Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5754 Commits
8 Branches
43 Tags
27 MiB
Tree: 75b4bb306b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75b4bb306b'
${ noResults }
acme.sh/dnsapi/dns_timeweb.sh

403 lines
11 KiB
Raw Normal View History

add Timeweb Cloud DNS API
3 months ago
dnsapi timeweb: Use structured info Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
6 days ago
add Timeweb Cloud DNS API
3 months ago
explicitly reset *_return variables
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
explicitly reset *_return variables
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
fix Timeweb Cloud DNS API pagination
2 months ago
add Timeweb Cloud DNS API
3 months ago
  1. #!/usr/bin/env sh
  2. # shellcheck disable=SC2034
  3. dns_timeweb_info='Timeweb.Cloud
  4. Site: Timeweb.Cloud
  5. Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_timeweb
  6. Options:
  7. TW_Token API JWT token. Get it from the control panel at https://timeweb.cloud/my/api-keys
  8. Issues: github.com/acmesh-official/acme.sh/issues/5140
  9. Author: Nikolay Pronchev <https://github.com/nikolaypronchev>
  10. '
  12. TW_Api="https://api.timeweb.cloud/api/v1"
  14. ################ Public functions ################
  16. # Adds an ACME DNS-01 challenge DNS TXT record via the Timeweb Cloud API.
  17. #
  18. # Param1: The ACME DNS-01 challenge FQDN.
  19. # Param2: The value of the ACME DNS-01 challenge TXT record.
  20. #
  21. # Example: dns_timeweb_add "_acme-challenge.sub.domain.com" "D-52Wm...4uYM"
  22. dns_timeweb_add() {
  23. _debug "$(__green "Timeweb DNS API"): \"dns_timeweb_add\" started."
  25. _timeweb_set_acme_fqdn "$1" || return 1
  26. _timeweb_set_acme_txt "$2" || return 1
  27. _timeweb_check_token || return 1
  28. _timeweb_split_acme_fqdn || return 1
  29. _timeweb_dns_txt_add || return 1
  31. _debug "$(__green "Timeweb DNS API"): \"dns_timeweb_add\" finished."
  32. }
  34. # Removes a DNS TXT record via the Timeweb Cloud API.
  35. #
  36. # Param1: The ACME DNS-01 challenge FQDN.
  37. # Param2: The value of the ACME DNS-01 challenge TXT record.
  38. #
  39. # Example: dns_timeweb_rm "_acme-challenge.sub.domain.com" "D-52Wm...4uYM"
  40. dns_timeweb_rm() {
  41. _debug "$(__green "Timeweb DNS API"): \"dns_timeweb_rm\" started."
  43. _timeweb_set_acme_fqdn "$1" || return 1
  44. _timeweb_set_acme_txt "$2" || return 1
  45. _timeweb_check_token || return 1
  46. _timeweb_split_acme_fqdn || return 1
  47. _timeweb_get_dns_txt || return 1
  48. _timeweb_dns_txt_remove || return 1
  50. _debug "$(__green "Timeweb DNS API"): \"dns_timeweb_rm\" finished."
  51. }
  53. ################ Private functions ################
  55. # Checks and sets the ACME DNS-01 challenge FQDN.
  56. #
  57. # Param1: The ACME DNS-01 challenge FQDN.
  58. #
  59. # Example: _timeweb_set_acme_fqdn "_acme-challenge.sub.domain.com"
  60. #
  61. # Sets the "Acme_Fqdn" variable (_acme-challenge.sub.domain.com)
  62. _timeweb_set_acme_fqdn() {
  63. Acme_Fqdn=$1
  64. _debug "Setting ACME DNS-01 challenge FQDN \"$Acme_Fqdn\"."
  65. [ -z "$Acme_Fqdn" ] && {
  66. _err "ACME DNS-01 challenge FQDN is empty."
  67. return 1
  68. }
  69. return 0
  70. }
  72. # Checks and sets the value of the ACME DNS-01 challenge TXT record.
  73. #
  74. # Param1: Value of the ACME DNS-01 challenge TXT record.
  75. #
  76. # Example: _timeweb_set_acme_txt "D-52Wm...4uYM"
  77. #
  78. # Sets the "Acme_Txt" variable to the provided value (D-52Wm...4uYM)
  79. _timeweb_set_acme_txt() {
  80. Acme_Txt=$1
  81. _debug "Setting the value of the ACME DNS-01 challenge TXT record to \"$Acme_Txt\"."
  82. [ -z "$Acme_Txt" ] && {
  83. _err "ACME DNS-01 challenge TXT record value is empty."
  84. return 1
  85. }
  86. return 0
  87. }
  89. # Checks if the Timeweb Cloud API JWT token is present (refer to the script description).
  90. # Adds or updates the token in the acme.sh account configuration.
  91. _timeweb_check_token() {
  92. _debug "Checking for the presence of the Timeweb Cloud API JWT token."
  94. TW_Token="${TW_Token:-$(_readaccountconf_mutable TW_Token)}"
  96. [ -z "$TW_Token" ] && {
  97. _err "Timeweb Cloud API JWT token was not found."
  98. return 1
  99. }
  101. _saveaccountconf_mutable TW_Token "$TW_Token"
  102. }
  104. # Divides the ACME DNS-01 challenge FQDN into its main domain and subdomain components.
  105. _timeweb_split_acme_fqdn() {
  106. _debug "Trying to divide \"$Acme_Fqdn\" into its main domain and subdomain components."
  108. TW_Page_Limit=100
  109. TW_Page_Offset=0
  110. TW_Domains_Returned=""
  112. while [ -z "$TW_Domains_Returned" ] || [ "$TW_Domains_Returned" -ge "$TW_Page_Limit" ]; do
  114. _timeweb_list_domains "$TW_Page_Limit" "$TW_Page_Offset" || return 1
  116. # Remove the 'subdomains' subarray to prevent confusion with FQDNs.
  118. TW_Domains=$(
  119. echo "$TW_Domains" |
  120. sed 's/"subdomains":\[[^]]*]//g'
  121. )
  123. [ -z "$TW_Domains" ] && {
  124. _err "Failed to parse the list of domains."
  125. return 1
  126. }
  128. while
  129. TW_Domain=$(
  130. echo "$TW_Domains" |
  131. sed -n 's/.*{[^{]*"fqdn":"\([^"]*\)"[^}]*}.*/\1/p'
  132. )
  134. [ -n "$TW_Domain" ] && {
  135. _timeweb_is_main_domain "$TW_Domain" && return 0
  137. TW_Domains=$(
  138. echo "$TW_Domains" |
  139. sed 's/{\([^{]*"fqdn":"'"$TW_Domain"'"[^}]*\)}//'
  140. )
  141. continue
  142. }
  143. do :; done
  145. TW_Page_Offset=$(_math "$TW_Page_Offset" + "$TW_Page_Limit")
  146. done
  148. _err "Failed to divide \"$Acme_Fqdn\" into its main domain and subdomain components."
  149. return 1
  150. }
  152. # Searches for a previously added DNS TXT record.
  153. #
  154. # Sets the "TW_Dns_Txt_Id" variable.
  155. _timeweb_get_dns_txt() {
  156. _debug "Trying to locate a DNS TXT record with the value \"$Acme_Txt\"."
  158. TW_Page_Limit=100
  159. TW_Page_Offset=0
  160. TW_Dns_Records_Returned=""
  162. while [ -z "$TW_Dns_Records_Returned" ] || [ "$TW_Dns_Records_Returned" -ge "$TW_Page_Limit" ]; do
  164. _timeweb_list_dns_records "$TW_Page_Limit" "$TW_Page_Offset" || return 1
  166. while
  167. Dns_Record=$(
  168. echo "$TW_Dns_Records" |
  169. sed -n 's/.*{\([^{]*{[^{]*'"$Acme_Txt"'[^}]*}[^}]*\)}.*/\1/p'
  170. )
  172. [ -n "$Dns_Record" ] && {
  173. _timeweb_is_added_txt "$Dns_Record" && return 0
  175. TW_Dns_Records=$(
  176. echo "$TW_Dns_Records" |
  177. sed 's/{\([^{]*{[^{]*'"$Acme_Txt"'[^}]*}[^}]*\)}//'
  178. )
  179. continue
  180. }
  181. do :; done
  183. TW_Page_Offset=$(_math "$TW_Page_Offset" + "$TW_Page_Limit")
  184. done
  186. _err "DNS TXT record was not found."
  187. return 1
  188. }
  190. # Lists domains via the Timeweb Cloud API.
  191. #
  192. # Param 1: Limit for listed domains.
  193. # Param 2: Offset for domains list.
  194. #
  195. # Sets the "TW_Domains" variable.
  196. # Sets the "TW_Domains_Returned" variable.
  197. _timeweb_list_domains() {
  198. _debug "Listing domains via Timeweb Cloud API. Limit: $1, offset: $2."
  200. export _H1="Authorization: Bearer $TW_Token"
  202. if ! TW_Domains=$(_get "$TW_Api/domains?limit=$1&offset=$2"); then
  203. _err "The request to the Timeweb Cloud API failed."
  204. return 1
  205. fi
  207. [ -z "$TW_Domains" ] && {
  208. _err "Empty response from the Timeweb Cloud API."
  209. return 1
  210. }
  212. TW_Domains_Returned=$(
  213. echo "$TW_Domains" |
  214. sed 's/.*"meta":{"total":\([0-9]*\)[^0-9].*/\1/'
  215. )
  217. [ -z "$TW_Domains_Returned" ] && {
  218. _err "Failed to extract the total count of domains."
  219. return 1
  220. }
  222. [ "$TW_Domains_Returned" -eq "0" ] && {
  223. _err "Domains are missing."
  224. return 1
  225. }
  227. _debug "Domains returned by Timeweb Cloud API: $TW_Domains_Returned."
  228. }
  230. # Lists domain DNS records via the Timeweb Cloud API.
  231. #
  232. # Param 1: Limit for listed DNS records.
  233. # Param 2: Offset for DNS records list.
  234. #
  235. # Sets the "TW_Dns_Records" variable.
  236. # Sets the "TW_Dns_Records_Returned" variable.
  237. _timeweb_list_dns_records() {
  238. _debug "Listing domain DNS records via the Timeweb Cloud API. Limit: $1, offset: $2."
  240. export _H1="Authorization: Bearer $TW_Token"
  242. if ! TW_Dns_Records=$(_get "$TW_Api/domains/$TW_Main_Domain/dns-records?limit=$1&offset=$2"); then
  243. _err "The request to the Timeweb Cloud API failed."
  244. return 1
  245. fi
  247. [ -z "$TW_Dns_Records" ] && {
  248. _err "Empty response from the Timeweb Cloud API."
  249. return 1
  250. }
  252. TW_Dns_Records_Returned=$(
  253. echo "$TW_Dns_Records" |
  254. sed 's/.*"meta":{"total":\([0-9]*\)[^0-9].*/\1/'
  255. )
  257. [ -z "$TW_Dns_Records_Returned" ] && {
  258. _err "Failed to extract the total count of DNS records."
  259. return 1
  260. }
  262. [ "$TW_Dns_Records_Returned" -eq "0" ] && {
  263. _err "DNS records are missing."
  264. return 1
  265. }
  267. _debug "DNS records returned by Timeweb Cloud API: $TW_Dns_Records_Returned."
  268. }
  270. # Verifies whether the domain is the primary domain for the ACME DNS-01 challenge FQDN.
  271. # The requirement is that the provided domain is the top-level domain
  272. # for the ACME DNS-01 challenge FQDN.
  273. #
  274. # Param 1: Domain object returned by Timeweb Cloud API.
  275. #
  276. # Sets the "TW_Main_Domain" variable (e.g. "_acme-challenge.s1.domain.co.uk" → "domain.co.uk").
  277. # Sets the "TW_Subdomains" variable (e.g. "_acme-challenge.s1.domain.co.uk" → "_acme-challenge.s1").
  278. _timeweb_is_main_domain() {
  279. _debug "Checking if \"$1\" is the main domain of the ACME DNS-01 challenge FQDN."
  281. [ -z "$1" ] && {
  282. _debug "Failed to extract FQDN. Skipping domain."
  283. return 1
  284. }
  286. ! echo ".$Acme_Fqdn" | grep -qi "\.$1$" && {
  287. _debug "Domain does not match the ACME DNS-01 challenge FQDN. Skipping domain."
  288. return 1
  289. }
  291. TW_Main_Domain=$1
  292. TW_Subdomains=$(
  293. echo "$Acme_Fqdn" |
  294. sed "s/\.*.\{${#1}\}$//"
  295. )
  297. _debug "Matched domain. ACME DNS-01 challenge FQDN split as [$TW_Subdomains].[$TW_Main_Domain]."
  298. return 0
  299. }
  301. # Verifies whether a DNS record was previously added based on the following criteria:
  302. # - The value matches the ACME DNS-01 challenge TXT record value;
  303. # - The record type is TXT;
  304. # - The subdomain matches the ACME DNS-01 challenge FQDN.
  305. #
  306. # Param 1: DNS record object returned by Timeweb Cloud API.
  307. #
  308. # Sets the "TW_Dns_Txt_Id" variable.
  309. _timeweb_is_added_txt() {
  310. _debug "Checking if \"$1\" is a previously added DNS TXT record."
  312. echo "$1" | grep -qv '"type":"TXT"' && {
  313. _debug "Not a TXT record. Skipping the record."
  314. return 1
  315. }
  317. if [ -n "$TW_Subdomains" ]; then
  318. echo "$1" | grep -qvi "\"subdomain\":\"$TW_Subdomains\"" && {
  319. _debug "Subdomains do not match. Skipping the record."
  320. return 1
  321. }
  322. else
  323. echo "$1" | grep -q '"subdomain\":"..*"' && {
  324. _debug "Subdomains do not match. Skipping the record."
  325. return 1
  326. }
  327. fi
  329. TW_Dns_Txt_Id=$(
  330. echo "$1" |
  331. sed 's/.*"id":\([0-9]*\)[^0-9].*/\1/'
  332. )
  334. [ -z "$TW_Dns_Txt_Id" ] && {
  335. _debug "Failed to extract the DNS record ID. Skipping the record."
  336. return 1
  337. }
  339. _debug "Matching DNS TXT record ID is \"$TW_Dns_Txt_Id\"."
  340. return 0
  341. }
  343. # Adds a DNS TXT record via the Timeweb Cloud API.
  344. _timeweb_dns_txt_add() {
  345. _debug "Adding a new DNS TXT record via the Timeweb Cloud API."
  347. export _H1="Authorization: Bearer $TW_Token"
  348. export _H2="Content-Type: application/json"
  350. if ! TW_Response=$(
  351. _post "{
  352. \"subdomain\":\"$TW_Subdomains\",
  353. \"type\":\"TXT\",
  354. \"value\":\"$Acme_Txt\"
  355. }" \
  356. "$TW_Api/domains/$TW_Main_Domain/dns-records"
  357. ); then
  358. _err "The request to the Timeweb Cloud API failed."
  359. return 1
  360. fi
  362. [ -z "$TW_Response" ] && {
  363. _err "An unexpected empty response was received from the Timeweb Cloud API."
  364. return 1
  365. }
  367. TW_Dns_Txt_Id=$(
  368. echo "$TW_Response" |
  369. sed 's/.*"id":\([0-9]*\)[^0-9].*/\1/'
  370. )
  372. [ -z "$TW_Dns_Txt_Id" ] && {
  373. _err "Failed to extract the DNS TXT Record ID."
  374. return 1
  375. }
  377. _debug "DNS TXT record has been added. ID: \"$TW_Dns_Txt_Id\"."
  378. }
  380. # Removes a DNS record via the Timeweb Cloud API.
  381. _timeweb_dns_txt_remove() {
  382. _debug "Removing DNS record via the Timeweb Cloud API."
  384. export _H1="Authorization: Bearer $TW_Token"
  386. if ! TW_Response=$(
  387. _post \
  388. "" \
  389. "$TW_Api/domains/$TW_Main_Domain/dns-records/$TW_Dns_Txt_Id" \
  390. "" \
  391. "DELETE"
  392. ); then
  393. _err "The request to the Timeweb Cloud API failed."
  394. return 1
  395. fi
  397. [ -n "$TW_Response" ] && {
  398. _err "Received an unexpected response body from the Timeweb Cloud API."
  399. return 1
  400. }
  402. _debug "DNS TXT record with ID \"$TW_Dns_Txt_Id\" has been removed."
  403. }