Browse Source

merge from neilpang

pull/319/head
Philippe Kueck 8 years ago
parent
commit
29ac67c2fb
  1. 3
      README.md
  2. 45
      acme.sh
  3. 27
      dnsapi/README.md
  4. 0
      dnsapi/dns_ovh.sh
  5. 133
      dnsapi/dns_pdns.sh

3
README.md

@ -241,7 +241,8 @@ You don't have do anything manually!
4. Godaddy.com API 4. Godaddy.com API
5. OVH, kimsufi, soyoustart and runabove API 5. OVH, kimsufi, soyoustart and runabove API
6. AWS Route 53, see: https://github.com/Neilpang/acme.sh/issues/65 6. AWS Route 53, see: https://github.com/Neilpang/acme.sh/issues/65
7. lexicon dns api: https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api
7. PowerDNS API
8. lexicon dns api: https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api
(DigitalOcean, DNSimple, DnsMadeEasy, DNSPark, EasyDNS, Namesilo, NS1, PointHQ, Rage4 and Vultr etc.) (DigitalOcean, DNSimple, DnsMadeEasy, DNSPark, EasyDNS, Namesilo, NS1, PointHQ, Rage4 and Vultr etc.)
##### More APIs are coming soon... ##### More APIs are coming soon...

45
acme.sh

@ -1205,26 +1205,30 @@ _startserver() {
_debug "startserver: $$" _debug "startserver: $$"
nchelp="$(nc -h 2>&1)" nchelp="$(nc -h 2>&1)"
if echo "$nchelp" | grep "\-q[ ,]" >/dev/null ; then
_NC="nc -q 1 -l $ncaddr"
else
if echo "$nchelp" | grep "GNU netcat" >/dev/null && echo "$nchelp" | grep "\-c, \-\-close" >/dev/null ; then
_NC="nc -c -l $ncaddr"
elif echo "$nchelp" | grep "\-N" |grep "Shutdown the network socket after EOF on stdin" >/dev/null ; then
_NC="nc -N -l $ncaddr"
else
_NC="nc -l $ncaddr"
fi
fi
_debug Le_HTTPPort "$Le_HTTPPort" _debug Le_HTTPPort "$Le_HTTPPort"
_debug Le_Listen_V4 "$Le_Listen_V4" _debug Le_Listen_V4 "$Le_Listen_V4"
_debug Le_Listen_V6 "$Le_Listen_V6" _debug Le_Listen_V6 "$Le_Listen_V6"
_NC="nc"
if [ "$Le_Listen_V4" ] ; then if [ "$Le_Listen_V4" ] ; then
_NC="$_NC -4" _NC="$_NC -4"
elif [ "$Le_Listen_V6" ] ; then elif [ "$Le_Listen_V6" ] ; then
_NC="$_NC -6" _NC="$_NC -6"
fi fi
if echo "$nchelp" | grep "\-q[ ,]" >/dev/null ; then
_NC="$_NC -q 1 -l $ncaddr"
else
if echo "$nchelp" | grep "GNU netcat" >/dev/null && echo "$nchelp" | grep "\-c, \-\-close" >/dev/null ; then
_NC="$_NC -c -l $ncaddr"
elif echo "$nchelp" | grep "\-N" |grep "Shutdown the network socket after EOF on stdin" >/dev/null ; then
_NC="$_NC -N -l $ncaddr"
else
_NC="$_NC -l $ncaddr"
fi
fi
_debug "_NC" "$_NC" _debug "_NC" "$_NC"
# while true ; do # while true ; do
@ -1368,7 +1372,7 @@ _readlink() {
__initHome() { __initHome() {
if [ -z "$_SCRIPT_HOME" ] ; then if [ -z "$_SCRIPT_HOME" ] ; then
if _exists readlink && _exists dirname ; then if _exists readlink && _exists dirname ; then
_debug "Lets guess script dir."
_debug "Lets find script dir."
_debug "_SCRIPT_" "$_SCRIPT_" _debug "_SCRIPT_" "$_SCRIPT_"
_script="$(_readlink "$_SCRIPT_")" _script="$(_readlink "$_SCRIPT_")"
_debug "_script" "$_script" _debug "_script" "$_script"
@ -2491,9 +2495,9 @@ issue() {
fi fi
if [ "$status" = "invalid" ] ; then if [ "$status" = "invalid" ] ; then
error="$(echo "$response" | _egrep_o '"error":\{[^\}]*\}')"
error="$(echo "$response" | tr -d "\r\n" | _egrep_o '"error":\{[^\}]*')"
_debug2 error "$error" _debug2 error "$error"
errordetail="$(echo $error | _egrep_o '"detail": *"[^"]*"' | cut -d '"' -f 4)"
errordetail="$(echo "$error" | _egrep_o '"detail": *"[^"]*' | cut -d '"' -f 4)"
_debug2 errordetail "$errordetail" _debug2 errordetail "$errordetail"
if [ "$errordetail" ] ; then if [ "$errordetail" ] ; then
_err "$d:Verify error:$errordetail" _err "$d:Verify error:$errordetail"
@ -2503,7 +2507,7 @@ issue() {
if [ "$DEBUG" ] ; then if [ "$DEBUG" ] ; then
if [ "$vtype" = "$VTYPE_HTTP" ] ; then if [ "$vtype" = "$VTYPE_HTTP" ] ; then
_debug "Debug: get token url." _debug "Debug: get token url."
_get "http://$d/.well-known/acme-challenge/$token"
_get "http://$d/.well-known/acme-challenge/$token" "" 1
fi fi
fi fi
_clearupwebbroot "$_currentRoot" "$removelevel" "$token" _clearupwebbroot "$_currentRoot" "$removelevel" "$token"
@ -3236,6 +3240,13 @@ _initconf() {
#NSUPDATE_KEY=\"/path/to/update.key\" #NSUPDATE_KEY=\"/path/to/update.key\"
#NSUPDATE_SERVER=\"192.168.0.1\" #NSUPDATE_SERVER=\"192.168.0.1\"
#######################
#PowerDNS:
#PDNS_Url=\"http://ns.example.com:8081\"
#PDNS_ServerId=\"localhost\"
#PDNS_Token=\"0123456789ABCDEF\"
#PDNS_Ttl=60
" > $ACCOUNT_CONF_PATH " > $ACCOUNT_CONF_PATH
fi fi
} }
@ -3416,7 +3427,7 @@ _install() {
if [ -z "$NO_DETECT_SH" ] ; then if [ -z "$NO_DETECT_SH" ] ; then
#Modify shebang #Modify shebang
if _exists bash ; then if _exists bash ; then
_info "Good, bash is installed, change the shebang to use bash as prefered."
_info "Good, bash is found, so change the shebang to use bash as prefered."
_shebang='#!/usr/bin/env bash' _shebang='#!/usr/bin/env bash'
_setShebang "$LE_WORKING_DIR/$PROJECT_ENTRY" "$_shebang" _setShebang "$LE_WORKING_DIR/$PROJECT_ENTRY" "$_shebang"
if [ -d "$LE_WORKING_DIR/dnsapi" ] ; then if [ -d "$LE_WORKING_DIR/dnsapi" ] ; then

27
dnsapi/README.md

@ -66,7 +66,7 @@ The `CX_Key` and `CX_Secret` will be saved in `~/.acme.sh/account.conf`, when n
## Use Godaddy.com domain api to automatically issue cert ## Use Godaddy.com domain api to automatically issue cert
We support Godaddy integeration.
We support Godaddy integration.
First you need to login to your Godaddy account to get your api key and api secret. First you need to login to your Godaddy account to get your api key and api secret.
@ -89,6 +89,29 @@ acme.sh --issue --dns dns_gd -d aa.com -d www.aa.com
The `GD_Key` and `GD_Secret` will be saved in `~/.acme.sh/account.conf`, when next time you use cloudflare api, it will reuse this key. The `GD_Key` and `GD_Secret` will be saved in `~/.acme.sh/account.conf`, when next time you use cloudflare api, it will reuse this key.
## Use PowerDNS embedded api to automatically issue cert
We support PowerDNS embedded API integration.
First you need to enable api and set your api-token in PowerDNS configuration.
https://doc.powerdns.com/md/httpapi/README/
```
export PDNS_Url="http://ns.example.com:8081"
export PDNS_ServerId="localhost"
export PDNS_Token="0123456789ABCDEF"
export PDNS_Ttl=60
```
Ok, let's issue cert now:
```
acme.sh --issue --dns dns_pdns -d aa.com -d www.aa.com
```
The `PDNS_Url`, `PDNS_ServerId`, `PDNS_Token` and `PDNS_Ttl` will be saved in `~/.acme.sh/account.conf`.
## Use OVH/kimsufi/soyoustart/runabove API ## Use OVH/kimsufi/soyoustart/runabove API
https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api
@ -109,8 +132,6 @@ acme.sh --issue --dns dns_myapi -d aa.com -d www.aa.com
For more details, please check our sample script: [dns_myapi.sh](dns_myapi.sh) For more details, please check our sample script: [dns_myapi.sh](dns_myapi.sh)
# Use lexicon dns api # Use lexicon dns api
https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api

0
dnsapi/dns_ovh.sh

133
dnsapi/dns_pdns.sh

@ -0,0 +1,133 @@
#!/usr/bin/env sh
#PowerDNS Emdedded API
#https://doc.powerdns.com/md/httpapi/api_spec/
#
#PDNS_Url="http://ns.example.com:8081"
#PDNS_ServerId="localhost"
#PDNS_Token="0123456789ABCDEF"
#PDNS_Ttl=60
DEFAULT_PDNS_TTL=60
######## Public functions #####################
#Usage: add _acme-challenge.www.domain.com "123456789ABCDEF0000000000000000000000000000000000000"
dns_pdns_add() {
fulldomain=$1
txtvalue=$2
if [ -z "$PDNS_Url" ] ; then
_err "You don't specify PowerDNS address."
_err "Please set PDNS_Url and try again."
return 1
fi
if [ -z "$PDNS_ServerId" ] ; then
_err "You don't specify PowerDNS server id."
_err "Please set you PDNS_ServerId and try again."
return 1
fi
if [ -z "$PDNS_Token" ] ; then
_err "You don't specify PowerDNS token."
_err "Please create you PDNS_Token and try again."
return 1
fi
if [ -z "$PDNS_Ttl" ] ; then
PDNS_Ttl=$DEFAULT_PDNS_TTL
fi
#save the api addr and key to the account conf file.
_saveaccountconf PDNS_Url "$PDNS_Url"
_saveaccountconf PDNS_ServerId "$PDNS_ServerId"
_saveaccountconf PDNS_Token "$PDNS_Token"
if [ "$PDNS_Ttl" != "$DEFAULT_PDNS_TTL" ] ; then
_saveaccountconf PDNS_Ttl "$PDNS_Ttl"
fi
_debug "First detect the root zone"
if ! _get_root $fulldomain ; then
_err "invalid domain"
return 1
fi
_debug _domain "$_domain"
if ! set_record "$_domain" "$fulldomain" "$txtvalue" ; then
return 1
fi
return 0
}
set_record() {
_info "Adding record"
root=$1
full=$2
txtvalue=$3
if ! _pdns_rest "PATCH" "/api/v1/servers/$PDNS_ServerId/zones/$root." "{\"rrsets\": [{\"name\": \"$full.\", \"changetype\": \"REPLACE\", \"type\": \"TXT\", \"ttl\": $PDNS_Ttl, \"records\": [{\"name\": \"$full.\", \"type\": \"TXT\", \"content\": \"\\\"$txtvalue\\\"\", \"disabled\": false, \"ttl\": $PDNS_Ttl}]}]}" ; then
_err "Set txt record error."
return 1
fi
if ! _pdns_rest "PUT" "/api/v1/servers/$PDNS_ServerId/zones/$root./notify" ; then
_err "Notify servers error."
return 1
fi
return 0
}
#################### Private functions bellow ##################################
#_acme-challenge.www.domain.com
#returns
# _domain=domain.com
_get_root() {
domain=$1
i=1
p=1
if _pdns_rest "GET" "/api/v1/servers/$PDNS_ServerId/zones" ; then
_zones_response=$response
fi
while [ '1' ] ; do
h=$(printf $domain | cut -d . -f $i-100)
if [ -z "$h" ] ; then
return 1
fi
if printf "$_zones_response" | grep "\"name\": \"$h.\"" >/dev/null ; then
_domain=$h
return 0
fi
p=$i
i=$(expr $i + 1)
done
_debug "$domain not found"
return 1
}
_pdns_rest() {
method=$1
ep=$2
data=$3
_H1="X-API-Key: $PDNS_Token"
if [ ! "$method" = "GET" ] ; then
_debug data "$data"
response="$(_post "$data" "$PDNS_Url$ep" "" "$method")"
else
response="$(_get "$PDNS_Url$ep")"
fi
if [ "$?" != "0" ] ; then
_err "error $ep"
return 1
fi
_debug2 response "$response"
return 0
}
Loading…
Cancel
Save