Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5389 Commits
8 Branches
42 Tags
22 MiB
Tree: 30f1bae542
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '30f1bae542'
${ noResults }
acme.sh/dnsapi/dns_conoha.sh

253 lines
8.0 KiB
Raw Normal View History

Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
fix shfmt
4 years ago
Add support ConoHa DNS API
6 years ago
fix indent
6 years ago
Add support ConoHa DNS API
6 years ago
cleanup
6 years ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
avoid "SC2046: Quote this to prevent word splitting." Travis CI error.
6 years ago
Add support ConoHa DNS API
6 years ago
  1. #!/usr/bin/env sh
  3. CONOHA_DNS_EP_PREFIX_REGEXP="https://dns-service\."
  5. ######## Public functions #####################
  7. #Usage: dns_conoha_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  8. dns_conoha_add() {
  9. fulldomain=$1
  10. txtvalue=$2
  11. _info "Using conoha"
  12. _debug fulldomain "$fulldomain"
  13. _debug txtvalue "$txtvalue"
  15. _debug "Check uesrname and password"
  16. CONOHA_Username="${CONOHA_Username:-$(_readaccountconf_mutable CONOHA_Username)}"
  17. CONOHA_Password="${CONOHA_Password:-$(_readaccountconf_mutable CONOHA_Password)}"
  18. CONOHA_TenantId="${CONOHA_TenantId:-$(_readaccountconf_mutable CONOHA_TenantId)}"
  19. CONOHA_IdentityServiceApi="${CONOHA_IdentityServiceApi:-$(_readaccountconf_mutable CONOHA_IdentityServiceApi)}"
  20. if [ -z "$CONOHA_Username" ] || [ -z "$CONOHA_Password" ] || [ -z "$CONOHA_TenantId" ] || [ -z "$CONOHA_IdentityServiceApi" ]; then
  21. CONOHA_Username=""
  22. CONOHA_Password=""
  23. CONOHA_TenantId=""
  24. CONOHA_IdentityServiceApi=""
  25. _err "You didn't specify a conoha api username and password yet."
  26. _err "Please create the user and try again."
  27. return 1
  28. fi
  30. _saveaccountconf_mutable CONOHA_Username "$CONOHA_Username"
  31. _saveaccountconf_mutable CONOHA_Password "$CONOHA_Password"
  32. _saveaccountconf_mutable CONOHA_TenantId "$CONOHA_TenantId"
  33. _saveaccountconf_mutable CONOHA_IdentityServiceApi "$CONOHA_IdentityServiceApi"
  35. if token="$(_conoha_get_accesstoken "$CONOHA_IdentityServiceApi/tokens" "$CONOHA_Username" "$CONOHA_Password" "$CONOHA_TenantId")"; then
  36. accesstoken="$(printf "%s" "$token" | sed -n 1p)"
  37. CONOHA_Api="$(printf "%s" "$token" | sed -n 2p)"
  38. else
  39. return 1
  40. fi
  42. _debug "First detect the root zone"
  43. if ! _get_root "$fulldomain" "$CONOHA_Api" "$accesstoken"; then
  44. _err "invalid domain"
  45. return 1
  46. fi
  47. _debug _domain_id "$_domain_id"
  48. _debug _sub_domain "$_sub_domain"
  49. _debug _domain "$_domain"
  51. _info "Adding record"
  52. body="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"data\":\"$txtvalue\",\"ttl\":60}"
  53. if _conoha_rest POST "$CONOHA_Api/v1/domains/$_domain_id/records" "$body" "$accesstoken"; then
  54. if _contains "$response" '"data":"'"$txtvalue"'"'; then
  55. _info "Added, OK"
  56. return 0
  57. else
  58. _err "Add txt record error."
  59. return 1
  60. fi
  61. fi
  63. _err "Add txt record error."
  64. return 1
  65. }
  67. #Usage: fulldomain txtvalue
  68. #Remove the txt record after validation.
  69. dns_conoha_rm() {
  70. fulldomain=$1
  71. txtvalue=$2
  72. _info "Using conoha"
  73. _debug fulldomain "$fulldomain"
  74. _debug txtvalue "$txtvalue"
  76. _debug "Check uesrname and password"
  77. CONOHA_Username="${CONOHA_Username:-$(_readaccountconf_mutable CONOHA_Username)}"
  78. CONOHA_Password="${CONOHA_Password:-$(_readaccountconf_mutable CONOHA_Password)}"
  79. CONOHA_TenantId="${CONOHA_TenantId:-$(_readaccountconf_mutable CONOHA_TenantId)}"
  80. CONOHA_IdentityServiceApi="${CONOHA_IdentityServiceApi:-$(_readaccountconf_mutable CONOHA_IdentityServiceApi)}"
  81. if [ -z "$CONOHA_Username" ] || [ -z "$CONOHA_Password" ] || [ -z "$CONOHA_TenantId" ] || [ -z "$CONOHA_IdentityServiceApi" ]; then
  82. CONOHA_Username=""
  83. CONOHA_Password=""
  84. CONOHA_TenantId=""
  85. CONOHA_IdentityServiceApi=""
  86. _err "You didn't specify a conoha api username and password yet."
  87. _err "Please create the user and try again."
  88. return 1
  89. fi
  91. _saveaccountconf_mutable CONOHA_Username "$CONOHA_Username"
  92. _saveaccountconf_mutable CONOHA_Password "$CONOHA_Password"
  93. _saveaccountconf_mutable CONOHA_TenantId "$CONOHA_TenantId"
  94. _saveaccountconf_mutable CONOHA_IdentityServiceApi "$CONOHA_IdentityServiceApi"
  96. if token="$(_conoha_get_accesstoken "$CONOHA_IdentityServiceApi/tokens" "$CONOHA_Username" "$CONOHA_Password" "$CONOHA_TenantId")"; then
  97. accesstoken="$(printf "%s" "$token" | sed -n 1p)"
  98. CONOHA_Api="$(printf "%s" "$token" | sed -n 2p)"
  99. else
  100. return 1
  101. fi
  103. _debug "First detect the root zone"
  104. if ! _get_root "$fulldomain" "$CONOHA_Api" "$accesstoken"; then
  105. _err "invalid domain"
  106. return 1
  107. fi
  108. _debug _domain_id "$_domain_id"
  109. _debug _sub_domain "$_sub_domain"
  110. _debug _domain "$_domain"
  112. _debug "Getting txt records"
  113. if ! _conoha_rest GET "$CONOHA_Api/v1/domains/$_domain_id/records" "" "$accesstoken"; then
  114. _err "Error"
  115. return 1
  116. fi
  118. record_id=$(printf "%s" "$response" | _egrep_o '{[^}]*}' |
  119. grep '"type":"TXT"' | grep "\"data\":\"$txtvalue\"" | _egrep_o "\"id\":\"[^\"]*\"" |
  120. _head_n 1 | cut -d : -f 2 | tr -d \")
  121. if [ -z "$record_id" ]; then
  122. _err "Can not get record id to remove."
  123. return 1
  124. fi
  125. _debug record_id "$record_id"
  127. _info "Removing the txt record"
  128. if ! _conoha_rest DELETE "$CONOHA_Api/v1/domains/$_domain_id/records/$record_id" "" "$accesstoken"; then
  129. _err "Delete record error."
  130. return 1
  131. fi
  133. return 0
  134. }
  136. #################### Private functions below ##################################
  138. _conoha_rest() {
  139. m="$1"
  140. ep="$2"
  141. data="$3"
  142. accesstoken="$4"
  144. export _H1="Accept: application/json"
  145. export _H2="Content-Type: application/json"
  146. if [ -n "$accesstoken" ]; then
  147. export _H3="X-Auth-Token: $accesstoken"
  148. fi
  150. _debug "$ep"
  151. if [ "$m" != "GET" ]; then
  152. _secure_debug2 data "$data"
  153. response="$(_post "$data" "$ep" "" "$m")"
  154. else
  155. response="$(_get "$ep")"
  156. fi
  157. _ret="$?"
  158. _secure_debug2 response "$response"
  159. if [ "$_ret" != "0" ]; then
  160. _err "error $ep"
  161. return 1
  162. fi
  164. response="$(printf "%s" "$response" | _normalizeJson)"
  165. return 0
  166. }
  168. _conoha_get_accesstoken() {
  169. ep="$1"
  170. username="$2"
  171. password="$3"
  172. tenantId="$4"
  174. accesstoken="$(_readaccountconf_mutable conoha_accesstoken)"
  175. expires="$(_readaccountconf_mutable conoha_tokenvalidto)"
  176. CONOHA_Api="$(_readaccountconf_mutable conoha_dns_ep)"
  178. # can we reuse the access token?
  179. if [ -n "$accesstoken" ] && [ -n "$expires" ] && [ -n "$CONOHA_Api" ]; then
  180. utc_date="$(_utc_date | sed "s/ /T/")"
  181. if expr "$utc_date" "<" "$expires" >/dev/null; then
  182. # access token is still valid - reuse it
  183. _debug "reusing access token"
  184. printf "%s\n%s\n" "$accesstoken" "$CONOHA_Api"
  185. return 0
  186. else
  187. _debug "access token expired"
  188. fi
  189. fi
  190. _debug "getting new access token"
  192. body="$(printf '{"auth":{"passwordCredentials":{"username":"%s","password":"%s"},"tenantId":"%s"}}' "$username" "$password" "$tenantId")"
  193. if ! _conoha_rest POST "$ep" "$body" ""; then
  194. _err error "$response"
  195. return 1
  196. fi
  197. accesstoken=$(printf "%s" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | _head_n 1 | cut -d : -f 2 | tr -d \")
  198. expires=$(printf "%s" "$response" | _egrep_o "\"expires\":\"[^\"]*\"" | _head_n 1 | cut -d : -f 2-4 | tr -d \" | tr -d Z) #expect UTC
  199. if [ -z "$accesstoken" ] || [ -z "$expires" ]; then
  200. _err "no acccess token received. Check your Conoha settings see $WIKI"
  201. return 1
  202. fi
  203. _saveaccountconf_mutable conoha_accesstoken "$accesstoken"
  204. _saveaccountconf_mutable conoha_tokenvalidto "$expires"
  206. CONOHA_Api=$(printf "%s" "$response" | _egrep_o 'publicURL":"'"$CONOHA_DNS_EP_PREFIX_REGEXP"'[^"]*"' | _head_n 1 | cut -d : -f 2-3 | tr -d \")
  207. if [ -z "$CONOHA_Api" ]; then
  208. _err "failed to get conoha dns endpoint url"
  209. return 1
  210. fi
  211. _saveaccountconf_mutable conoha_dns_ep "$CONOHA_Api"
  213. printf "%s\n%s\n" "$accesstoken" "$CONOHA_Api"
  214. return 0
  215. }
  217. #_acme-challenge.www.domain.com
  218. #returns
  219. # _sub_domain=_acme-challenge.www
  220. # _domain=domain.com
  221. # _domain_id=sdjkglgdfewsdfg
  222. _get_root() {
  223. domain="$1"
  224. ep="$2"
  225. accesstoken="$3"
  226. i=2
  227. p=1
  228. while true; do
  229. h=$(printf "%s" "$domain" | cut -d . -f $i-100).
  230. _debug h "$h"
  231. if [ -z "$h" ]; then
  232. #not valid
  233. return 1
  234. fi
  236. if ! _conoha_rest GET "$ep/v1/domains?name=$h" "" "$accesstoken"; then
  237. return 1
  238. fi
  240. if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
  241. _domain_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | head -n 1 | cut -d : -f 2 | tr -d \")
  242. if [ "$_domain_id" ]; then
  243. _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
  244. _domain=$h
  245. return 0
  246. fi
  247. return 1
  248. fi
  249. p=$i
  250. i=$(_math "$i" + 1)
  251. done
  252. return 1
  253. }