Browse Source
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
Merge branch 'dev' of https://github.com/Neilpang/acme.sh into dev
# Conflicts: # README.md # dnsapi/README.mdpull/1878/head
Ne-Lexa
6 years ago
19 changed files with 986 additions and 240 deletions
-
50README.md
-
101acme.sh
-
49deploy/README.md
-
92deploy/qiniu.sh
-
54dnsapi/README.md
-
141dnsapi/dns_active24.sh
-
39dnsapi/dns_cf.sh
-
73dnsapi/dns_dgon.sh
-
2dnsapi/dns_dnsimple.sh
-
59dnsapi/dns_doapi.sh
-
2dnsapi/dns_dp.sh
-
26dnsapi/dns_dynu.sh
-
62dnsapi/dns_gandi_livedns.sh
-
46dnsapi/dns_hostingde.sh
-
3dnsapi/dns_inwx.sh
-
4dnsapi/dns_linode_v4.sh
-
77dnsapi/dns_loopia.sh
-
94dnsapi/dns_namecheap.sh
-
164dnsapi/dns_pointhq.sh
@ -0,0 +1,92 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Script to create certificate to qiniu.com |
||||
|
# |
||||
|
# This deployment required following variables |
||||
|
# export QINIU_AK="QINIUACCESSKEY" |
||||
|
# export QINIU_SK="QINIUSECRETKEY" |
||||
|
# export QINIU_CDN_DOMAIN="cdn.example.com" |
||||
|
|
||||
|
QINIU_API_BASE="https://api.qiniu.com" |
||||
|
|
||||
|
qiniu_deploy() { |
||||
|
_cdomain="$1" |
||||
|
_ckey="$2" |
||||
|
_ccert="$3" |
||||
|
_cca="$4" |
||||
|
_cfullchain="$5" |
||||
|
|
||||
|
_debug _cdomain "$_cdomain" |
||||
|
_debug _ckey "$_ckey" |
||||
|
_debug _ccert "$_ccert" |
||||
|
_debug _cca "$_cca" |
||||
|
_debug _cfullchain "$_cfullchain" |
||||
|
|
||||
|
if [ -z "$QINIU_AK" ]; then |
||||
|
_err "QINIU_AK is not defined." |
||||
|
return 1 |
||||
|
else |
||||
|
_savedomainconf QINIU_AK "$QINIU_AK" |
||||
|
fi |
||||
|
|
||||
|
if [ -z "$QINIU_SK" ]; then |
||||
|
_err "QINIU_SK is not defined." |
||||
|
return 1 |
||||
|
else |
||||
|
_savedomainconf QINIU_SK "$QINIU_SK" |
||||
|
fi |
||||
|
|
||||
|
if [ "$QINIU_CDN_DOMAIN" ]; then |
||||
|
_savedomainconf QINIU_CDN_DOMAIN "$QINIU_CDN_DOMAIN" |
||||
|
else |
||||
|
QINIU_CDN_DOMAIN="$_cdomain" |
||||
|
fi |
||||
|
|
||||
|
## upload certificate |
||||
|
string_fullchain=$(sed 's/$/\\n/' "$_cfullchain" | tr -d '\n') |
||||
|
string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n') |
||||
|
|
||||
|
sslcert_path="/sslcert" |
||||
|
sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$QINIU_CDN_DOMAIN\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}" |
||||
|
sslcert_access_token="$(_make_access_token "$sslcert_path")" |
||||
|
_debug sslcert_access_token "$sslcert_access_token" |
||||
|
export _H1="Authorization: QBox $sslcert_access_token" |
||||
|
sslcert_response=$(_post "$sslcerl_body" "$QINIU_API_BASE$sslcert_path" 0 "POST" "application/json" | _dbase64 "multiline") |
||||
|
|
||||
|
if ! _contains "$sslcert_response" "certID"; then |
||||
|
_err "Error in creating certificate:" |
||||
|
_err "$sslcert_response" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug sslcert_response "$sslcert_response" |
||||
|
_info "Certificate successfully uploaded, updating domain $_cdomain" |
||||
|
|
||||
|
## extract certId |
||||
|
_certId="$(printf "%s" "$sslcert_response" | _normalizeJson | _egrep_o "certID\": *\"[^\"]*\"" | cut -d : -f 2)" |
||||
|
_debug certId "$_certId" |
||||
|
|
||||
|
## update domain ssl config |
||||
|
update_path="/domain/$QINIU_CDN_DOMAIN/httpsconf" |
||||
|
update_body="{\"certid\":$_certId,\"forceHttps\":false}" |
||||
|
update_access_token="$(_make_access_token "$update_path")" |
||||
|
_debug update_access_token "$update_access_token" |
||||
|
export _H1="Authorization: QBox $update_access_token" |
||||
|
update_response=$(_post "$update_body" "$QINIU_API_BASE$update_path" 0 "PUT" "application/json" | _dbase64 "multiline") |
||||
|
|
||||
|
if _contains "$update_response" "error"; then |
||||
|
_err "Error in updating domain httpsconf:" |
||||
|
_err "$update_response" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug update_response "$update_response" |
||||
|
_info "Certificate successfully deployed" |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
_make_access_token() { |
||||
|
_token="$(printf "%s\n" "$1" | _hmac "sha1" "$(printf "%s" "$QINIU_SK" | _hex_dump | tr -d " ")" | _base64)" |
||||
|
echo "$QINIU_AK:$_token" |
||||
|
} |
@ -0,0 +1,141 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#ACTIVE24_Token="sdfsdfsdfljlbjkljlkjsdfoiwje" |
||||
|
|
||||
|
ACTIVE24_Api="https://api.active24.com" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
# Used to add txt record |
||||
|
dns_active24_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
_active24_init |
||||
|
|
||||
|
_info "Adding txt record" |
||||
|
if _active24_rest POST "dns/$_domain/txt/v1" "{\"name\":\"$_sub_domain\",\"text\":\"$txtvalue\",\"ttl\":0}"; then |
||||
|
if _contains "$response" "errors"; then |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
else |
||||
|
_info "Added, OK" |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
# Usage: fulldomain txtvalue |
||||
|
# Used to remove the txt record after validation |
||||
|
dns_active24_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
_active24_init |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
_active24_rest GET "dns/$_domain/records/v1" |
||||
|
|
||||
|
if _contains "$response" "errors"; then |
||||
|
_err "Error" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
hash_ids=$(echo "$response" | _egrep_o "[^{]+${txtvalue}[^}]+" | _egrep_o "hashId\":\"[^\"]+" | cut -c10-) |
||||
|
|
||||
|
for hash_id in $hash_ids; do |
||||
|
_debug "Removing hash_id" "$hash_id" |
||||
|
if _active24_rest DELETE "dns/$_domain/$hash_id/v1" ""; then |
||||
|
if _contains "$response" "errors"; then |
||||
|
_err "Unable to remove txt record." |
||||
|
return 1 |
||||
|
else |
||||
|
_info "Removed txt record." |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
done |
||||
|
|
||||
|
_err "No txt records found." |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _sub_domain=_acme-challenge.www |
||||
|
# _domain=domain.com |
||||
|
# _domain_id=sdjkglgdfewsdfg |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
|
||||
|
if ! _active24_rest GET "dns/domains/v1"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
i=2 |
||||
|
p=1 |
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
_debug "h" "$h" |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _contains "$response" "\"$h\"" >/dev/null; then |
||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
||||
|
_domain=$h |
||||
|
return 0 |
||||
|
fi |
||||
|
p=$i |
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_active24_rest() { |
||||
|
m=$1 |
||||
|
ep="$2" |
||||
|
data="$3" |
||||
|
_debug "$ep" |
||||
|
|
||||
|
export _H1="Authorization: Bearer $ACTIVE24_Token" |
||||
|
|
||||
|
if [ "$m" != "GET" ]; then |
||||
|
_debug "data" "$data" |
||||
|
response="$(_post "$data" "$ACTIVE24_Api/$ep" "" "$m" "application/json")" |
||||
|
else |
||||
|
response="$(_get "$ACTIVE24_Api/$ep")" |
||||
|
fi |
||||
|
|
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error $ep" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
_active24_init() { |
||||
|
ACTIVE24_Token="${ACTIVE24_Token:-$(_readaccountconf_mutable ACTIVE24_Token)}" |
||||
|
if [ -z "$ACTIVE24_Token" ]; then |
||||
|
ACTIVE24_Token="" |
||||
|
_err "You didn't specify a Active24 api token yet." |
||||
|
_err "Please create the token and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_saveaccountconf_mutable ACTIVE24_Token "ACTIVE24_Token" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
} |
@ -0,0 +1,59 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Official Let's Encrypt API for do.de / Domain-Offensive |
||||
|
# |
||||
|
# This is different from the dns_do adapter, because dns_do is only usable for enterprise customers |
||||
|
# This API is also available to private customers/individuals |
||||
|
# |
||||
|
# Provide the required LetsEncrypt token like this: |
||||
|
# DO_LETOKEN="FmD408PdqT1E269gUK57" |
||||
|
|
||||
|
DO_API="https://www.do.de/api/letsencrypt" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_doapi_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}" |
||||
|
if [ -z "$DO_LETOKEN" ]; then |
||||
|
DO_LETOKEN="" |
||||
|
_err "You didn't configure a do.de API token yet." |
||||
|
_err "Please set DO_LETOKEN and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN" |
||||
|
|
||||
|
_info "Adding TXT record to ${fulldomain}" |
||||
|
response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&value=${txtvalue}")" |
||||
|
if _contains "${response}" 'success'; then |
||||
|
return 0 |
||||
|
fi |
||||
|
_err "Could not create resource record, check logs" |
||||
|
_err "${response}" |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
dns_doapi_rm() { |
||||
|
fulldomain=$1 |
||||
|
|
||||
|
DO_LETOKEN="${DO_LETOKEN:-$(_readaccountconf_mutable DO_LETOKEN)}" |
||||
|
if [ -z "$DO_LETOKEN" ]; then |
||||
|
DO_LETOKEN="" |
||||
|
_err "You didn't configure a do.de API token yet." |
||||
|
_err "Please set DO_LETOKEN and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable DO_LETOKEN "$DO_LETOKEN" |
||||
|
|
||||
|
_info "Deleting resource record $fulldomain" |
||||
|
response="$(_get "$DO_API?token=$DO_LETOKEN&domain=${fulldomain}&action=delete")" |
||||
|
if _contains "${response}" 'success'; then |
||||
|
return 0 |
||||
|
fi |
||||
|
_err "Could not delete resource record, check logs" |
||||
|
_err "${response}" |
||||
|
return 1 |
||||
|
} |
@ -0,0 +1,164 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# |
||||
|
#PointHQ_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" |
||||
|
# |
||||
|
#PointHQ_Email="xxxx@sss.com" |
||||
|
|
||||
|
PointHQ_Api="https://api.pointhq.com" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_pointhq_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}" |
||||
|
PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}" |
||||
|
if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then |
||||
|
PointHQ_Key="" |
||||
|
PointHQ_Email="" |
||||
|
_err "You didn't specify a PointHQ API key and email yet." |
||||
|
_err "Please create the key and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _contains "$PointHQ_Email" "@"; then |
||||
|
_err "It seems that the PointHQ_Email=$PointHQ_Email is not a valid email address." |
||||
|
_err "Please check and retry." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
#save the api key and email to the account conf file. |
||||
|
_saveaccountconf_mutable PointHQ_Key "$PointHQ_Key" |
||||
|
_saveaccountconf_mutable PointHQ_Email "$PointHQ_Email" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_info "Adding record" |
||||
|
if _pointhq_rest POST "zones/$_domain/records" "{\"zone_record\": {\"name\":\"$_sub_domain\",\"record_type\":\"TXT\",\"data\":\"$txtvalue\",\"ttl\":3600}}"; then |
||||
|
if printf -- "%s" "$response" | grep "$fulldomain" >/dev/null; then |
||||
|
_info "Added, OK" |
||||
|
return 0 |
||||
|
else |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
#fulldomain txtvalue |
||||
|
dns_pointhq_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}" |
||||
|
PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}" |
||||
|
if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then |
||||
|
PointHQ_Key="" |
||||
|
PointHQ_Email="" |
||||
|
_err "You didn't specify a PointHQ API key and email yet." |
||||
|
_err "Please create the key and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
_pointhq_rest GET "zones/${_domain}/records?record_type=TXT&name=$_sub_domain" |
||||
|
|
||||
|
if ! printf "%s" "$response" | grep "^\[" >/dev/null; then |
||||
|
_err "Error" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if [ "$response" = "[]" ]; then |
||||
|
_info "No records to remove." |
||||
|
else |
||||
|
record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | cut -d : -f 2 | tr -d \" | head -n 1) |
||||
|
_debug "record_id" "$record_id" |
||||
|
if [ -z "$record_id" ]; then |
||||
|
_err "Can not get record id to remove." |
||||
|
return 1 |
||||
|
fi |
||||
|
if ! _pointhq_rest DELETE "zones/$_domain/records/$record_id"; then |
||||
|
_err "Delete record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
_contains "$response" '"status":"OK"' |
||||
|
fi |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _sub_domain=_acme-challenge.www |
||||
|
# _domain=domain.com |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
i=2 |
||||
|
p=1 |
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
_debug h "$h" |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _pointhq_rest GET "zones"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _contains "$response" "\"name\":\"$h\"" >/dev/null; then |
||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
||||
|
_domain=$h |
||||
|
return 0 |
||||
|
fi |
||||
|
p=$i |
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_pointhq_rest() { |
||||
|
m=$1 |
||||
|
ep="$2" |
||||
|
data="$3" |
||||
|
_debug "$ep" |
||||
|
|
||||
|
_pointhq_auth=$(printf "%s:%s" "$PointHQ_Email" "$PointHQ_Key" | _base64) |
||||
|
|
||||
|
export _H1="Authorization: Basic $_pointhq_auth" |
||||
|
export _H2="Content-Type: application/json" |
||||
|
export _H3="Accept: application/json" |
||||
|
|
||||
|
if [ "$m" != "GET" ]; then |
||||
|
_debug data "$data" |
||||
|
response="$(_post "$data" "$PointHQ_Api/$ep" "" "$m")" |
||||
|
else |
||||
|
response="$(_get "$PointHQ_Api/$ep")" |
||||
|
fi |
||||
|
|
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error $ep" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue