge.www
  231. # _domain=domain.com
  232. # _domain_id=sdjkglgdfewsdfg
  233. _get_root() {
  234. domain="$1"
  235. ep="$2"
  236. accesstoken="$3"
  237. i=2
  238. p=1
  239. while true; do
  240. h=$(printf "%s" "$domain" | cut -d . -f $i-100).
  241. _debug h "$h"
  242. if [ -z "$h" ]; then
  243. #not valid
  244. return 1
  245. fi
  247. if ! _conoha_rest GET "$ep/v1/domains?name=$h" "" "$accesstoken"; then
  248. return 1
  249. fi
  251. if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
  252. _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | head -n 1 | cut -d : -f 2 | tr -d \")
  253. if [ "$_domain_id" ]; then
  254. _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
  255. _domain=$h
  256. return 0
  257. fi
  258. return 1
  259. fi
  260. p=$i
  261. i=$(_math "$i" + 1)
  262. done
  263. return 1
  264. }