Browse Source
fixes #3359
fixes #3359
Ubiquiti removed keytool (and java) from recent releases of Unifi OS. This moves from keytool to openssl's native pkcs12. Tested on Unifi Dream Machine which runs Unifi OS and a built-in Unifi controller. Also added backup of existing files prior to change in case anything goes wrong, and update system configuration with compatible ciphers.pull/5246/head
3VAbdAVE
4 months ago
161 changed files with 2085 additions and 1417 deletions
-
2.github/workflows/DragonFlyBSD.yml
-
4.github/workflows/FreeBSD.yml
-
4.github/workflows/Linux.yml
-
2.github/workflows/MacOS.yml
-
2.github/workflows/NetBSD.yml
-
4.github/workflows/Omnios.yml
-
4.github/workflows/OpenBSD.yml
-
4.github/workflows/Solaris.yml
-
4.github/workflows/Ubuntu.yml
-
2.github/workflows/Windows.yml
-
734acme.sh
-
7deploy/routeros.sh
-
52deploy/synology_dsm.sh
-
64deploy/unifi.sh
-
8deploy/vault.sh
-
31dnsapi/dns_1984hosting.sh
-
28dnsapi/dns_acmedns.sh
-
18dnsapi/dns_acmeproxy.sh
-
11dnsapi/dns_active24.sh
-
17dnsapi/dns_ad.sh
-
12dnsapi/dns_ali.sh
-
13dnsapi/dns_anx.sh
-
23dnsapi/dns_artfiles.sh
-
15dnsapi/dns_arvan.sh
-
16dnsapi/dns_aurora.sh
-
23dnsapi/dns_autodns.sh
-
20dnsapi/dns_aws.sh
-
14dnsapi/dns_azion.sh
-
13dnsapi/dns_azure.sh
-
21dnsapi/dns_bookmyname.sh
-
21dnsapi/dns_bunny.sh
-
21dnsapi/dns_cf.sh
-
17dnsapi/dns_clouddns.sh
-
17dnsapi/dns_cloudns.sh
-
13dnsapi/dns_cn.sh
-
11dnsapi/dns_conoha.sh
-
14dnsapi/dns_constellix.sh
-
26dnsapi/dns_cpanel.sh
-
16dnsapi/dns_curanet.sh
-
28dnsapi/dns_cyon.sh
-
37dnsapi/dns_da.sh
-
21dnsapi/dns_ddnss.sh
-
16dnsapi/dns_desec.sh
-
25dnsapi/dns_df.sh
-
20dnsapi/dns_dgon.sh
-
19dnsapi/dns_dnsexit.sh
-
21dnsapi/dns_dnshome.sh
-
16dnsapi/dns_dnsimple.sh
-
17dnsapi/dns_dnsservices.sh
-
19dnsapi/dns_doapi.sh
-
9dnsapi/dns_domeneshop.sh
-
14dnsapi/dns_dp.sh
-
14dnsapi/dns_dpi.sh
-
14dnsapi/dns_dreamhost.sh
-
18dnsapi/dns_duckdns.sh
-
12dnsapi/dns_durabledns.sh
-
25dnsapi/dns_dyn.sh
-
21dnsapi/dns_dynu.sh
-
15dnsapi/dns_dynv6.sh
-
19dnsapi/dns_easydns.sh
-
25dnsapi/dns_edgedns.sh
-
24dnsapi/dns_euserv.sh
-
8dnsapi/dns_exoscale.sh
-
11dnsapi/dns_fornex.sh
-
19dnsapi/dns_freedns.sh
-
17dnsapi/dns_gandi_livedns.sh
-
10dnsapi/dns_gcloud.sh
-
12dnsapi/dns_gcore.sh
-
16dnsapi/dns_gd.sh
-
16dnsapi/dns_geoscaling.sh
-
15dnsapi/dns_googledomains.sh
-
21dnsapi/dns_he.sh
-
12dnsapi/dns_hetzner.sh
-
14dnsapi/dns_hexonet.sh
-
15dnsapi/dns_hostingde.sh
-
14dnsapi/dns_huaweicloud.sh
-
14dnsapi/dns_infoblox.sh
-
15dnsapi/dns_infomaniak.sh
-
18dnsapi/dns_internetbs.sh
-
13dnsapi/dns_inwx.sh
-
19dnsapi/dns_ionos.sh
-
145dnsapi/dns_ionos_cloud.sh
-
18dnsapi/dns_ipv64.sh
-
21dnsapi/dns_ispconfig.sh
-
15dnsapi/dns_jd.sh
-
33dnsapi/dns_joker.sh
-
26dnsapi/dns_kappernet.sh
-
27dnsapi/dns_kas.sh
-
19dnsapi/dns_kinghost.sh
-
10dnsapi/dns_knot.sh
-
12dnsapi/dns_la.sh
-
12dnsapi/dns_leaseweb.sh
-
10dnsapi/dns_lexicon.sh
-
10dnsapi/dns_linode.sh
-
11dnsapi/dns_linode_v4.sh
-
16dnsapi/dns_loopia.sh
-
17dnsapi/dns_lua.sh
-
9dnsapi/dns_maradns.sh
-
14dnsapi/dns_me.sh
-
23dnsapi/dns_miab.sh
734
acme.sh
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
@ -0,0 +1,145 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Supports IONOS Cloud DNS API v1.15.4 |
||||
|
# |
||||
|
# Usage: |
||||
|
# Export IONOS_TOKEN before calling acme.sh: |
||||
|
# $ export IONOS_TOKEN="..." |
||||
|
# |
||||
|
# $ acme.sh --issue --dns dns_ionos_cloud ... |
||||
|
|
||||
|
IONOS_CLOUD_API="https://dns.de-fra.ionos.com" |
||||
|
IONOS_CLOUD_ROUTE_ZONES="/zones" |
||||
|
|
||||
|
dns_ionos_cloud_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
if ! _ionos_init; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_record_name=$(printf "%s" "$fulldomain" | cut -d . -f 1) |
||||
|
_body="{\"properties\":{\"name\":\"$_record_name\", \"type\":\"TXT\", \"content\":\"$txtvalue\"}}" |
||||
|
|
||||
|
if _ionos_cloud_rest POST "$IONOS_CLOUD_ROUTE_ZONES/$_zone_id/records" "$_body" && [ "$_code" = "202" ]; then |
||||
|
_info "TXT record has been created successfully." |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
dns_ionos_cloud_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
if ! _ionos_init; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _ionos_cloud_get_record "$_zone_id" "$txtvalue" "$fulldomain"; then |
||||
|
_err "Could not find _acme-challenge TXT record." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _ionos_cloud_rest DELETE "$IONOS_CLOUD_ROUTE_ZONES/$_zone_id/records/$_record_id" && [ "$_code" = "202" ]; then |
||||
|
_info "TXT record has been deleted successfully." |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_ionos_init() { |
||||
|
IONOS_TOKEN="${IONOS_TOKEN:-$(_readaccountconf_mutable IONOS_TOKEN)}" |
||||
|
|
||||
|
if [ -z "$IONOS_TOKEN" ]; then |
||||
|
_err "You didn't specify an IONOS token yet." |
||||
|
_err "Read https://api.ionos.com/docs/authentication/v1/#tag/tokens/operation/tokensGenerate to learn how to get a token." |
||||
|
_err "You need to set it before calling acme.sh:" |
||||
|
_err "\$ export IONOS_TOKEN=\"...\"" |
||||
|
_err "\$ acme.sh --issue -d ... --dns dns_ionos_cloud" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_saveaccountconf_mutable IONOS_TOKEN "$IONOS_TOKEN" |
||||
|
|
||||
|
if ! _get_cloud_zone "$fulldomain"; then |
||||
|
_err "Cannot find zone $zone in your IONOS account." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
_get_cloud_zone() { |
||||
|
domain=$1 |
||||
|
zone=$(printf "%s" "$domain" | cut -d . -f 2-) |
||||
|
|
||||
|
if _ionos_cloud_rest GET "$IONOS_CLOUD_ROUTE_ZONES?filter.zoneName=$zone"; then |
||||
|
_response="$(echo "$_response" | tr -d "\n")" |
||||
|
|
||||
|
_zone_list_items=$(echo "$_response" | _egrep_o "\"items\":.*") |
||||
|
|
||||
|
_zone_id=$(printf "%s\n" "$_zone_list_items" | _egrep_o "\"id\":\"[a-fA-F0-9\-]*\"" | _head_n 1 | cut -d : -f 2 | tr -d '\"') |
||||
|
if [ "$_zone_id" ]; then |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
|
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_ionos_cloud_get_record() { |
||||
|
zone_id=$1 |
||||
|
txtrecord=$2 |
||||
|
# this is to transform the domain to lower case |
||||
|
fulldomain=$(printf "%s" "$3" | _lower_case) |
||||
|
# this is to transform record name to lower case |
||||
|
# IONOS Cloud API transforms all record names to lower case |
||||
|
_record_name=$(printf "%s" "$fulldomain" | cut -d . -f 1 | _lower_case) |
||||
|
|
||||
|
if _ionos_cloud_rest GET "$IONOS_CLOUD_ROUTE_ZONES/$zone_id/records"; then |
||||
|
_response="$(echo "$_response" | tr -d "\n")" |
||||
|
|
||||
|
pattern="\{\"id\":\"[a-fA-F0-9\-]*\",\"type\":\"record\",\"href\":\"/zones/$zone_id/records/[a-fA-F0-9\-]*\",\"metadata\":\{\"createdDate\":\"[A-Z0-9\:\.\-]*\",\"lastModifiedDate\":\"[A-Z0-9\:\.\-]*\",\"fqdn\":\"$fulldomain\",\"state\":\"AVAILABLE\",\"zoneId\":\"$zone_id\"\},\"properties\":\{\"content\":\"$txtrecord\",\"enabled\":true,\"name\":\"$_record_name\",\"priority\":[0-9]*,\"ttl\":[0-9]*,\"type\":\"TXT\"\}\}" |
||||
|
|
||||
|
_record="$(echo "$_response" | _egrep_o "$pattern")" |
||||
|
if [ "$_record" ]; then |
||||
|
_record_id=$(printf "%s\n" "$_record" | _egrep_o "\"id\":\"[a-fA-F0-9\-]*\"" | _head_n 1 | cut -d : -f 2 | tr -d '\"') |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
|
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_ionos_cloud_rest() { |
||||
|
method="$1" |
||||
|
route="$2" |
||||
|
data="$3" |
||||
|
|
||||
|
export _H1="Authorization: Bearer $IONOS_TOKEN" |
||||
|
|
||||
|
# clear headers |
||||
|
: >"$HTTP_HEADER" |
||||
|
|
||||
|
if [ "$method" != "GET" ]; then |
||||
|
_response="$(_post "$data" "$IONOS_CLOUD_API$route" "" "$method" "application/json")" |
||||
|
else |
||||
|
_response="$(_get "$IONOS_CLOUD_API$route")" |
||||
|
fi |
||||
|
|
||||
|
_code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")" |
||||
|
|
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "Error $route: $_response" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug2 "_response" "$_response" |
||||
|
_debug2 "_code" "$_code" |
||||
|
|
||||
|
return 0 |
||||
|
} |
Some files were not shown because too many files changed in this diff
Write
Preview
Loading…
Cancel
Save
Reference in new issue