Terry Kerr
7 years ago
1 changed files with 145 additions and 0 deletions
@ -0,0 +1,145 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Vultr API |
||||
|
# |
||||
|
# Usage: |
||||
|
# VULTR_API_KEY needs to be exported with your API key |
||||
|
# |
||||
|
# Recommendations: |
||||
|
# Vultr supports sub-accounts with limited privileges, and |
||||
|
# restricting which IPs can originate requests with a |
||||
|
# given api key - use both or either where you possibly can. |
||||
|
# |
||||
|
# Author: Terry Kerr <root@oefd.ca> |
||||
|
# Report Bugs here: https://github.com/oefd/acme.sh |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
dns_vultr_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
_info "Using vultr api" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
VULTR_API_KEY="${VULTR_API_KEY:-$(_readaccountconf_mutable VULTR_API_KEY)}" |
||||
|
if test -z "$VULTR_API_KEY"; then |
||||
|
VULTR_API_KEY="" |
||||
|
_err "VULTR_API_KEY was not exported" |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable VULTR_API_KEY "$VULTR_API_KEY" |
||||
|
|
||||
|
if ! _split_domain "$fulldomain"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# add the TXT record |
||||
|
export _H1="Content-Type: application/x-www-form-urlencoded" |
||||
|
export _H2="Api-Key: $VULTR_API_KEY" |
||||
|
_endpoint="https://api.vultr.com/v1/dns/create_record" |
||||
|
_body="domain=$account_domain&name=$sub_domain&data=\"$txtvalue\"&type=TXT" |
||||
|
_response="$(_post "$_body" "$_endpoint")" |
||||
|
if test "$?" != "0"; then |
||||
|
_err "failed adding txt record: $_response" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 _response "$_response" |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#Usage: fulldomain txtvalue |
||||
|
#Remove the txt record after validation. |
||||
|
dns_vultr_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
_info "Using vultr api" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
VULTR_API_KEY="${VULTR_API_KEY:-$(_readaccountconf_mutable VULTR_API_KEY)}" |
||||
|
if test -z "$VULTR_API_KEY"; then |
||||
|
VULTR_API_KEY="" |
||||
|
_err "VULTR_API_KEY was not exported" |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable VULTR_API_KEY "$VULTR_API_KEY" |
||||
|
|
||||
|
if ! _split_domain "$fulldomain"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# get domain records for domain |
||||
|
export _H1="Api-Key: $VULTR_API_KEY" |
||||
|
_endpoint="https://api.vultr.com/v1/dns/records?domain=$account_domain" |
||||
|
_response="$(_get "$_endpoint")" |
||||
|
if test "$?" != "0"; then |
||||
|
_err "failed getting domain records: $_response" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 _records "$_response" |
||||
|
|
||||
|
# grab TXT records (their whole JSON object), then filter them by those |
||||
|
# with a name starting with _acme-challenge, then finally filter by the |
||||
|
# data being equal to $txtvalue. |
||||
|
_record="$(echo "$_response" | _egrep_o "{[^}]*\"type\"\\s*:\\s*\"TXT\"[^}]*}")" |
||||
|
_record="$(echo "$_record" | grep "\"name\"\\s*:\\s*\"_acme-challenge")" |
||||
|
_record="$(echo "$_record" | grep "\"data\"\\s*:\\W*$txtvalue")" |
||||
|
# take the RECORDID field of the relevant record and get the id value from it |
||||
|
_record_id="$(echo "$_record" | _egrep_o "\"RECORDID\"\\s*:\\s*[^,]+")" |
||||
|
_record_id="$(_getfield "$_record_id" 2 ':')" |
||||
|
|
||||
|
# remove the txt record |
||||
|
export _H1="Content-Type: application/x-www-form-urlencoded" |
||||
|
export _H2="Api-Key: $VULTR_API_KEY" |
||||
|
_endpoint="https://api.vultr.com/v1/dns/delete_record" |
||||
|
_body="domain=$account_domain&RECORDID=$_record_id" |
||||
|
_response="$(_post "$_body" "$_endpoint")" |
||||
|
if test "$?" != "0"; then |
||||
|
_err "error deleting txt record: $_response" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 _response "$_response" |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
|
||||
|
# break the passed full domain into the sub domain part |
||||
|
# which corrosponds to the record 'name' in vultr, and |
||||
|
# the account domain which is the base domain vultr has |
||||
|
# control of the DNS data for |
||||
|
_split_domain() { |
||||
|
_domain="$1" |
||||
|
|
||||
|
# get domains for this account |
||||
|
export _H1="Api-Key: $VULTR_API_KEY" |
||||
|
_endpoint="https://api.vultr.com/v1/dns/list" |
||||
|
_domain_list="$(_get "$_endpoint")" |
||||
|
if test "$?" != "0"; then |
||||
|
_err "error retrieving account domains: $_domain_list" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 _domain_list "$_domain_list" |
||||
|
|
||||
|
# match everything up to the first literal `.` and discard it |
||||
|
_cut_domain="s/^[^\\.]*\\.//" |
||||
|
# try each domain formed by stripping a subdomain, stripping |
||||
|
# before the check to cut the initial _acme-challenge. part |
||||
|
while _contains "$_domain" "\\."; do |
||||
|
_domain="$(echo "$_domain" | sed "$_cut_domain")" |
||||
|
|
||||
|
if _contains "$_domain_list" "\"$_domain\""; then |
||||
|
account_domain="$_domain" |
||||
|
sub_domain="$(echo "$fulldomain" | sed "s/\\.$_domain\$//")" |
||||
|
_debug account_domain "$account_domain" |
||||
|
_debug sub_domain "$sub_domain" |
||||
|
return 0 |
||||
|
fi |
||||
|
done |
||||
|
|
||||
|
_err "No domain in vultr account for $1" |
||||
|
return 1 |
||||
|
} |
||||
Write
Preview
Loading…
Cancel
Save
Reference in new issue