You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

159 lines
4.6 KiB

3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
  1. #!/usr/bin/env sh
  2. #Script to use with curanet.dk, scannet.dk, wannafind.dk, dandomain.dk DNS management.
  3. #Requires api credentials with scope: dns
  4. #Author: Peter L. Hansen <peter@r12.dk>
  5. #Version 1.0
  6. CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains"
  7. CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token"
  8. CURANET_ACCESS_TOKEN=""
  9. ######## Public functions #####################
  10. #Usage: dns_curanet_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  11. dns_curanet_add() {
  12. fulldomain=$1
  13. txtvalue=$2
  14. _info "Using curanet"
  15. _debug fulldomain "$fulldomain"
  16. _debug txtvalue "$txtvalue"
  17. CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
  18. CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
  19. if [ -z "$CURANET_AUTHCLIENTID" ] || [ -z "$CURANET_AUTHSECRET" ]; then
  20. CURANET_AUTHCLIENTID=""
  21. CURANET_AUTHSECRET=""
  22. _err "You don't specify curanet api client and secret."
  23. _err "Please create your auth info and try again."
  24. return 1
  25. fi
  26. #save the credentials to the account conf file.
  27. _saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID"
  28. _saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET"
  29. if ! _get_token; then
  30. _err "Unable to get token"
  31. return 1
  32. fi
  33. if ! _get_root "$fulldomain"; then
  34. _err "Invalid domain"
  35. return 1
  36. fi
  37. export _H1="Content-Type: application/json-patch+json"
  38. export _H2="Accept: application/json"
  39. export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  40. data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}"
  41. response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")"
  42. if _contains "$response" "$txtvalue"; then
  43. _debug "TXT record added OK"
  44. else
  45. _err "Unable to add TXT record"
  46. return 1
  47. fi
  48. return 0
  49. }
  50. #Usage: fulldomain txtvalue
  51. #Remove the txt record after validation.
  52. dns_curanet_rm() {
  53. fulldomain=$1
  54. txtvalue=$2
  55. _info "Using curanet"
  56. _debug fulldomain "$fulldomain"
  57. _debug txtvalue "$txtvalue"
  58. CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}"
  59. CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}"
  60. if ! _get_token; then
  61. _err "Unable to get token"
  62. return 1
  63. fi
  64. if ! _get_root "$fulldomain"; then
  65. _err "Invalid domain"
  66. return 1
  67. fi
  68. _debug "Getting current record list to identify TXT to delete"
  69. export _H1="Content-Type: application/json"
  70. export _H2="Accept: application/json"
  71. export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  72. response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")"
  73. if ! _contains "$response" "$txtvalue"; then
  74. _err "Unable to delete record (does not contain $txtvalue )"
  75. return 1
  76. fi
  77. recordid=$(echo "$response" | _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" | _egrep_o "id\":[0-9]+" | cut -c 5-)
  78. if [ -z "$recordid" ]; then
  79. _err "Unable to get recordid"
  80. _debug "regex {\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue"
  81. _debug "response $response"
  82. return 1
  83. fi
  84. _debug "Deleting recordID $recordid"
  85. response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")"
  86. return 0
  87. }
  88. #################### Private functions below ##################################
  89. _get_token() {
  90. response="$(_post "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" "$CURANET_AUTH_URL" "" "")"
  91. if ! _contains "$response" "access_token"; then
  92. _err "Unable get access token"
  93. return 1
  94. fi
  95. CURANET_ACCESS_TOKEN=$(echo "$response" | _egrep_o "\"access_token\":\"[^\"]+" | cut -c 17-)
  96. if [ -z "$CURANET_ACCESS_TOKEN" ]; then
  97. _err "Unable to get token"
  98. return 1
  99. fi
  100. return 0
  101. }
  102. #_acme-challenge.www.domain.com
  103. #returns
  104. # _domain=domain.com
  105. # _domain_id=sdjkglgdfewsdfg
  106. _get_root() {
  107. domain=$1
  108. i=1
  109. while true; do
  110. h=$(printf "%s" "$domain" | cut -d . -f $i-100)
  111. _debug h "$h"
  112. if [ -z "$h" ]; then
  113. #not valid
  114. return 1
  115. fi
  116. export _H1="Content-Type: application/json"
  117. export _H2="Accept: application/json"
  118. export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN"
  119. response="$(_get "$CURANET_REST_URL/$h/Records" "" "")"
  120. if [ ! "$(echo "$response" | _egrep_o "Entity not found")" ]; then
  121. _domain=$h
  122. return 0
  123. fi
  124. i=$(_math "$i" + 1)
  125. done
  126. return 1
  127. }