You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

177 lines
5.3 KiB

  1. #!/usr/bin/env sh
  2. # acme.sh JamoTech helper script
  3. # This is to be used on client systems and used by Ansible
  4. # to deploy SSL certificates on the jamo.tech domain to
  5. # customer servers for web panels and the likes to their
  6. # customer jamo.tech subdomain.
  7. ######## Public functions #####################
  8. # API Calls to be made
  9. # _get("https://api.corp-jamo.tech/dns/v1/records/exists.php?access=accesskey&hostname=subdomain&target=10.8.0.1&type=A")
  10. # _get("https://api.corp-jamo.tech/dns/v1/records/exists.php?access=accesskey&hostname=_acme-challenge.subdomain&target=ACMEKEY&type=TXT")
  11. # _get("https://api.corp-jamo.tech/dns/v1/records/add.php?access=accesskey&hostname=subdomain&target=10.8.0.1&type=A")
  12. # _get("https://api.corp-jamo.tech/dns/v1/records/add.php?access=accesskey&hostname=_acme-challenge.subdomain&target=ACMEKEY&type=TXT")
  13. # _get("https://api.corp-jamo.tech/dns/v1/records/remove.php?access=accesskey&hostname=subdomain&target=10.8.0.1&type=A")
  14. # _get("https://api.corp-jamo.tech/dns/v1/records/remove.php?access=accesskey&hostname=_acme-challenge.subdomain&target=ACMEKEY&type=TXT")
  15. #Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  16. dns_jamotech_add() {
  17. fulldomain=$1
  18. txtvalue=$2
  19. JTECH_ENDIP="${JTECH_ENDIP:-$(_readaccountconf_mutable JTECH_ENDIP)}"
  20. JTECH_KEY="${JTECH_KEY:-$(_readaccountconf_mutable JTECH_KEY)}"
  21. if [ "$JTECH_ENDIP" ]; then
  22. _saveaccountconf_mutable JTECH_ENDIP "$JTECH_ENDIP"
  23. else
  24. _err "You need to specify an end IP by running 'export JTECH_ENDIP=IP'"
  25. return 1
  26. fi
  27. if [ "$JTECH_KEY" ]; then
  28. _saveaccountconf_mutable JTECH_KEY "$JTECH_KEY"
  29. else
  30. _err "You need to specify an API Key by running 'export JTECH_KEY=APIKEY'"
  31. return 1
  32. fi
  33. _info "Using jamotech-register to add the TXT record"
  34. _get_root
  35. _create_record
  36. _debug fulldomain "$fulldomain"
  37. _debug txtvalue "$txtvalue"
  38. }
  39. #Usage: fulldomain txtvalue
  40. #Remove the txt record after validation.
  41. dns_jamotech_rm() {
  42. fulldomain=$1
  43. txtvalue=$2
  44. JTECH_ENDIP="${JTECH_ENDIP:-$(_readaccountconf_mutable JTECH_ENDIP)}"
  45. JTECH_KEY="${JTECH_KEY:-$(_readaccountconf_mutable JTECH_KEY)}"
  46. if [ "$JTECH_ENDIP" ]; then
  47. _saveaccountconf_mutable JTECH_ENDIP "$JTECH_ENDIP"
  48. else
  49. _err "You need to specify an end IP by running 'export JTECH_ENDIP=IP'"
  50. return 1
  51. fi
  52. if [ "$JTECH_KEY" ]; then
  53. _saveaccountconf_mutable JTECH_KEY "$JTECH_KEY"
  54. else
  55. _err "You need to specify an API Key by running 'export JTECH_KEY=APIKEY'"
  56. return 1
  57. fi
  58. _info "Using jamotech-clean to remove the TXT record"
  59. _get_root
  60. _remove_record
  61. _debug fulldomain "$fulldomain"
  62. _debug txtvalue "$txtvalue"
  63. }
  64. #################### Private functions below ##################################
  65. # _acme-challenge.client.jamo.tech
  66. # returns
  67. # _txthost="_acme-challenge.client"
  68. # _subhost="client"
  69. _get_root() {
  70. domain=$fulldomain
  71. txtdomain=${domain%.jamo.tech}
  72. subdomain=$(echo "$txtdomain" | cut -d'.' -f2-)
  73. _debug "txtdomain = $txtdomain"
  74. _debug "subdomain = $subdomain"
  75. _debug "Domain: $domain TXTDomain: $txtdomain Subdomain: $subdomain"
  76. if [ -z "$domain" ] || [ -z "$txtdomain" ] || [ -z "$subdomain" ] ; then
  77. _err "We weren't able to determine the records which need to be created."
  78. return 1
  79. fi
  80. _txthost="$txtdomain"
  81. _subhost="$subdomain"
  82. _err "$domain not found"
  83. return 1
  84. }
  85. _check_record() {
  86. server_record="https://api.corp-jamo.tech/dns/v1/records/exists.php?access=$JTECH_KEY&hostname=$subdomain&target=$JTECH_ENDIP&type=A"
  87. txt_record="https://api.corp-jamo.tech/dns/v1/records/exists.php?access=$JTECH_KEY&hostname=$txtdomain&target=$txtvalue&type=TXT"
  88. _debug "API ENDPOINTS $server_record $txt_record"
  89. response="$(_get "$server_record")"
  90. if [ "$?" != "0" ]; then
  91. _err "error"
  92. return 1
  93. fi
  94. if _contains "$response" '"exists":"true"}'; then
  95. _err "Record already exists."
  96. return 1
  97. fi
  98. response="$(_get "$txt_record")"
  99. if [ "$?" != "0" ]; then
  100. _err "error"
  101. return 1
  102. fi
  103. if _contains "$response" '"exists":"true"}'; then
  104. _err "Record already exists."
  105. return 1
  106. fi
  107. }
  108. _create_record() {
  109. _check_record
  110. server_record="https://api.corp-jamo.tech/dns/v1/records/add.php?access=$JTECH_KEY&hostname=$subdomain&target=$JTECH_ENDIP&type=A"
  111. txt_record="https://api.corp-jamo.tech/dns/v1/records/add.php?access=$JTECH_KEY&hostname=$txtdomain&target=$txtvalue&type=TXT"
  112. _debug "API ENDPOINTS $server_record $txt_record"
  113. response="$(_get "$server_record")"
  114. if [ "$?" != "0" ]; then
  115. _err "error"
  116. return 1
  117. fi
  118. response="$(_get "$txt_record")"
  119. if [ "$?" != "0" ]; then
  120. _err "error"
  121. return 1
  122. fi
  123. return 0
  124. }
  125. _remove_record() {
  126. server_record="https://api.corp-jamo.tech/dns/v1/records/remove.php?access=$JTECH_KEY&hostname=$subdomain&target=$JTECH_ENDIP&type=A"
  127. txt_record="https://api.corp-jamo.tech/dns/v1/records/remove.php?access=$JTECH_KEY&hostname=$txtdomain&target=$txtvalue&type=TXT"
  128. _debug "API ENDPOINTS $server_record $txt_record"
  129. response="$(_get "$server_record")"
  130. if [ "$?" != "0" ]; then
  131. _err "error"
  132. return 1
  133. fi
  134. response="$(_get "$txt_record")"
  135. if [ "$?" != "0" ]; then
  136. _err "error"
  137. return 1
  138. fi
  139. return 0
  140. }