Browse Source

include dnsimple api

Even though DNSimple is technically covered with lexicon not all
systems can install python pip's easily. For these systems it is useful
to have pure shell script API interactions.
pull/443/head
Matthew Turney 8 years ago
parent
commit
1994c6828e
No known key found for this signature in database GPG Key ID: FC06F79FAA020CF
  1. 1
      README.md
  2. 36
      dnsapi/README.md
  3. 163
      dnsapi/dns_dnsimple.sh

1
README.md

@ -292,6 +292,7 @@ You don't have to do anything manually!
1. CloudFlare.com API 1. CloudFlare.com API
1. DNSPod.cn API 1. DNSPod.cn API
1. DNSimple API
1. CloudXNS.com API 1. CloudXNS.com API
1. GoDaddy.com API 1. GoDaddy.com API
1. OVH, kimsufi, soyoustart and runabove API 1. OVH, kimsufi, soyoustart and runabove API

36
dnsapi/README.md

@ -422,31 +422,31 @@ acme.sh --issue --dns dns_cloudns -d example.com -d www.example.com
``` ```
## 22. Use Infoblox API ## 22. Use Infoblox API
First you need to create/obtain API credentials on your Infoblox appliance. First you need to create/obtain API credentials on your Infoblox appliance.
``` ```
export Infoblox_Creds="username:password" export Infoblox_Creds="username:password"
export Infoblox_Server="ip or fqdn of infoblox appliance" export Infoblox_Server="ip or fqdn of infoblox appliance"
``` ```
Ok, let's issue a cert now: Ok, let's issue a cert now:
``` ```
acme.sh --issue --dns dns_infoblox -d example.com -d www.example.com acme.sh --issue --dns dns_infoblox -d example.com -d www.example.com
``` ```
Note: This script will automatically create and delete the ephemeral txt record. Note: This script will automatically create and delete the ephemeral txt record.
The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. The `Infoblox_Creds` and `Infoblox_Server` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
## 23. Use VSCALE API ## 23. Use VSCALE API
First you need to create/obtain API tokens on your [settings panel](https://vscale.io/panel/settings/tokens/). First you need to create/obtain API tokens on your [settings panel](https://vscale.io/panel/settings/tokens/).
``` ```
VSCALE_API_KEY="sdfsdfsdfljlbjkljlkjsdfoiwje" VSCALE_API_KEY="sdfsdfsdfljlbjkljlkjsdfoiwje"
``` ```
Ok, let's issue a cert now: Ok, let's issue a cert now:
``` ```
acme.sh --issue --dns dns_vscale -d example.com -d www.example.com acme.sh --issue --dns dns_vscale -d example.com -d www.example.com
@ -468,6 +468,28 @@ acme.sh --issue --dns dns_dynu -d example.com -d www.example.com
The `Dynu_ClientId` and `Dynu_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. The `Dynu_ClientId` and `Dynu_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
## 25. Use DNSimple API
First you need to login to your DNSimple account and generate a new oauth token.
https://dnsimple.com/a/{your account id}/account/access_tokens
Note that this is an _account_ token and not a user token. The account token is
needed to infer the `account_id` used in requests. A user token will not be able
to determine the correct account to use.
```
export DNSimple_OAUTH_TOKEN="sdfsdfsdfljlbjkljlkjsdfoiwje"
```
To issue the cert just specify the `dns_dnsimple` API.
```
acme.sh --issue --dns dns_dnsimple -d example.com
```
The `DNSimple_OAUTH_TOKEN` will be saved in `~/.acme.sh/account.conf` and will
be reused when needed.
# Use custom API # Use custom API

163
dnsapi/dns_dnsimple.sh

@ -0,0 +1,163 @@
#!/usr/bin/env sh
# DNSimple domain api
#
# This is your oauth token which can be acquired on the account page. Please
# note that this must be an _account_ token and not a _user_ token.
# https://dnsimple.com/a/<your account id>/account/access_tokens
# DNSimple_OAUTH_TOKEN="sdfsdfsdfljlbjkljlkjsdfoiwje"
DNSimple_API="https://api.dnsimple.com/v2"
######## Public functions #####################
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_dnsimple_add() {
fulldomain=$1
txtvalue=$2
if [ -z "$DNSimple_OAUTH_TOKEN" ]; then
DNSimple_OAUTH_TOKEN=""
_err "You have not set the dnsimple oauth token yet."
_err "Please visit https://dnsimple.com/user to generate it."
return 1
fi
# save the oauth token for later
_saveaccountconf DNSimple_OAUTH_TOKEN "$DNSimple_OAUTH_TOKEN"
_debug "Retrive account ID"
if ! _get_account_id; then
_err "failed to retrive account id"
return 1
fi
_debug _account_id "$_account_id"
if ! _get_root "$fulldomain"; then
_err "invalid domain"
return 1
fi
_debug _domain "$_domain"
_debug _sub_domain "$_sub_domain"
_debug "Getting txt records"
_dnsimple_rest GET "$_account_id/zones/$_domain/records?per_page=100"
if ! _contains "$response" "\"id\":"; then
_err "Error"
return 1
fi
count=$(printf "%s" "$response" | _egrep_o "\"name\":\"$_sub_domain\"" | wc -l | _egrep_o "[0-9]+")
_debug count "$count"
if [ "$count" = "0" ]; then
_info "Adding record"
if _dnsimple_rest POST "$_account_id/zones/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
if printf -- "%s" "$response" | grep "\"name\":\"$_sub_domain\"" >/dev/null; then
_info "Added"
return 0
else
_err "Add txt record error."
return 1
fi
fi
_err "Add txt record error."
else
_info "Updating record"
record_id=$(printf "%s" "$response" | _egrep_o "\"id\":[^,]*,\"zone_id\":\"[^,]*\",\"parent_id\":null,\"name\":\"$_sub_domain\"" | cut -d: -f2 | cut -d, -f1)
_debug "record_id" "$record_id"
_dnsimple_rest PATCH "$_account_id/zones/$_domain/records/$record_id" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"
if [ "$?" = "0" ]; then
_info "Updated!"
#todo: check if the record takes effect
return 0
fi
_err "Update error"
return 1
fi
}
# fulldomain
dns_dnsimple_rm() {
fulldomain=$1
}
#################### Private functions bellow ##################################
# _acme-challenge.www.domain.com
# returns
# _sub_domain=_acme-challenge.www
# _domain=domain.com
_get_root() {
domain=$1
i=2
p=1
while true; do
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
if [ -z "$h" ]; then
# not valid
return 1
fi
if ! _dnsimple_rest GET "$_account_id/zones/$h"; then
return 1
fi
if _contains "$response" 'not found'; then
_debug "$h not found"
else
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
_domain="$h"
return 0
fi
p="$i"
i=$(_math "$i" + 1)
done
return 1
}
_get_account_id() {
if ! _dnsimple_rest GET "whoami"; then
return 1
fi
if _contains "$response" "\"account\":null"; then
_err "no account associated with this token"
return 1
fi
if _contains "$response" "timeout"; then
_err "timeout retrieving account_id"
return 1
fi
_account_id=$(printf "%s" "$response" | _egrep_o "\"id\":[^,]*,\"email\":" | cut -d: -f2 | cut -d, -f1)
return 0
}
_dnsimple_rest() {
method=$1
path="$2"
data="$3"
request_url="$DNSimple_API/$path"
_debug "$path"
_H1="Accept: application/json"
_H2="Authorization: Bearer $DNSimple_OAUTH_TOKEN"
if [ "$data" ]; then
_H1="Content-Type: application/json"
_debug data "$data"
response="$(_post "$data" "$request_url" "" "$method")"
else
response="$(_get "$request_url")"
fi
if [ "$?" != "0" ]; then
_err "error $request_url"
return 1
fi
_debug2 response "$response"
return 0
}
Loading…
Cancel
Save