From c2f8b4d1f2821e927b3b8b614c6e0eaf73fc7170 Mon Sep 17 00:00:00 2001 From: pileus-lines Date: Mon, 23 Jun 2025 22:50:32 +0200 Subject: [PATCH 01/14] Update dns_infomaniak.sh because infomaniak API v1 no longer works --- dnsapi/dns_infomaniak.sh | 92 ++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 51 deletions(-) diff --git a/dnsapi/dns_infomaniak.sh b/dnsapi/dns_infomaniak.sh index ea5ef461..34795888 100755 --- a/dnsapi/dns_infomaniak.sh +++ b/dnsapi/dns_infomaniak.sh @@ -6,6 +6,7 @@ Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_infomaniak Options: INFOMANIAK_API_TOKEN API Token Issues: github.com/acmesh-official/acme.sh/issues/3188 + ' # To use this API you need visit the API dashboard of your account @@ -65,33 +66,32 @@ dns_infomaniak_add() { _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" - fqdn=${fulldomain#_acme-challenge.} - # guess which base domain to add record to - zone_and_id=$(_find_zone "$fqdn") - if [ -z "$zone_and_id" ]; then - _err "cannot find zone to modify" + zone=$(_get_zone "$fulldomain") + if [ -z "$zone" ]; then + _err "cannot find zone:<${zone}> to modify" return 1 fi - zone=${zone_and_id% *} - domain_id=${zone_and_id#* } # extract first part of domain key=${fulldomain%."$zone"} - _debug "zone:$zone id:$domain_id key:$key" + _debug "key:$key" + _debug "txtvalue: $txtvalue" # payload data="{\"type\": \"TXT\", \"source\": \"$key\", \"target\": \"$txtvalue\", \"ttl\": $INFOMANIAK_TTL}" # API call - response=$(_post "$data" "${INFOMANIAK_API_URL}/1/domain/$domain_id/dns/record") - if [ -n "$response" ] && echo "$response" | _contains '"result":"success"'; then - _info "Record added" - _debug "Response: $response" - return 0 + response=$(_post "$data" "${INFOMANIAK_API_URL}/2/zones/${zone}/records") + if [ -n "$response" ]; then + if [ ! "$(echo "$response" | _contains '"result":"success"')" ]; then + _info "Record added" + _debug "response: $response" + return 0 + fi fi - _err "could not create record" + _err "Could not create record." _debug "Response: $response" return 1 } @@ -106,7 +106,7 @@ dns_infomaniak_rm() { if [ -z "$INFOMANIAK_API_TOKEN" ]; then INFOMANIAK_API_TOKEN="" - _err "Please provide a valid Infomaniak API token in variable INFOMANIAK_API_TOKEN" + _err "Please provide a valid Infomaniak API token in variable INFOMANIAK_API_TOKEN." return 1 fi @@ -138,63 +138,53 @@ dns_infomaniak_rm() { _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" - fqdn=${fulldomain#_acme-challenge.} - # guess which base domain to add record to - zone_and_id=$(_find_zone "$fqdn") - if [ -z "$zone_and_id" ]; then - _err "cannot find zone to modify" + zone=$(_get_zone "$fulldomain") + if [ -z "$zone" ]; then + _err "cannot find zone:<$zone> to modify" return 1 fi - zone=${zone_and_id% *} - domain_id=${zone_and_id#* } # extract first part of domain key=${fulldomain%."$zone"} + key=$(echo "$key" | _lower_case) - _debug "zone:$zone id:$domain_id key:$key" + _debug "zone:$zone" + _debug "key:$key" # find previous record - # shellcheck disable=SC1004 - record_id=$(_get "${INFOMANIAK_API_URL}/1/domain/$domain_id/dns/record" | sed 's/.*"data":\[\(.*\)\]}/\1/; s/},{/}\ -{/g' | sed -n 's/.*"id":"*\([0-9]*\)"*.*"source_idn":"'"$fulldomain"'".*"target_idn":"'"$txtvalue"'".*/\1/p') + # shellcheck disable=SC2086 + response=$(_get "${INFOMANIAK_API_URL}/2/zones/${zone}/records" | sed 's/.*"data":\[\(.*\)\]}/\1/; s/},{/}{/g') + record_id=$(echo "$response" | sed -n 's/.*"id":"*\([0-9]*\)"*.*"source":"'"$key"'".*"target":"\\"'"$txtvalue"'\\"".*/\1/p') + _debug "key: $key" + _debug "txtvalue: $txtvalue" + _debug "record_id: $record_id" + if [ -z "$record_id" ]; then _err "could not find record to delete" + _debug "response: $response" return 1 fi - _debug "record_id: $record_id" # API call - response=$(_post "" "${INFOMANIAK_API_URL}/1/domain/$domain_id/dns/record/$record_id" "" DELETE) - if [ -n "$response" ] && echo "$response" | _contains '"result":"success"'; then - _info "Record deleted" - return 0 + response=$(_post "" "${INFOMANIAK_API_URL}/2/zones/${zone}/records/${record_id}" "" DELETE) + if [ -n "$response" ]; then + if [ ! "$(echo "$response" | _contains '"result":"success"')" ]; then + _info "Record deleted" + return 0 + fi fi - _err "could not delete record" + _err "Could not delete record." + _debug "Response: $response" return 1 } #################### Private functions below ################################## -_get_domain_id() { +_get_zone() { domain="$1" - + # Whatever the domain is, you can get the fqdn with the following. # shellcheck disable=SC1004 - _get "${INFOMANIAK_API_URL}/1/product?service_name=domain&customer_name=$domain" | sed 's/.*"data":\[{\(.*\)}\]}/\1/; s/,/\ -/g' | sed -n 's/^"id":\(.*\)/\1/p' -} - -_find_zone() { - zone="$1" - - # find domain in list, removing . parts sequentialy - while _contains "$zone" '\.'; do - _debug "testing $zone" - id=$(_get_domain_id "$zone") - if [ -n "$id" ]; then - echo "$zone $id" - return - fi - zone=${zone#*.} - done + response=$(_get "${INFOMANIAK_API_URL}/2/domains/${domain}/zones" | sed 's/.*\[{"fqdn"\:"\(.*\)/\1/') + echo "${response%%\"*}" } From 45c4a98f1d8bcb28a051de8437be790a3a168266 Mon Sep 17 00:00:00 2001 From: Viktor Polyakov Date: Mon, 11 Aug 2025 16:05:09 +0300 Subject: [PATCH 02/14] feat: add message_thread_id to telegram notifications --- notify/telegram.sh | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) mode change 100644 => 100755 notify/telegram.sh diff --git a/notify/telegram.sh b/notify/telegram.sh old mode 100644 new mode 100755 index ccbd1533..97dd2861 --- a/notify/telegram.sh +++ b/notify/telegram.sh @@ -1,10 +1,14 @@ -#!/usr/bin/env sh +#!/usr/bin/bash #Support Telegram Bots #TELEGRAM_BOT_APITOKEN="" #TELEGRAM_BOT_CHATID="" #TELEGRAM_BOT_URLBASE="" +#TELEGRAM_BOT_THREADID="" + +# To get TELEGRAM_BOT_THREADID, just copy the link of the message from the thread. +# https://t.me/c/123456789/XXX/1520 - XXX is the TELEGRAM_BOT_THREADID telegram_send() { _subject="$1" @@ -28,6 +32,12 @@ telegram_send() { fi _saveaccountconf_mutable TELEGRAM_BOT_CHATID "$TELEGRAM_BOT_CHATID" + TELEGRAM_BOT_THREADID="${TELEGRAM_BOT_THREADID:-$(_readaccountconf_mutable TELEGRAM_BOT_THREADID)}" + if [ -z "$TELEGRAM_BOT_THREADID" ]; then + TELEGRAM_BOT_THREADID="" + fi + _saveaccountconf_mutable TELEGRAM_BOT_THREADID "$TELEGRAM_BOT_THREADID" + TELEGRAM_BOT_URLBASE="${TELEGRAM_BOT_URLBASE:-$(_readaccountconf_mutable TELEGRAM_BOT_URLBASE)}" if [ -z "$TELEGRAM_BOT_URLBASE" ]; then TELEGRAM_BOT_URLBASE="https://api.telegram.org" @@ -39,6 +49,9 @@ telegram_send() { _content="$(printf "*%s*\n%s" "$_subject" "$_content" | _json_encode)" _data="{\"text\": \"$_content\", " _data="$_data\"chat_id\": \"$TELEGRAM_BOT_CHATID\", " + if [ -n "$TELEGRAM_BOT_THREADID" ]; then + _data="$_data\"message_thread_id\": \"$TELEGRAM_BOT_THREADID\", " + fi _data="$_data\"parse_mode\": \"MarkdownV2\", " _data="$_data\"disable_web_page_preview\": \"1\"}" From 6ca19fb003b3393b066c5b8453e0cde8ad20e5f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Lal?= Date: Thu, 18 Dec 2025 09:50:31 +0100 Subject: [PATCH 03/14] Ensure ssh.sh sets 600 permissions on keyfile --- deploy/ssh.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/ssh.sh b/deploy/ssh.sh index c66e2e19..3039c4ea 100644 --- a/deploy/ssh.sh +++ b/deploy/ssh.sh @@ -239,7 +239,7 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d fi else # ssh echo to the file - _cmdstr="$_cmdstr echo \"$(cat "$_ckey")\" > $DEPLOY_SSH_KEYFILE;" + _cmdstr="$_cmdstr echo \"$(cat "$_ckey")\" > $DEPLOY_SSH_KEYFILE; chmod 600 $DEPLOY_SSH_KEYFILE;" _info "will copy private key to remote file $DEPLOY_SSH_KEYFILE" if [ "$DEPLOY_SSH_MULTI_CALL" = "yes" ]; then if ! _ssh_remote_cmd "$_cmdstr"; then From 57db3889325ef95896d2677306e7d20d4d3360c8 Mon Sep 17 00:00:00 2001 From: invario <67800603+invario@users.noreply.github.com> Date: Mon, 22 Dec 2025 20:25:28 -0500 Subject: [PATCH 04/14] Docker with non-root using supercronic Replaces cronie with supercronic to allow non-root users to have cronjobs. Creates user/group acme:acme UID:1000/GID:1000 with home directory pointing to LE_CONFIG_HOME (default: /acme.sh) 'crontab' is generated in LE_CONFIG_HOME which is used by supercronic. Note that `acme.sh --installcronjob` and `--uninstallcronjob` when run as a non-root user will fail but neither of should be used in `daemon` mode anyway. Signed-off-by: invario <67800603+invario@users.noreply.github.com> --- Dockerfile | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 36b2adac..64d14909 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,7 @@ RUN apk --no-cache add -f \ libidn \ jq \ yq-go \ - cronie + supercronic ENV LE_WORKING_DIR=/acmebin @@ -30,10 +30,12 @@ COPY ./deploy /install_acme.sh/deploy COPY ./dnsapi /install_acme.sh/dnsapi COPY ./notify /install_acme.sh/notify -RUN cd /install_acme.sh && ([ -f /install_acme.sh/acme.sh ] && /install_acme.sh/acme.sh --install || curl https://get.acme.sh | sh) && rm -rf /install_acme.sh/ +RUN addgroup -g 1000 acme && adduser -h $LE_CONFIG_HOME -s /bin/sh -G acme -D -H -u 1000 acme +RUN cd /install_acme.sh && ([ -f /install_acme.sh/acme.sh ] && /install_acme.sh/acme.sh --install || curl https://get.acme.sh | sh) && rm -rf /install_acme.sh/ -RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh && crontab -l | grep acme.sh | sed 's#> /dev/null#> /proc/1/fd/1 2>/proc/1/fd/2#' | crontab - +RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh \ + && crontab -l | grep acme.sh | sed 's#> /dev/null##' > $LE_CONFIG_HOME/crontab RUN for verb in help \ version \ @@ -72,12 +74,15 @@ RUN for verb in help \ RUN printf "%b" '#!'"/usr/bin/env sh\n \ if [ \"\$1\" = \"daemon\" ]; then \n \ - exec crond -n -s -m off \n \ + echo \"Running Supercronic using crontab at \$LE_CONFIG_HOME/crontab\" \n \ + exec -- /usr/bin/supercronic \"\$LE_CONFIG_HOME/crontab\" \n \ else \n \ exec -- \"\$@\"\n \ fi\n" >/entry.sh && chmod +x /entry.sh && chmod -R o+rwx $LE_WORKING_DIR && chmod -R o+rwx $LE_CONFIG_HOME VOLUME /acme.sh +USER 1000:1000 + ENTRYPOINT ["/entry.sh"] CMD ["--help"] From 6f5a0c5d5e961a7886cd3fae6ac72daab94787b1 Mon Sep 17 00:00:00 2001 From: invario <67800603+invario@users.noreply.github.com> Date: Tue, 23 Dec 2025 21:45:41 -0500 Subject: [PATCH 05/14] have entry.sh (instead of dockerfile) generate crontab file Signed-off-by: invario <67800603+invario@users.noreply.github.com> --- Dockerfile | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 64d14909..626f835d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -34,8 +34,7 @@ RUN addgroup -g 1000 acme && adduser -h $LE_CONFIG_HOME -s /bin/sh -G acme -D -H RUN cd /install_acme.sh && ([ -f /install_acme.sh/acme.sh ] && /install_acme.sh/acme.sh --install || curl https://get.acme.sh | sh) && rm -rf /install_acme.sh/ -RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh \ - && crontab -l | grep acme.sh | sed 's#> /dev/null##' > $LE_CONFIG_HOME/crontab +RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh RUN for verb in help \ version \ @@ -74,6 +73,13 @@ RUN for verb in help \ RUN printf "%b" '#!'"/usr/bin/env sh\n \ if [ \"\$1\" = \"daemon\" ]; then \n \ + if [ ! -f \"\$LE_CONFIG_HOME/crontab\" ]; then \n \ + echo \"\$LE_CONFIG_HOME/crontab not found, generating one\" \n \ + time=\$(date -u \"+%s\") \n \ + random_minute=\$((\$time % 60)) \n \ + random_hour=\$((\$time / 60 % 24)) \n \ + echo \"\$random_minute \$random_hour * * * \\\"\$LE_WORKING_DIR\\\"/acme.sh --cron --home \\\"\$LE_WORKING_DIR\\\" --config-home \\\"\$LE_CONFIG_HOME\\\"\" > \"\$LE_CONFIG_HOME\"/crontab \n \ + fi \n \ echo \"Running Supercronic using crontab at \$LE_CONFIG_HOME/crontab\" \n \ exec -- /usr/bin/supercronic \"\$LE_CONFIG_HOME/crontab\" \n \ else \n \ @@ -82,7 +88,5 @@ fi\n" >/entry.sh && chmod +x /entry.sh && chmod -R o+rwx $LE_WORKING_DIR && chmo VOLUME /acme.sh -USER 1000:1000 - ENTRYPOINT ["/entry.sh"] CMD ["--help"] From 6a98b9f81e9057cd0eda1427a446da20cc305d1d Mon Sep 17 00:00:00 2001 From: invario <67800603+invario@users.noreply.github.com> Date: Tue, 30 Dec 2025 12:44:46 -0500 Subject: [PATCH 06/14] chown /acme.sh to non-root user and set HOME to /acme.sh Signed-off-by: invario <67800603+invario@users.noreply.github.com> --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index 626f835d..15439e5a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,6 +20,8 @@ ENV LE_WORKING_DIR=/acmebin ENV LE_CONFIG_HOME=/acme.sh +ENV HOME=/acme.sh + ARG AUTO_UPGRADE=1 ENV AUTO_UPGRADE=$AUTO_UPGRADE @@ -36,6 +38,8 @@ RUN cd /install_acme.sh && ([ -f /install_acme.sh/acme.sh ] && /install_acme.sh/ RUN ln -s $LE_WORKING_DIR/acme.sh /usr/local/bin/acme.sh +RUN chown -R acme:acme $LE_CONFIG_HOME + RUN for verb in help \ version \ install \ From 477277bd2dbab0d4f4d3db9592e979fc553679b3 Mon Sep 17 00:00:00 2001 From: JF DAGUIN <74184010+jf-lines@users.noreply.github.com> Date: Fri, 30 Jan 2026 23:00:25 +0100 Subject: [PATCH 07/14] Rewrite token scope and URL to add one Updated comments for clarity and formatting. --- dnsapi/dns_infomaniak.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/dnsapi/dns_infomaniak.sh b/dnsapi/dns_infomaniak.sh index 34795888..0ae32b47 100755 --- a/dnsapi/dns_infomaniak.sh +++ b/dnsapi/dns_infomaniak.sh @@ -9,12 +9,13 @@ Issues: github.com/acmesh-official/acme.sh/issues/3188 ' -# To use this API you need visit the API dashboard of your account -# once logged into https://manager.infomaniak.com add /api/dashboard to the URL -# +# To use this API you need visit the API dashboard of your account. # Note: the URL looks like this: -# https://manager.infomaniak.com/v3//api/dashboard -# Then generate a token with the scope Domain +# https://manager.infomaniak.com/v3//ng/profile/user/token/list +# Then generate a token with following scopes : +# - domain:read +# - dns:read +# - dns:write # this is given as an environment variable INFOMANIAK_API_TOKEN # base variables From 6a60695549c6417afb7ef73e0b5b00879376b4e0 Mon Sep 17 00:00:00 2001 From: David Gallay Date: Tue, 3 Feb 2026 10:51:42 +0100 Subject: [PATCH 08/14] Allowing panos deploy-hook to only depend on PANOS_KEY. Previous version add bugs that were not properly using the _api_key. It also enforced to provide PANOS_USER and PANOS_PASSWORD which can be very constraining. PANOS_KEY now has precedence. If not provided, the script falls back to PANOS_USER and PANOS_PASSWORD. --- deploy/panos.sh | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/deploy/panos.sh b/deploy/panos.sh index c54d21fe..019d8c62 100644 --- a/deploy/panos.sh +++ b/deploy/panos.sh @@ -207,13 +207,12 @@ panos_deploy() { fi # PANOS_KEY - _getdeployconf PANOS_KEY if [ "$PANOS_KEY" ]; then - _debug "Detected saved key." - _panos_key=$PANOS_KEY + _debug "Detected ENV variable PANOS_KEY. Saving to file." + _savedeployconf PANOS_KEY "$PANOS_KEY" 1 else - _debug "No key detected" - unset _panos_key + _debug "Attempting to load variable PANOS_KEY from file." + _getdeployconf PANOS_KEY fi # PANOS_TEMPLATE @@ -256,6 +255,7 @@ panos_deploy() { _panos_host=$PANOS_HOST _panos_user=$PANOS_USER _panos_pass=$PANOS_PASS + _panos_key=$PANOS_KEY _panos_template=$PANOS_TEMPLATE _panos_template_stack=$PANOS_TEMPLATE_STACK _panos_vsys=$PANOS_VSYS @@ -271,12 +271,6 @@ panos_deploy() { if [ -z "$_panos_host" ]; then _err "No host found. If this is your first time deploying, please set PANOS_HOST in ENV variables. You can delete it after you have successfully deployed the certs." return 1 - elif [ -z "$_panos_user" ]; then - _err "No user found. If this is your first time deploying, please set PANOS_USER in ENV variables. You can delete it after you have successfully deployed the certs." - return 1 - elif [ -z "$_panos_pass" ]; then - _err "No password found. If this is your first time deploying, please set PANOS_PASS in ENV variables. You can delete it after you have successfully deployed the certs." - return 1 else # Use certificate name based on the first domain on the certificate if no custom certificate name is set if [ -z "$_panos_certname" ]; then @@ -286,6 +280,13 @@ panos_deploy() { # Generate a new API key if no valid API key is found if [ -z "$_panos_key" ]; then + if [ -z "$_panos_user" ]; then + _err "No user found. If this is your first time deploying, please set PANOS_USER in ENV variables. You can delete it after you have successfully deployed the certs." + return 1 + elif [ -z "$_panos_pass" ]; then + _err "No password found. If this is your first time deploying, please set PANOS_PASS in ENV variables. You can delete it after you have successfully deployed the certs." + return 1 + fi _debug "**** Generating new PANOS API KEY ****" deployer keygen _savedeployconf PANOS_KEY "$_panos_key" 1 From 61e986f23c212211010488365d10aa775a3feb9d Mon Sep 17 00:00:00 2001 From: dga-nagra <147379886+dga-nagra@users.noreply.github.com> Date: Wed, 4 Feb 2026 11:01:44 +0100 Subject: [PATCH 09/14] Conditionnaly change permissions (#1) --- deploy/ssh.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/deploy/ssh.sh b/deploy/ssh.sh index 3039c4ea..848380a5 100644 --- a/deploy/ssh.sh +++ b/deploy/ssh.sh @@ -238,8 +238,10 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d return $_err_code fi else + # If file doesn't exist, create it and change its permissions. + _cmdstr="$_cmdstr test ! -f $DEPLOY_SSH_KEYFILE && touch $DEPLOY_SSH_KEYFILE && chmod 600 $DEPLOY_SSH_KEYFILE;" # ssh echo to the file - _cmdstr="$_cmdstr echo \"$(cat "$_ckey")\" > $DEPLOY_SSH_KEYFILE; chmod 600 $DEPLOY_SSH_KEYFILE;" + _cmdstr="$_cmdstr echo \"$(cat "$_ckey")\" > $DEPLOY_SSH_KEYFILE;" _info "will copy private key to remote file $DEPLOY_SSH_KEYFILE" if [ "$DEPLOY_SSH_MULTI_CALL" = "yes" ]; then if ! _ssh_remote_cmd "$_cmdstr"; then From 7236ba2d7c594a79111d1f62b42ef5fcedb9f4d6 Mon Sep 17 00:00:00 2001 From: alexandergott-afk Date: Thu, 5 Feb 2026 09:20:51 +0100 Subject: [PATCH 11/14] Update dns_nsupdate.sh --- dnsapi/dns_nsupdate.sh | 62 ++++++++++++++++++++++++++++-------------- 1 file changed, 41 insertions(+), 21 deletions(-) diff --git a/dnsapi/dns_nsupdate.sh b/dnsapi/dns_nsupdate.sh index d5dbbcbc..e2df39a3 100755 --- a/dnsapi/dns_nsupdate.sh +++ b/dnsapi/dns_nsupdate.sh @@ -6,7 +6,7 @@ Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_nsupdate Options: NSUPDATE_SERVER Server hostname. Default: "localhost". NSUPDATE_SERVER_PORT Server port. Default: "53". - NSUPDATE_KEY File path to TSIG key. + NSUPDATE_KEY File path to TSIG key. Default: "" NSUPDATE_ZONE Domain zone to update. Optional. ' @@ -22,8 +22,6 @@ dns_nsupdate_add() { NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}" NSUPDATE_OPT="${NSUPDATE_OPT:-$(_readaccountconf_mutable NSUPDATE_OPT)}" - _checkKeyFile || return 1 - # save the dns server and key to the account conf file. _saveaccountconf_mutable NSUPDATE_SERVER "${NSUPDATE_SERVER}" _saveaccountconf_mutable NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}" @@ -33,6 +31,7 @@ dns_nsupdate_add() { [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost" [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53 + [ -n "${NSUPDATE_KEY}" ] || NSUPDATE_KEY="" [ -n "${NSUPDATE_OPT}" ] || NSUPDATE_OPT="" _info "adding ${fulldomain}. 60 in txt \"${txtvalue}\"" @@ -40,19 +39,36 @@ dns_nsupdate_add() { [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D" if [ -z "${NSUPDATE_ZONE}" ]; then #shellcheck disable=SC2086 - nsupdate -k "${NSUPDATE_KEY}" $nsdebug $NSUPDATE_OPT < Date: Sat, 7 Feb 2026 22:10:48 +0800 Subject: [PATCH 12/14] Change shebang to use env for portability --- notify/telegram.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/notify/telegram.sh b/notify/telegram.sh index 97dd2861..c6532dc6 100755 --- a/notify/telegram.sh +++ b/notify/telegram.sh @@ -1,4 +1,4 @@ -#!/usr/bin/bash +#!/usr/bin/env sh #Support Telegram Bots From 4807df0c3e24786d42d1f07579313e2c557414a4 Mon Sep 17 00:00:00 2001 From: alexandergott-afk Date: Mon, 9 Feb 2026 10:03:26 +0100 Subject: [PATCH 13/14] Fix Tab --- dnsapi/dns_nsupdate.sh | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/dnsapi/dns_nsupdate.sh b/dnsapi/dns_nsupdate.sh index e2df39a3..c2fa8fc1 100755 --- a/dnsapi/dns_nsupdate.sh +++ b/dnsapi/dns_nsupdate.sh @@ -39,36 +39,36 @@ dns_nsupdate_add() { [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D" if [ -z "${NSUPDATE_ZONE}" ]; then #shellcheck disable=SC2086 - if [ -z "${NSUPDATE_KEY}" ]; then - nsupdate $nsdebug $NSUPDATE_OPT < Date: Mon, 9 Feb 2026 10:39:27 +0100 Subject: [PATCH 14/14] too many spaces removed --- dnsapi/dns_nsupdate.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/dnsapi/dns_nsupdate.sh b/dnsapi/dns_nsupdate.sh index c2fa8fc1..9b14553b 100755 --- a/dnsapi/dns_nsupdate.sh +++ b/dnsapi/dns_nsupdate.sh @@ -40,13 +40,13 @@ dns_nsupdate_add() { if [ -z "${NSUPDATE_ZONE}" ]; then #shellcheck disable=SC2086 if [ -z "${NSUPDATE_KEY}" ]; then - nsupdate $nsdebug $NSUPDATE_OPT <