Add BEST-HOSTING DNS API (#6859)

* Add BEST-HOSTING DNS API
2 weeks ago · c397bd6573
1 changed files with 202 additions and 0 deletions
--- a/dnsapi/dns_bh.sh
+++ b/dnsapi/dns_bh.sh
@ -0,0 +1,202 @@
+#!/usr/bin/env sh
+# shellcheck disable=SC2034
+dns_bh_info='Best-Hosting.cz
+Site: best-hosting.cz
+Docs: github.com/acmesh-official/acme.sh/wiki/dnsapi2#dns_bh
+Options:
+ BH_API_USER API User identifier.
+ BH_API_KEY API Secret key.
+Issues: github.com/acmesh-official/acme.sh/issues/6854
+Author: @heximcz
+'
+
+BH_Api="https://best-hosting.cz/api/v1"
+
+########  Public functions #####################
+
+# Usage: dns_bh_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_bh_add() {
+  fulldomain=$1
+  txtvalue=$2
+
+  # --- 1. Credentials ---
+  BH_API_USER="${BH_API_USER:-$(_readaccountconf_mutable BH_API_USER)}"
+  BH_API_KEY="${BH_API_KEY:-$(_readaccountconf_mutable BH_API_KEY)}"
+
+  if [ -z "$BH_API_USER" ] || [ -z "$BH_API_KEY" ]; then
+    BH_API_USER=""
+    BH_API_KEY=""
+    _err "You must specify BH_API_USER and BH_API_KEY."
+    return 1
+  fi
+
+  _saveaccountconf_mutable BH_API_USER "$BH_API_USER"
+  _saveaccountconf_mutable BH_API_KEY "$BH_API_KEY"
+
+  # --- 2. Add TXT record ---
+  _info "Adding TXT record for $fulldomain"
+
+  json_payload="{\"fulldomain\":\"$fulldomain\",\"txtvalue\":\"$txtvalue\"}"
+  if ! _bh_rest POST "dns" "$json_payload"; then
+    _err "Failed to add DNS record."
+    return 1
+  fi
+
+  _norm_add=$(printf "%s" "$response" | tr -d '[:space:]')
+  if ! _contains "$_norm_add" '"status":"success"'; then
+    _err "API error: $response"
+    return 1
+  fi
+
+  record_id=$(printf "%s" "$_norm_add" | _egrep_o '"id":[0-9]+' | cut -d':' -f2)
+  _debug record_id "$record_id"
+
+  if [ -z "$record_id" ]; then
+    _err "Could not parse record ID from response."
+    return 1
+  fi
+
+  # Sanitize key — replace dots and hyphens with underscores
+  _conf_key=$(printf "%s" "BH_record_ids_${fulldomain}" | tr '.-' '_')
+
+  # Wildcard support: store space-separated list of IDs
+  # First call stores "111", second call stores "111 222"
+  _existing_ids=$(_readdomainconf "$_conf_key")
+  if [ -z "$_existing_ids" ]; then
+    _savedomainconf "$_conf_key" "$record_id"
+  else
+    _savedomainconf "$_conf_key" "$_existing_ids $record_id"
+  fi
+
+  _info "DNS TXT record added successfully."
+  return 0
+}
+
+# Usage: dns_bh_rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
+dns_bh_rm() {
+  fulldomain=$1
+  txtvalue=$2
+
+  # --- 1. Credentials ---
+  BH_API_USER="${BH_API_USER:-$(_readaccountconf_mutable BH_API_USER)}"
+  BH_API_KEY="${BH_API_KEY:-$(_readaccountconf_mutable BH_API_KEY)}"
+
+  if [ -z "$BH_API_USER" ] || [ -z "$BH_API_KEY" ]; then
+    BH_API_USER=""
+    BH_API_KEY=""
+    _err "You must specify BH_API_USER and BH_API_KEY."
+    return 1
+  fi
+
+  # Sanitize key — same as in add
+  _conf_key=$(printf "%s" "BH_record_ids_${fulldomain}" | tr '.-' '_')
+
+  # --- 2. Load stored record ID(s) ---
+  _existing_ids=$(_readdomainconf "$_conf_key")
+  _debug _existing_ids "$_existing_ids"
+
+  if [ -z "$_existing_ids" ]; then
+    _err "Could not find record ID for $fulldomain."
+    return 1
+  fi
+
+  record_id=""
+  _remaining_ids=""
+
+  # Find the record ID that matches both the name and txtvalue
+  for _id in $_existing_ids; do
+    if ! _bh_rest GET "dns/$_id"; then
+      _debug "Failed to query record id $_id, skipping."
+
+      # Keep it in the list so a later run can try again
+      if [ -z "$_remaining_ids" ]; then
+        _remaining_ids="$_id"
+      else
+        _remaining_ids="$_remaining_ids $_id"
+      fi
+      continue
+    fi
+
+    _match_name=0
+    _match_content=0
+    _norm_response=$(printf "%s" "$response" | tr -d '[:space:]')
+
+    case "$_norm_response" in
+    *"\"name\":\"$fulldomain\""*)
+      _match_name=1
+      ;;
+    esac
+    case "$_norm_response" in
+    *"\"content\":\"$txtvalue\""*)
+      _match_content=1
+      ;;
+    esac
+
+    if [ "$_match_name" -eq 1 ] && [ "$_match_content" -eq 1 ]; then
+      record_id="$_id"
+      _debug "Matched record id" "$record_id"
+      # Do not add this ID to _remaining_ids; it will be deleted
+      continue
+    fi
+
+    # Not a match — keep ID for potential future cleanups
+    if [ -z "$_remaining_ids" ]; then
+      _remaining_ids="$_id"
+    else
+      _remaining_ids="$_remaining_ids $_id"
+    fi
+  done
+
+  if [ -z "$record_id" ]; then
+    _err "Could not find matching TXT record for $fulldomain with the given value."
+    return 1
+  fi
+
+  # --- 3. Delete record ---
+  _info "Removing TXT record for $fulldomain"
+
+  if ! _bh_rest DELETE "dns/$record_id"; then
+    _err "Failed to remove DNS record."
+    return 1
+  fi
+
+  # Update stored list — remove used ID
+  if [ -z "$_remaining_ids" ]; then
+    _cleardomainconf "$_conf_key"
+  else
+    _savedomainconf "$_conf_key" "$_remaining_ids"
+  fi
+
+  _info "DNS TXT record removed successfully."
+  return 0
+}
+
+####################  Private functions #####################
+
+_bh_rest() {
+  m="$1"
+  ep="$2"
+  data="$3"
+  _debug "$ep"
+
+  _credentials="$(printf "%s:%s" "$BH_API_USER" "$BH_API_KEY" | _base64)"
+
+  export _H1="Authorization: Basic $_credentials"
+  export _H2="Content-Type: application/json"
+  export _H3="Accept: application/json"
+
+  if [ "$m" = "GET" ]; then
+    response="$(_get "$BH_Api/$ep")"
+  else
+    _debug data "$data"
+    response="$(_post "$data" "$BH_Api/$ep" "" "$m")"
+  fi
+
+  if [ "$?" != "0" ]; then
+    _err "Error calling $m $BH_Api/$ep"
+    return 1
+  fi
+
+  _debug2 response "$response"
+  return 0
+}