You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

173 lines
6.4 KiB

7 years ago
7 years ago
8 years ago
7 years ago
8 years ago
  1. #!/usr/bin/env sh
  2. ########################################################################
  3. # Hurricane Electric hook script for acme.sh
  4. #
  5. # Environment variables:
  6. #
  7. # - $HE_Username (your dns.he.net username)
  8. # - $HE_Password (your dns.he.net password)
  9. #
  10. # Author: Ondrej Simek <me@ondrejsimek.com>
  11. # Git repo: https://github.com/angel333/acme.sh
  12. #-- dns_he_add() - Add TXT record --------------------------------------
  13. # Usage: dns_he_add _acme-challenge.subdomain.domain.com "XyZ123..."
  14. dns_he_add() {
  15. _full_domain=$1
  16. _txt_value=$2
  17. _info "Using DNS-01 Hurricane Electric hook"
  18. HE_Username="${HE_Username:-$(_readaccountconf_mutable HE_Username)}"
  19. HE_Password="${HE_Password:-$(_readaccountconf_mutable HE_Password)}"
  20. if [ -z "$HE_Username" ] || [ -z "$HE_Password" ]; then
  21. HE_Username=
  22. HE_Password=
  23. _err "No auth details provided. Please set user credentials using the \$HE_Username and \$HE_Password environment variables."
  24. return 1
  25. fi
  26. _saveaccountconf_mutable HE_Username "$HE_Username"
  27. _saveaccountconf_mutable HE_Password "$HE_Password"
  28. # Fills in the $_zone_id
  29. _find_zone "$_full_domain" || return 1
  30. _debug "Zone id \"$_zone_id\" will be used."
  31. username_encoded="$(printf "%s" "${HE_Username}" | _url_encode)"
  32. password_encoded="$(printf "%s" "${HE_Password}" | _url_encode)"
  33. body="email=${username_encoded}&pass=${password_encoded}"
  34. body="$body&account="
  35. body="$body&menu=edit_zone"
  36. body="$body&Type=TXT"
  37. body="$body&hosted_dns_zoneid=$_zone_id"
  38. body="$body&hosted_dns_recordid="
  39. body="$body&hosted_dns_editzone=1"
  40. body="$body&Priority="
  41. body="$body&Name=$_full_domain"
  42. body="$body&Content=$_txt_value"
  43. body="$body&TTL=300"
  44. body="$body&hosted_dns_editrecord=Submit"
  45. response="$(_post "$body" "https://dns.he.net/")"
  46. exit_code="$?"
  47. if [ "$exit_code" -eq 0 ]; then
  48. _info "TXT record added successfully."
  49. else
  50. _err "Couldn't add the TXT record."
  51. fi
  52. _debug2 response "$response"
  53. return "$exit_code"
  54. }
  55. #-- dns_he_rm() - Remove TXT record ------------------------------------
  56. # Usage: dns_he_rm _acme-challenge.subdomain.domain.com "XyZ123..."
  57. dns_he_rm() {
  58. _full_domain=$1
  59. _txt_value=$2
  60. _info "Cleaning up after DNS-01 Hurricane Electric hook"
  61. HE_Username="${HE_Username:-$(_readaccountconf_mutable HE_Username)}"
  62. HE_Password="${HE_Password:-$(_readaccountconf_mutable HE_Password)}"
  63. # fills in the $_zone_id
  64. _find_zone "$_full_domain" || return 1
  65. _debug "Zone id \"$_zone_id\" will be used."
  66. # Find the record id to clean
  67. username_encoded="$(printf "%s" "${HE_Username}" | _url_encode)"
  68. password_encoded="$(printf "%s" "${HE_Password}" | _url_encode)"
  69. body="email=${username_encoded}&pass=${password_encoded}"
  70. body="$body&hosted_dns_zoneid=$_zone_id"
  71. body="$body&menu=edit_zone"
  72. body="$body&hosted_dns_editzone="
  73. response="$(_post "$body" "https://dns.he.net/")"
  74. _debug2 "response" "$response"
  75. if ! _contains "$response" "$_txt_value"; then
  76. _debug "The txt record is not found, just skip"
  77. return 0
  78. fi
  79. _record_id="$(echo "$response" | tr -d "#" | sed "s/<tr/#<tr/g" | tr -d "\n" | tr "#" "\n" | grep "$_full_domain" | grep '"dns_tr"' | grep "$_txt_value" | cut -d '"' -f 4)"
  80. _debug2 _record_id "$_record_id"
  81. if [ -z "$_record_id" ]; then
  82. _err "Can not find record id"
  83. return 1
  84. fi
  85. # Remove the record
  86. username_encoded="$(printf "%s" "${HE_Username}" | _url_encode)"
  87. password_encoded="$(printf "%s" "${HE_Password}" | _url_encode)"
  88. body="email=${username_encoded}&pass=${password_encoded}"
  89. body="$body&menu=edit_zone"
  90. body="$body&hosted_dns_zoneid=$_zone_id"
  91. body="$body&hosted_dns_recordid=$_record_id"
  92. body="$body&hosted_dns_editzone=1"
  93. body="$body&hosted_dns_delrecord=1"
  94. body="$body&hosted_dns_delconfirm=delete"
  95. _post "$body" "https://dns.he.net/" \
  96. | grep '<div id="dns_status" onClick="hideThis(this);">Successfully removed record.</div>' \
  97. >/dev/null
  98. exit_code="$?"
  99. if [ "$exit_code" -eq 0 ]; then
  100. _info "Record removed successfully."
  101. else
  102. _err "Could not clean (remove) up the record. Please go to HE administration interface and clean it by hand."
  103. return "$exit_code"
  104. fi
  105. }
  106. ########################## PRIVATE FUNCTIONS ###########################
  107. _find_zone() {
  108. _domain="$1"
  109. username_encoded="$(printf "%s" "${HE_Username}" | _url_encode)"
  110. password_encoded="$(printf "%s" "${HE_Password}" | _url_encode)"
  111. body="email=${username_encoded}&pass=${password_encoded}"
  112. response="$(_post "$body" "https://dns.he.net/")"
  113. _debug2 response "$response"
  114. if _contains "$response" '>Incorrect<'; then
  115. _err "Unable to login to dns.he.net please check username and password"
  116. return 1
  117. fi
  118. _table="$(echo "$response" | tr -d "#" | sed "s/<table/#<table/g" | tr -d "\n" | tr "#" "\n" | grep 'id="domains_table"')"
  119. _debug2 _table "$_table"
  120. _matches="$(echo "$_table" | sed "s/<tr/#<tr/g" | tr "#" "\n" | grep 'alt="edit"' | tr -d " " | sed "s/<td/#<td/g" | tr "#" "\n" | grep 'hosted_dns_zoneid')"
  121. _debug2 _matches "$_matches"
  122. # Zone names and zone IDs are in same order
  123. _zone_ids=$(echo "$_matches" | _egrep_o "hosted_dns_zoneid=[0-9]*&" | cut -d = -f 2 | tr -d '&')
  124. _zone_names=$(echo "$_matches" | _egrep_o "name=.*onclick" | cut -d '"' -f 2)
  125. _debug2 "These are the zones on this HE account:"
  126. _debug2 "_zone_names" "$_zone_names"
  127. _debug2 "And these are their respective IDs:"
  128. _debug2 "_zone_ids" "$_zone_ids"
  129. if [ -z "$_zone_names" ] || [ -z "$_zone_ids" ]; then
  130. _err "Can not get zone names."
  131. return 1
  132. fi
  133. # Walk through all possible zone names
  134. _strip_counter=1
  135. while true; do
  136. _attempted_zone=$(echo "$_domain" | cut -d . -f ${_strip_counter}-)
  137. # All possible zone names have been tried
  138. if [ -z "$_attempted_zone" ]; then
  139. _err "No zone for domain \"$_domain\" found."
  140. return 1
  141. fi
  142. _debug "Looking for zone \"${_attempted_zone}\""
  143. line_num="$(echo "$_zone_names" | grep -n "^$_attempted_zone\$" | _head_n 1 | cut -d : -f 1)"
  144. _debug2 line_num "$line_num"
  145. if [ "$line_num" ]; then
  146. _zone_id=$(echo "$_zone_ids" | sed -n "${line_num}p")
  147. if [ -z "$_zone_id" ]; then
  148. _err "Can not find zone id."
  149. return 1
  150. fi
  151. _debug "Found relevant zone \"$_attempted_zone\" with id \"$_zone_id\" - will be used for domain \"$_domain\"."
  152. return 0
  153. fi
  154. _debug "Zone \"$_attempted_zone\" doesn't exist, let's try a less specific zone."
  155. _strip_counter=$(_math "$_strip_counter" + 1)
  156. done
  157. }
  158. # vim: et:ts=2:sw=2: