Browse Source
Merge branch 'dev' of https://github.com/acmesh-official/acme.sh into dev
pull/3498/head
Merge branch 'dev' of https://github.com/acmesh-official/acme.sh into dev
pull/3498/head
neilpang
4 years ago
4 changed files with 383 additions and 5 deletions
@ -0,0 +1,171 @@ |
|||
#!/usr/bin/env sh |
|||
|
|||
# |
|||
#AURORA_Key="sdfsdfsdfljlbjkljlkjsdfoiwje" |
|||
# |
|||
#AURORA_Secret="sdfsdfsdfljlbjkljlkjsdfoiwje" |
|||
|
|||
AURORA_Api="https://api.auroradns.eu" |
|||
|
|||
######## Public functions ##################### |
|||
|
|||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
|||
dns_aurora_add() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
AURORA_Key="${AURORA_Key:-$(_readaccountconf_mutable AURORA_Key)}" |
|||
AURORA_Secret="${AURORA_Secret:-$(_readaccountconf_mutable AURORA_Secret)}" |
|||
|
|||
if [ -z "$AURORA_Key" ] || [ -z "$AURORA_Secret" ]; then |
|||
AURORA_Key="" |
|||
AURORA_Secret="" |
|||
_err "You didn't specify an Aurora api key and secret yet." |
|||
_err "You can get yours from here https://cp.pcextreme.nl/auroradns/users." |
|||
return 1 |
|||
fi |
|||
|
|||
#save the api key and secret to the account conf file. |
|||
_saveaccountconf_mutable AURORA_Key "$AURORA_Key" |
|||
_saveaccountconf_mutable AURORA_Secret "$AURORA_Secret" |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
_debug _domain_id "$_domain_id" |
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
|
|||
_info "Adding record" |
|||
if _aurora_rest POST "zones/$_domain_id/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":300}"; then |
|||
if _contains "$response" "$txtvalue"; then |
|||
_info "Added, OK" |
|||
return 0 |
|||
elif _contains "$response" "RecordExistsError"; then |
|||
_info "Already exists, OK" |
|||
return 0 |
|||
else |
|||
_err "Add txt record error." |
|||
return 1 |
|||
fi |
|||
fi |
|||
_err "Add txt record error." |
|||
return 1 |
|||
|
|||
} |
|||
|
|||
#fulldomain txtvalue |
|||
dns_aurora_rm() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
AURORA_Key="${AURORA_Key:-$(_readaccountconf_mutable AURORA_Key)}" |
|||
AURORA_Secret="${AURORA_Secret:-$(_readaccountconf_mutable AURORA_Secret)}" |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
_debug _domain_id "$_domain_id" |
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
|
|||
_debug "Getting records" |
|||
_aurora_rest GET "zones/${_domain_id}/records" |
|||
|
|||
if ! _contains "$response" "$txtvalue"; then |
|||
_info "Don't need to remove." |
|||
else |
|||
records=$(echo "$response" | _normalizeJson | tr -d "[]" | sed "s/},{/}|{/g" | tr "|" "\n") |
|||
if [ "$(echo "$records" | wc -l)" -le 2 ]; then |
|||
_err "Can not parse records." |
|||
return 1 |
|||
fi |
|||
record_id=$(echo "$records" | grep "\"type\": *\"TXT\"" | grep "\"name\": *\"$_sub_domain\"" | grep "\"content\": *\"$txtvalue\"" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | _head_n 1 | tr -d " ") |
|||
_debug "record_id" "$record_id" |
|||
if [ -z "$record_id" ]; then |
|||
_err "Can not get record id to remove." |
|||
return 1 |
|||
fi |
|||
if ! _aurora_rest DELETE "zones/$_domain_id/records/$record_id"; then |
|||
_err "Delete record error." |
|||
return 1 |
|||
fi |
|||
fi |
|||
return 0 |
|||
|
|||
} |
|||
|
|||
#################### Private functions below ################################## |
|||
#_acme-challenge.www.domain.com |
|||
#returns |
|||
# _sub_domain=_acme-challenge.www |
|||
# _domain=domain.com |
|||
# _domain_id=sdjkglgdfewsdfg |
|||
_get_root() { |
|||
domain=$1 |
|||
i=1 |
|||
p=1 |
|||
|
|||
while true; do |
|||
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
|||
_debug h "$h" |
|||
if [ -z "$h" ]; then |
|||
#not valid |
|||
return 1 |
|||
fi |
|||
|
|||
if ! _aurora_rest GET "zones/$h"; then |
|||
return 1 |
|||
fi |
|||
|
|||
if _contains "$response" "\"name\": \"$h\""; then |
|||
_domain_id=$(echo "$response" | _normalizeJson | tr -d "{}" | tr "," "\n" | grep "\"id\": *\"" | cut -d : -f 2 | tr -d \" | _head_n 1 | tr -d " ") |
|||
_debug _domain_id "$_domain_id" |
|||
if [ "$_domain_id" ]; then |
|||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
|||
_domain=$h |
|||
return 0 |
|||
fi |
|||
return 1 |
|||
fi |
|||
p=$i |
|||
i=$(_math "$i" + 1) |
|||
done |
|||
return 1 |
|||
} |
|||
|
|||
_aurora_rest() { |
|||
m=$1 |
|||
ep="$2" |
|||
data="$3" |
|||
_debug "$ep" |
|||
|
|||
key_trimmed=$(echo "$AURORA_Key" | tr -d '"') |
|||
secret_trimmed=$(echo "$AURORA_Secret" | tr -d '"') |
|||
|
|||
timestamp=$(date -u +"%Y%m%dT%H%M%SZ") |
|||
signature=$(printf "%s/%s%s" "$m" "$ep" "$timestamp" | _hmac sha256 "$(printf "%s" "$secret_trimmed" | _hex_dump | tr -d " ")" | _base64) |
|||
authorization=$(printf "AuroraDNSv1 %s" "$(printf "%s:%s" "$key_trimmed" "$signature" | _base64)") |
|||
|
|||
export _H1="Content-Type: application/json; charset=UTF-8" |
|||
export _H2="X-AuroraDNS-Date: $timestamp" |
|||
export _H3="Authorization: $authorization" |
|||
|
|||
if [ "$m" != "GET" ]; then |
|||
_debug data "$data" |
|||
response="$(_post "$data" "$AURORA_Api/$ep" "" "$m")" |
|||
else |
|||
response="$(_get "$AURORA_Api/$ep")" |
|||
fi |
|||
|
|||
if [ "$?" != "0" ]; then |
|||
_err "error $ep" |
|||
return 1 |
|||
fi |
|||
_debug2 response "$response" |
|||
return 0 |
|||
} |
|||
@ -0,0 +1,207 @@ |
|||
#!/usr/bin/env sh |
|||
|
|||
# Acme.sh DNS API wrapper for websupport.sk |
|||
# |
|||
# Original author: trgo.sk (https://github.com/trgosk) |
|||
# Tweaks by: akulumbeg (https://github.com/akulumbeg) |
|||
# Report Bugs here: https://github.com/akulumbeg/acme.sh |
|||
|
|||
# Requirements: API Key and Secret from https://admin.websupport.sk/en/auth/apiKey |
|||
# |
|||
# WS_ApiKey="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" |
|||
# (called "Identifier" in the WS Admin) |
|||
# |
|||
# WS_ApiSecret="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" |
|||
# (called "Secret key" in the WS Admin) |
|||
|
|||
WS_Api="https://rest.websupport.sk" |
|||
|
|||
######## Public functions ##################### |
|||
|
|||
dns_websupport_add() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
WS_ApiKey="${WS_ApiKey:-$(_readaccountconf_mutable WS_ApiKey)}" |
|||
WS_ApiSecret="${WS_ApiSecret:-$(_readaccountconf_mutable WS_ApiSecret)}" |
|||
|
|||
if [ "$WS_ApiKey" ] && [ "$WS_ApiSecret" ]; then |
|||
_saveaccountconf_mutable WS_ApiKey "$WS_ApiKey" |
|||
_saveaccountconf_mutable WS_ApiSecret "$WS_ApiSecret" |
|||
else |
|||
WS_ApiKey="" |
|||
WS_ApiSecret="" |
|||
_err "You did not specify the API Key and/or API Secret" |
|||
_err "You can get the API login credentials from https://admin.websupport.sk/en/auth/apiKey" |
|||
return 1 |
|||
fi |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
|
|||
# For wildcard cert, the main root domain and the wildcard domain have the same txt subdomain name, so |
|||
# we can not use updating anymore. |
|||
# count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2) |
|||
# _debug count "$count" |
|||
# if [ "$count" = "0" ]; then |
|||
_info "Adding record" |
|||
if _ws_rest POST "/v1/user/self/zone/$_domain/record" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then |
|||
if _contains "$response" "$txtvalue"; then |
|||
_info "Added, OK" |
|||
return 0 |
|||
elif _contains "$response" "The record already exists"; then |
|||
_info "Already exists, OK" |
|||
return 0 |
|||
else |
|||
_err "Add txt record error." |
|||
return 1 |
|||
fi |
|||
fi |
|||
_err "Add txt record error." |
|||
return 1 |
|||
|
|||
} |
|||
|
|||
dns_websupport_rm() { |
|||
fulldomain=$1 |
|||
txtvalue=$2 |
|||
|
|||
_debug2 fulldomain "$fulldomain" |
|||
_debug2 txtvalue "$txtvalue" |
|||
|
|||
_debug "First detect the root zone" |
|||
if ! _get_root "$fulldomain"; then |
|||
_err "invalid domain" |
|||
return 1 |
|||
fi |
|||
|
|||
_debug _sub_domain "$_sub_domain" |
|||
_debug _domain "$_domain" |
|||
|
|||
_debug "Getting txt records" |
|||
_ws_rest GET "/v1/user/self/zone/$_domain/record" |
|||
|
|||
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"items\")" -lt "1" ]; then |
|||
_err "Error: $response" |
|||
return 1 |
|||
fi |
|||
|
|||
record_line="$(_get_from_array "$response" "$txtvalue")" |
|||
_debug record_line "$record_line" |
|||
if [ -z "$record_line" ]; then |
|||
_info "Don't need to remove." |
|||
else |
|||
record_id=$(echo "$record_line" | _egrep_o "\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ") |
|||
_debug "record_id" "$record_id" |
|||
if [ -z "$record_id" ]; then |
|||
_err "Can not get record id to remove." |
|||
return 1 |
|||
fi |
|||
if ! _ws_rest DELETE "/v1/user/self/zone/$_domain/record/$record_id"; then |
|||
_err "Delete record error." |
|||
return 1 |
|||
fi |
|||
if [ "$(printf "%s" "$response" | tr -d " " | grep -c \"success\")" -lt "1" ]; then |
|||
return 1 |
|||
else |
|||
return 0 |
|||
fi |
|||
fi |
|||
|
|||
} |
|||
|
|||
#################### Private Functions ################################## |
|||
|
|||
_get_root() { |
|||
domain=$1 |
|||
i=1 |
|||
p=1 |
|||
|
|||
while true; do |
|||
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
|||
_debug h "$h" |
|||
if [ -z "$h" ]; then |
|||
#not valid |
|||
return 1 |
|||
fi |
|||
|
|||
if ! _ws_rest GET "/v1/user/self/zone"; then |
|||
return 1 |
|||
fi |
|||
|
|||
if _contains "$response" "\"name\":\"$h\""; then |
|||
_domain_id=$(echo "$response" | _egrep_o "\[.\"id\": *[^,]*" | _head_n 1 | cut -d : -f 2 | tr -d \" | tr -d " ") |
|||
if [ "$_domain_id" ]; then |
|||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
|||
_domain=$h |
|||
return 0 |
|||
fi |
|||
return 1 |
|||
fi |
|||
p=$i |
|||
i=$(_math "$i" + 1) |
|||
done |
|||
return 1 |
|||
} |
|||
|
|||
_ws_rest() { |
|||
me=$1 |
|||
pa="$2" |
|||
da="$3" |
|||
|
|||
_debug2 api_key "$WS_ApiKey" |
|||
_debug2 api_secret "$WS_ApiSecret" |
|||
|
|||
timestamp=$(_time) |
|||
datez="$(_utc_date | sed "s/ /T/" | sed "s/$/+0000/")" |
|||
canonical_request="${me} ${pa} ${timestamp}" |
|||
signature_hash=$(printf "%s" "$canonical_request" | _hmac sha1 "$(printf "%s" "$WS_ApiSecret" | _hex_dump | tr -d " ")" hex) |
|||
basicauth="$(printf "%s:%s" "$WS_ApiKey" "$signature_hash" | _base64)" |
|||
|
|||
_debug2 method "$me" |
|||
_debug2 path "$pa" |
|||
_debug2 data "$da" |
|||
_debug2 timestamp "$timestamp" |
|||
_debug2 datez "$datez" |
|||
_debug2 canonical_request "$canonical_request" |
|||
_debug2 signature_hash "$signature_hash" |
|||
_debug2 basicauth "$basicauth" |
|||
|
|||
export _H1="Accept: application/json" |
|||
export _H2="Content-Type: application/json" |
|||
export _H3="Authorization: Basic ${basicauth}" |
|||
export _H4="Date: ${datez}" |
|||
|
|||
_debug2 H1 "$_H1" |
|||
_debug2 H2 "$_H2" |
|||
_debug2 H3 "$_H3" |
|||
_debug2 H4 "$_H4" |
|||
|
|||
if [ "$me" != "GET" ]; then |
|||
_debug2 "${me} $WS_Api${pa}" |
|||
_debug data "$da" |
|||
response="$(_post "$da" "${WS_Api}${pa}" "" "$me")" |
|||
else |
|||
_debug2 "GET $WS_Api${pa}" |
|||
response="$(_get "$WS_Api${pa}")" |
|||
fi |
|||
|
|||
_debug2 response "$response" |
|||
return "$?" |
|||
} |
|||
|
|||
_get_from_array() { |
|||
va="$1" |
|||
fi="$2" |
|||
for i in $(echo "$va" | sed "s/{/ /g"); do |
|||
if _contains "$i" "$fi"; then |
|||
echo "$i" |
|||
break |
|||
fi |
|||
done |
|||
} |
|||
Write
Preview
Loading…
Cancel
Save
Reference in new issue