You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

116 lines
4.0 KiB

8 years ago
8 years ago
  1. #!/usr/bin/env sh
  2. # shellcheck disable=SC2034
  3. dns_nsupdate_info='nsupdate RFC 2136 DynDNS client
  4. Site: bind9.readthedocs.io/en/v9.18.19/manpages.html#nsupdate-dynamic-dns-update-utility
  5. Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_nsupdate
  6. Options:
  7. NSUPDATE_SERVER Server hostname. Default: "localhost".
  8. NSUPDATE_SERVER_PORT Server port. Default: "53".
  9. NSUPDATE_KEY File path to TSIG key.
  10. NSUPDATE_ZONE Domain zone to update. Optional.
  11. '
  12. ######## Public functions #####################
  13. #Usage: dns_nsupdate_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  14. dns_nsupdate_add() {
  15. fulldomain=$1
  16. txtvalue=$2
  17. NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
  18. NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
  19. NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
  20. NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
  21. NSUPDATE_OPT="${NSUPDATE_OPT:-$(_readaccountconf_mutable NSUPDATE_OPT)}"
  22. _checkKeyFile || return 1
  23. # save the dns server and key to the account conf file.
  24. _saveaccountconf_mutable NSUPDATE_SERVER "${NSUPDATE_SERVER}"
  25. _saveaccountconf_mutable NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}"
  26. _saveaccountconf_mutable NSUPDATE_KEY "${NSUPDATE_KEY}"
  27. _saveaccountconf_mutable NSUPDATE_ZONE "${NSUPDATE_ZONE}"
  28. _saveaccountconf_mutable NSUPDATE_OPT "${NSUPDATE_OPT}"
  29. [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
  30. [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
  31. [ -n "${NSUPDATE_OPT}" ] || NSUPDATE_OPT=""
  32. _info "adding ${fulldomain}. 60 in txt \"${txtvalue}\""
  33. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
  34. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
  35. if [ -z "${NSUPDATE_ZONE}" ]; then
  36. #shellcheck disable=SC2086
  37. nsupdate -k "${NSUPDATE_KEY}" $nsdebug $NSUPDATE_OPT <<EOF
  38. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  39. update add ${fulldomain}. 60 in txt "${txtvalue}"
  40. send
  41. EOF
  42. else
  43. #shellcheck disable=SC2086
  44. nsupdate -k "${NSUPDATE_KEY}" $nsdebug $NSUPDATE_OPT <<EOF
  45. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  46. zone ${NSUPDATE_ZONE}.
  47. update add ${fulldomain}. 60 in txt "${txtvalue}"
  48. send
  49. EOF
  50. fi
  51. if [ $? -ne 0 ]; then
  52. _err "error updating domain"
  53. return 1
  54. fi
  55. return 0
  56. }
  57. #Usage: dns_nsupdate_rm _acme-challenge.www.domain.com
  58. dns_nsupdate_rm() {
  59. fulldomain=$1
  60. NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
  61. NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
  62. NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
  63. NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
  64. NSUPDATE_OPT="${NSUPDATE_OPT:-$(_readaccountconf_mutable NSUPDATE_OPT)}"
  65. _checkKeyFile || return 1
  66. [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
  67. [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
  68. _info "removing ${fulldomain}. txt"
  69. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
  70. [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
  71. if [ -z "${NSUPDATE_ZONE}" ]; then
  72. #shellcheck disable=SC2086
  73. nsupdate -k "${NSUPDATE_KEY}" $nsdebug $NSUPDATE_OPT <<EOF
  74. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  75. update delete ${fulldomain}. txt
  76. send
  77. EOF
  78. else
  79. #shellcheck disable=SC2086
  80. nsupdate -k "${NSUPDATE_KEY}" $nsdebug $NSUPDATE_OPT <<EOF
  81. server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
  82. zone ${NSUPDATE_ZONE}.
  83. update delete ${fulldomain}. txt
  84. send
  85. EOF
  86. fi
  87. if [ $? -ne 0 ]; then
  88. _err "error updating domain"
  89. return 1
  90. fi
  91. return 0
  92. }
  93. #################### Private functions below ##################################
  94. _checkKeyFile() {
  95. if [ -z "${NSUPDATE_KEY}" ]; then
  96. _err "you must specify a path to the nsupdate key file"
  97. return 1
  98. fi
  99. if [ ! -r "${NSUPDATE_KEY}" ]; then
  100. _err "key ${NSUPDATE_KEY} is unreadable"
  101. return 1
  102. fi
  103. }