From ed85d27b85f931acfa39bce69a1c81b60c632674 Mon Sep 17 00:00:00 2001 From: lebaned Date: Wed, 15 Aug 2018 23:28:19 +0200 Subject: [PATCH 1/5] add versio API (dns_versio.sh) --- dnsapi/dns_versio.sh | 214 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 214 insertions(+) create mode 100755 dnsapi/dns_versio.sh diff --git a/dnsapi/dns_versio.sh b/dnsapi/dns_versio.sh new file mode 100755 index 00000000..ff54fc18 --- /dev/null +++ b/dnsapi/dns_versio.sh @@ -0,0 +1,214 @@ +#!/usr/bin/env sh +# +#Author: lebaned +#Report Bugs here: https://github.com/lebaned/acme.sh +# +######## Public functions ##################### + +#Usage: dns_versio_add _acme-challenge.www.domain.com "[txtvalue]" +dns_versio_add() { + fulldomain=$1 + txtvalue=$2 + _info "Using Versio" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + + if ! _get_credentials; then + return 1 + fi + + #save the credentials to the account conf file. + _saveaccountconf_mutable Versio_Username "$Versio_Username" + _saveaccountconf_mutable Versio_Password "$Versio_Password" + + _debug "First detect the root zone" + if ! _get_root "$fulldomain"; then + _err "invalid domain" + return 1 + fi + + _info fulldomain "$fulldomain" + _info _domain "$_domain" + _info _sub_domain "$_sub_domain" + + if ! _get_dns_records "$_domain"; then + _err "invalid domain" + return 1 + fi + + _debug "orginal dnsrecords" "$_dns_records" + _delete_dns_record "TXT" "$fulldomain." + _debug "dnsrecords after deleted old record" "$_dns_records" + _add_dns_record "TXT" "$fulldomain" "\\\"$txtvalue\\\"" 0 300 + _debug "dnsrecords after add record" "{\"dns_records\":[$_dns_records]}" + + if _versio_rest POST "domains/$_domain/update" "{\"dns_records\":[$_dns_records]}"; then + _debug "rest update response" "$response" + return 0 + fi + + _err "Error!" + return 1 +} + +#Usage: fulldomain txtvalue +#Remove the txt record after validation. +dns_versio_rm() { + fulldomain=$1 + txtvalue=$2 + _info "Using Versio" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + if ! _get_credentials; then + return 1 + fi + + _debug "First detect the root zone" + if ! _get_root "$fulldomain"; then + _err "invalid domain" + return 1 + fi + + _info fulldomain "$fulldomain" + _info _domain "$_domain" + _info _sub_domain "$_sub_domain" + + if ! _get_dns_records "$_domain"; then + _err "invalid domain" + return 1 + fi + + _debug "orginal dnsrecords" "$_dns_records" + _delete_dns_record "TXT" "$fulldomain." + _debug "dnsrecords after deleted old record" "$_dns_records" + + if _versio_rest POST "domains/$_domain/update" "{\"dns_records\":[$_dns_records]}"; then + _debug "rest update response" "$response" + return 0 + fi + + _err "Error!" + return 1 + +} + +#################### Private functions below ################################## + + + +#_acme-challenge.www.domain.com +#returns +# _sub_domain=_acme-challenge.www +# _domain=domain.com +_get_root() { + domain=$1 + i=2 + p=1 + + if _versio_rest GET "domains?status=OK"; then + response="$(echo "$response" | tr -d "\n" | sed 's/{/\n&/g')" + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) + _info h "$h" + _debug h "$h" + if [ -z "$h" ]; then + #not valid + return 1 + fi + + hostedzone="$(echo "$response" | _egrep_o "{.*\"domain\":\s*\"$h\".*}")" + if [ "$hostedzone" ]; then + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain=$h + return 0 + fi + p=$i + i=$(_math "$i" + 1) + done + fi + return 1 +} + +#parameters: [record type] [record name] +_delete_dns_record() { + _dns_records=$(echo $_dns_records | sed 's/{"type":"'"$1"'","name":"'"$2"'"[^}]*}[,]\?//' | sed 's/,$//') +} + +#parameters: [type] [name] [value] [prio] [ttl] +_add_dns_record() { + _dns_records="$_dns_records,{\"type\":\"$1\",\"name\":\"$2\",\"value\":\"$3\",\"prio\":$4,\"ttl\":$5}" +} + +#parameters: [root domain] +#returns +# _dns_records +_get_dns_records() { + + if _versio_rest GET "domains/$1?show_dns_records=true"; then + _dns_records=$(echo $response | grep -oP '(?<="dns_records":\[)[^\]]*') + return 0 + fi + return 1 +} + +#method uri qstr data +_versio_rest() { + mtd="$1" + ep="$2" + data="$3" + + _debug mtd "$mtd" + _debug ep "$ep" + + VERSIO_API_URL="https://www.versio.nl/api/v1" + + export _H1="Accept: application/json" + export _H2="Content-Type: application/json" + export _H3="Authorization: Basic $(echo -n """$Versio_Username:$Versio_Password""" | openssl enc -base64)" + + if [ "$mtd" != "GET" ]; then + # both POST and DELETE. + _debug data "$data" + response="$(_post "$data" "$VERSIO_API_URL/$ep" "" "$mtd")" + else + response="$(_get "$VERSIO_API_URL/$ep")" + fi + + case $? in + 0) + ;; + 6) + _err "Authentication failure. Check your Versio email address and password" + return 1 + ;; + *) + _err "Unknown error" + return 1 + ;; + esac + + _debug response "$response" + return 0 +} + +#parameters: [] +#returns: +# Versio_Username +# Versio_Password +_get_credentials() { + Versio_Username="${Versio_Username:-$(_readaccountconf_mutable Versio_Username)}" + Versio_Password="${Versio_Password:-$(_readaccountconf_mutable Versio_Password)}" + if [ -z "$Versio_Username" ] || [ -z "$Versio_Password" ]; then + Versio_Username="" + Versio_Password="" + _err "You don't specify Versio email address and/or password yet." + _err "Example:" + _err "export Versio_Username=[email address]" + _err "export Versio_Password=[password]" + _err "Please create you key and try again." + return 1 + fi + return 0 +} From 154dfb44308b19766f5d76da18f3547cff30d741 Mon Sep 17 00:00:00 2001 From: lebaned Date: Wed, 15 Aug 2018 23:57:50 +0200 Subject: [PATCH 2/5] fixed issues shellcheck.net --- dnsapi/dns_versio.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/dnsapi/dns_versio.sh b/dnsapi/dns_versio.sh index ff54fc18..455869d0 100755 --- a/dnsapi/dns_versio.sh +++ b/dnsapi/dns_versio.sh @@ -133,7 +133,7 @@ _get_root() { #parameters: [record type] [record name] _delete_dns_record() { - _dns_records=$(echo $_dns_records | sed 's/{"type":"'"$1"'","name":"'"$2"'"[^}]*}[,]\?//' | sed 's/,$//') + _dns_records=$(echo "$_dns_records" | sed 's/{"type":"'"$1"'","name":"'"$2"'"[^}]*}[,]\?//' | sed 's/,$//') } #parameters: [type] [name] [value] [prio] [ttl] @@ -147,7 +147,7 @@ _add_dns_record() { _get_dns_records() { if _versio_rest GET "domains/$1?show_dns_records=true"; then - _dns_records=$(echo $response | grep -oP '(?<="dns_records":\[)[^\]]*') + _dns_records=$(echo "$response" | grep -oP '(?<="dns_records":\[)[^\]]*') return 0 fi return 1 @@ -164,9 +164,11 @@ _versio_rest() { VERSIO_API_URL="https://www.versio.nl/api/v1" + VERSIO_CREDENTIALS_BASE64=$(printf "%s:%s" "$Versio_Username" "$Versio_Password" | openssl enc -base64) + export _H1="Accept: application/json" export _H2="Content-Type: application/json" - export _H3="Authorization: Basic $(echo -n """$Versio_Username:$Versio_Password""" | openssl enc -base64)" + export _H3="Authorization: Basic $VERSIO_CREDENTIALS_BASE64" if [ "$mtd" != "GET" ]; then # both POST and DELETE. @@ -178,6 +180,8 @@ _versio_rest() { case $? in 0) + _debug response "$response" + return 0 ;; 6) _err "Authentication failure. Check your Versio email address and password" @@ -188,9 +192,6 @@ _versio_rest() { return 1 ;; esac - - _debug response "$response" - return 0 } #parameters: [] From f722e830fbacebb342caf071b7accbe49d8fe0ba Mon Sep 17 00:00:00 2001 From: lebaned Date: Thu, 16 Aug 2018 19:33:29 +0200 Subject: [PATCH 3/5] fix style --- dnsapi/dns_versio.sh | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/dnsapi/dns_versio.sh b/dnsapi/dns_versio.sh index 455869d0..82056e3b 100755 --- a/dnsapi/dns_versio.sh +++ b/dnsapi/dns_versio.sh @@ -1,7 +1,8 @@ #!/usr/bin/env sh # -#Author: lebaned -#Report Bugs here: https://github.com/lebaned/acme.sh +# DNS API for Versio.nl +# Author: lebaned +# Report Bugs here: https://github.com/lebaned/acme.sh # ######## Public functions ##################### @@ -13,11 +14,10 @@ dns_versio_add() { _debug fulldomain "$fulldomain" _debug txtvalue "$txtvalue" - if ! _get_credentials; then return 1 fi - + #save the credentials to the account conf file. _saveaccountconf_mutable Versio_Username "$Versio_Username" _saveaccountconf_mutable Versio_Password "$Versio_Password" @@ -31,7 +31,7 @@ dns_versio_add() { _info fulldomain "$fulldomain" _info _domain "$_domain" _info _sub_domain "$_sub_domain" - + if ! _get_dns_records "$_domain"; then _err "invalid domain" return 1 @@ -71,9 +71,9 @@ dns_versio_rm() { return 1 fi - _info fulldomain "$fulldomain" - _info _domain "$_domain" - _info _sub_domain "$_sub_domain" + _debug fulldomain "$fulldomain" + _debug _domain "$_domain" + _debug _sub_domain "$_sub_domain" if ! _get_dns_records "$_domain"; then _err "invalid domain" @@ -96,8 +96,6 @@ dns_versio_rm() { #################### Private functions below ################################## - - #_acme-challenge.www.domain.com #returns # _sub_domain=_acme-challenge.www @@ -163,13 +161,12 @@ _versio_rest() { _debug ep "$ep" VERSIO_API_URL="https://www.versio.nl/api/v1" - VERSIO_CREDENTIALS_BASE64=$(printf "%s:%s" "$Versio_Username" "$Versio_Password" | openssl enc -base64) - + export _H1="Accept: application/json" export _H2="Content-Type: application/json" export _H3="Authorization: Basic $VERSIO_CREDENTIALS_BASE64" - + if [ "$mtd" != "GET" ]; then # both POST and DELETE. _debug data "$data" @@ -177,7 +174,7 @@ _versio_rest() { else response="$(_get "$VERSIO_API_URL/$ep")" fi - + case $? in 0) _debug response "$response" @@ -208,7 +205,6 @@ _get_credentials() { _err "Example:" _err "export Versio_Username=[email address]" _err "export Versio_Password=[password]" - _err "Please create you key and try again." return 1 fi return 0 From 8c9ff7e11b79a418ffa151b2f43add7f6ebf9909 Mon Sep 17 00:00:00 2001 From: lebaned Date: Sun, 19 Aug 2018 16:29:15 +0200 Subject: [PATCH 4/5] add Versio to README.md and ./dnsapi/README.md --- README.md | 1 + dnsapi/README.md | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c8bebc6f..8522fd9d 100644 --- a/README.md +++ b/README.md @@ -321,6 +321,7 @@ You don't have to do anything manually! 1. acme-dns (https://github.com/joohoi/acme-dns) 1. TELE3 (https://www.tele3.cz) 1. EUSERV.EU (https://www.euserv.eu) +1. Versio (https://versio.nl) And: diff --git a/dnsapi/README.md b/dnsapi/README.md index 1f394f92..44d15b33 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -897,6 +897,20 @@ acme.sh --issue --dns dns_euserv -d example.com -d *.example.com --insecure The `EUSERV_Username` and `EUSERV_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. Please report any issues to https://github.com/initit/acme.sh or to +## 48. Use Versio.nl API + +First you've to add your ip address to the whitelist in your Versio portal. (Account > Versio API) +Then set your credentials: +``` +export Versio_Username=[email address] +export Versio_Password=[password] +``` + +Now you can issue your cert: +``` +acme.sh --issue --dns versio -d example.com -d *.example.com +``` + # Use custom API If your API is not supported yet, you can write your own DNS API. @@ -917,4 +931,4 @@ See: https://github.com/Neilpang/acme.sh/wiki/DNS-API-Dev-Guide # Use lexicon DNS API -https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api \ No newline at end of file +https://github.com/Neilpang/acme.sh/wiki/How-to-use-lexicon-dns-api From eb63cf39be0bb799414f469c675f50c7349d4fec Mon Sep 17 00:00:00 2001 From: lebaned Date: Wed, 12 Sep 2018 19:19:15 +0200 Subject: [PATCH 5/5] fix dns remove --- dnsapi/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 44d15b33..48514e74 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -910,7 +910,6 @@ Now you can issue your cert: ``` acme.sh --issue --dns versio -d example.com -d *.example.com ``` - # Use custom API If your API is not supported yet, you can write your own DNS API.