You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

194 lines
7.4 KiB

8 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
  1. #!/usr/bin/env sh
  2. # ISPConfig 3.1 API
  3. # User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to:
  4. # - DNS txt Functions
  5. # Report bugs to https://github.com/sjau/acme.sh
  6. # Values to export:
  7. # export ISPC_User="remoteUser"
  8. # export ISPC_Password="remotePassword"
  9. # export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php"
  10. # export ISPC_Api_Insecure=1 # Set 1 for insecure and 0 for secure -> difference is whether ssl cert is checked for validity (0) or whether it is just accepted (1)
  11. ######## Public functions #####################
  12. #Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
  13. dns_ispconfig_add() {
  14. fulldomain="${1}"
  15. txtvalue="${2}"
  16. _debug "Calling: dns_ispconfig_add() '${fulldomain}' '${txtvalue}'"
  17. _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt
  18. }
  19. #Usage: dns_myapi_rm _acme-challenge.www.domain.com
  20. dns_ispconfig_rm() {
  21. fulldomain="${1}"
  22. _debug "Calling: dns_ispconfig_rm() '${fulldomain}'"
  23. _ISPC_credentials && _ISPC_login && _ISPC_rmTxt
  24. }
  25. #################### Private functions below ##################################
  26. _ISPC_credentials() {
  27. ISPC_User="${ISPC_User:-$(_readaccountconf_mutable ISPC_User)}"
  28. ISPC_Password="${ISPC_Password:-$(_readaccountconf_mutable ISPC_Password)}"
  29. ISPC_Api="${ISPC_Api:-$(_readaccountconf_mutable ISPC_Api)}"
  30. ISPC_Api_Insecure="${ISPC_Api_Insecure:-$(_readaccountconf_mutable ISPC_Api_Insecure)}"
  31. if [ -z "${ISPC_User}" ] || [ -z "${ISPC_Password}" ] || [ -z "${ISPC_Api}" ] || [ -z "${ISPC_Api_Insecure}" ]; then
  32. ISPC_User=""
  33. ISPC_Password=""
  34. ISPC_Api=""
  35. ISPC_Api_Insecure=""
  36. _err "You haven't specified the ISPConfig Login data, URL and whether you want check the ISPC SSL cert. Please try again."
  37. return 1
  38. else
  39. _saveaccountconf_mutable ISPC_User "${ISPC_User}"
  40. _saveaccountconf_mutable ISPC_Password "${ISPC_Password}"
  41. _saveaccountconf_mutable ISPC_Api "${ISPC_Api}"
  42. _saveaccountconf_mutable ISPC_Api_Insecure "${ISPC_Api_Insecure}"
  43. # Set whether curl should use secure or insecure mode
  44. export HTTPS_INSECURE="${ISPC_Api_Insecure}"
  45. fi
  46. }
  47. _ISPC_login() {
  48. _info "Getting Session ID"
  49. curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}"
  50. curResult="$(_post "${curData}" "${ISPC_Api}?login")"
  51. _debug "Calling _ISPC_login: '${curData}' '${ISPC_Api}?login'"
  52. _debug "Result of _ISPC_login: '$curResult'"
  53. if _contains "${curResult}" '"code":"ok"'; then
  54. sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  55. _info "Retrieved Session ID."
  56. _debug "Session ID: '${sessionID}'"
  57. else
  58. _err "Couldn't retrieve the Session ID."
  59. return 1
  60. fi
  61. }
  62. _ISPC_getZoneInfo() {
  63. _info "Getting Zoneinfo"
  64. zoneEnd=false
  65. curZone="${fulldomain}"
  66. while [ "${zoneEnd}" = false ]; do
  67. # we can strip the first part of the fulldomain, since it's just the _acme-challenge string
  68. curZone="${curZone#*.}"
  69. # suffix . needed for zone -> domain.tld.
  70. curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"origin\":\"${curZone}.\"}}"
  71. curResult="$(_post "${curData}" "${ISPC_Api}?dns_zone_get")"
  72. _debug "Calling _ISPC_getZoneInfo: '${curData}' '${ISPC_Api}?dns_zone_get'"
  73. _debug "Result of _ISPC_getZoneInfo: '$curResult'"
  74. if _contains "${curResult}" '"id":"'; then
  75. zoneFound=true
  76. zoneEnd=true
  77. _info "Retrieved zone data."
  78. _debug "Zone data: '${curResult}'"
  79. fi
  80. if [ "${curZone#*.}" != "$curZone" ]; then
  81. _debug2 "$curZone still contains a '.' - so we can check next higher level"
  82. else
  83. zoneEnd=true
  84. _err "Couldn't retrieve zone data."
  85. return 1
  86. fi
  87. done
  88. if [ "${zoneFound}" ]; then
  89. server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  90. _debug "Server ID: '${server_id}'"
  91. case "${server_id}" in
  92. '' | *[!0-9]*)
  93. _err "Server ID is not numeric."
  94. return 1
  95. ;;
  96. *) _info "Retrieved Server ID" ;;
  97. esac
  98. zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  99. _debug "Zone: '${zone}'"
  100. case "${zone}" in
  101. '' | *[!0-9]*)
  102. _err "Zone ID is not numeric."
  103. return 1
  104. ;;
  105. *) _info "Retrieved Zone ID" ;;
  106. esac
  107. sys_userid=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  108. _debug "SYS User ID: '${sys_userid}'"
  109. case "${sys_userid}" in
  110. '' | *[!0-9]*)
  111. _err "SYS User ID is not numeric."
  112. return 1
  113. ;;
  114. *) _info "Retrieved SYS User ID." ;;
  115. esac
  116. zoneFound=""
  117. zoneEnd=""
  118. fi
  119. # Need to get client_id as it is different from sys_userid
  120. curData="{\"session_id\":\"${sessionID}\",\"sys_userid\":\"${sys_userid}\"}"
  121. curResult="$(_post "${curData}" "${ISPC_Api}?client_get_id")"
  122. _debug "Calling _ISPC_ClientGetID: '${curData}' '${ISPC_Api}?client_get_id'"
  123. _debug "Result of _ISPC_ClientGetID: '$curResult'"
  124. client_id=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2 | tr -d '{}')
  125. _debug "Client ID: '${client_id}'"
  126. case "${client_id}" in
  127. '' | *[!0-9]*)
  128. _err "Client ID is not numeric."
  129. return 1
  130. ;;
  131. *) _info "Retrieved Client ID." ;;
  132. esac
  133. }
  134. _ISPC_addTxt() {
  135. curSerial="$(date +%s)"
  136. curStamp="$(date +'%F %T')"
  137. params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}.\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\""
  138. curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}},\"update_serial\":true}"
  139. curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_add")"
  140. _debug "Calling _ISPC_addTxt: '${curData}' '${ISPC_Api}?dns_txt_add'"
  141. _debug "Result of _ISPC_addTxt: '$curResult'"
  142. record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  143. _debug "Record ID: '${record_id}'"
  144. case "${record_id}" in
  145. '' | *[!0-9]*)
  146. _err "Couldn't add ACME Challenge TXT record to zone."
  147. return 1
  148. ;;
  149. *) _info "Added ACME Challenge TXT record to zone." ;;
  150. esac
  151. }
  152. _ISPC_rmTxt() {
  153. # Need to get the record ID.
  154. curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}}"
  155. curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_get")"
  156. _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_get'"
  157. _debug "Result of _ISPC_rmTxt: '$curResult'"
  158. if _contains "${curResult}" '"code":"ok"'; then
  159. record_id=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
  160. _debug "Record ID: '${record_id}'"
  161. case "${record_id}" in
  162. '' | *[!0-9]*)
  163. _err "Record ID is not numeric."
  164. return 1
  165. ;;
  166. *)
  167. unset IFS
  168. _info "Retrieved Record ID."
  169. curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\",\"update_serial\":true}"
  170. curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")"
  171. _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_delete'"
  172. _debug "Result of _ISPC_rmTxt: '$curResult'"
  173. if _contains "${curResult}" '"code":"ok"'; then
  174. _info "Removed ACME Challenge TXT record from zone."
  175. else
  176. _err "Couldn't remove ACME Challenge TXT record from zone."
  177. return 1
  178. fi
  179. ;;
  180. esac
  181. fi
  182. }