95 lines
1.9 KiB

  1. #!/usr/bin/env sh
  2. ######## Public functions #####################
  3. #Usage: dns_knot_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  4. dns_knot_add() {
  5. fulldomain=$1
  6. txtvalue=$2
  7. _checkKey || return 1
  8. [ -n "${KNOT_SERVER}" ] || KNOT_SERVER="localhost"
  9. # save the dns server and key to the account.conf file.
  10. _saveaccountconf KNOT_SERVER "${KNOT_SERVER}"
  11. _saveaccountconf KNOT_KEY "${KNOT_KEY}"
  12. if ! _get_root "$fulldomain"; then
  13. _err "Domain does not exist."
  14. return 1
  15. fi
  16. _info "Adding ${fulldomain}. 60 TXT \"${txtvalue}\""
  17. knsupdate -y "${KNOT_KEY}" <<EOF
  18. server ${KNOT_SERVER}
  19. zone ${_domain}.
  20. update add ${fulldomain}. 60 TXT "${txtvalue}"
  21. send
  22. quit
  23. EOF
  24. if [ $? -ne 0 ]; then
  25. _err "Error updating domain."
  26. return 1
  27. fi
  28. _info "Domain TXT record successfully added."
  29. return 0
  30. }
  31. #Usage: dns_knot_rm _acme-challenge.www.domain.com
  32. dns_knot_rm() {
  33. fulldomain=$1
  34. _checkKey || return 1
  35. [ -n "${KNOT_SERVER}" ] || KNOT_SERVER="localhost"
  36. if ! _get_root "$fulldomain"; then
  37. _err "Domain does not exist."
  38. return 1
  39. fi
  40. _info "Removing ${fulldomain}. TXT"
  41. knsupdate -y "${KNOT_KEY}" <<EOF
  42. server ${KNOT_SERVER}
  43. zone ${_domain}.
  44. update del ${fulldomain}. TXT
  45. send
  46. quit
  47. EOF
  48. if [ $? -ne 0 ]; then
  49. _err "error updating domain"
  50. return 1
  51. fi
  52. _info "Domain TXT record successfully deleted."
  53. return 0
  54. }
  55. #################### Private functions below ##################################
  56. # _acme-challenge.www.domain.com
  57. # returns
  58. # _domain=domain.com
  59. _get_root() {
  60. domain=$1
  61. i="$(echo "$fulldomain" | tr '.' ' ' | wc -w)"
  62. i=$(_math "$i" - 1)
  63. while true; do
  64. h=$(printf "%s" "$domain" | cut -d . -f "$i"-100)
  65. if [ -z "$h" ]; then
  66. return 1
  67. fi
  68. _domain="$h"
  69. return 0
  70. done
  71. _debug "$domain not found"
  72. return 1
  73. }
  74. _checkKey() {
  75. if [ -z "${KNOT_KEY}" ]; then
  76. _err "You must specify a TSIG key to authenticate the request."
  77. return 1
  78. fi
  79. }