Ian G
2 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
73 changed files with 4128 additions and 1140 deletions
-
2.github/FUNDING.yml
-
239.github/workflows/DNS.yml
-
71.github/workflows/DragonFlyBSD.yml
-
31.github/workflows/FreeBSD.yml
-
7.github/workflows/Linux.yml
-
15.github/workflows/MacOS.yml
-
72.github/workflows/NetBSD.yml
-
76.github/workflows/OpenBSD.yml
-
16.github/workflows/PebbleStrict.yml
-
31.github/workflows/Solaris.yml
-
14.github/workflows/Ubuntu.yml
-
15.github/workflows/Windows.yml
-
4.github/workflows/dockerhub.yml
-
19.github/workflows/issue.yml
-
30.github/workflows/pr_dns.yml
-
30.github/workflows/pr_notify.yml
-
5.github/workflows/shellcheck.yml
-
3Dockerfile
-
43README.md
-
377acme.sh
-
185deploy/cpanel_uapi.sh
-
36deploy/mailcow.sh
-
132deploy/proxmoxve.sh
-
4deploy/qiniu.sh
-
68deploy/routeros.sh
-
72deploy/truenas.sh
-
14dnsapi/dns_1984hosting.sh
-
52dnsapi/dns_aws.sh
-
248dnsapi/dns_bunny.sh
-
11dnsapi/dns_cf.sh
-
5dnsapi/dns_cpanel.sh
-
159dnsapi/dns_curanet.sh
-
185dnsapi/dns_cx.sh
-
2dnsapi/dns_cyon.sh
-
5dnsapi/dns_dgon.sh
-
248dnsapi/dns_dnsservices.sh
-
4dnsapi/dns_edgedns.sh
-
146dnsapi/dns_fornex.sh
-
6dnsapi/dns_gcloud.sh
-
56dnsapi/dns_gd.sh
-
177dnsapi/dns_gdnsdk.sh
-
232dnsapi/dns_geoscaling.sh
-
24dnsapi/dns_huaweicloud.sh
-
30dnsapi/dns_ionos.sh
-
14dnsapi/dns_ispconfig.sh
-
303dnsapi/dns_kas.sh
-
147dnsapi/dns_la.sh
-
84dnsapi/dns_loopia.sh
-
1dnsapi/dns_miab.sh
-
4dnsapi/dns_mydevil.sh
-
16dnsapi/dns_mydnsjp.sh
-
4dnsapi/dns_namecheap.sh
-
2dnsapi/dns_namesilo.sh
-
10dnsapi/dns_nederhost.sh
-
12dnsapi/dns_netlify.sh
-
2dnsapi/dns_oci.sh
-
4dnsapi/dns_opnsense.sh
-
10dnsapi/dns_ovh.sh
-
115dnsapi/dns_rage4.sh
-
4dnsapi/dns_regru.sh
-
4dnsapi/dns_selectel.sh
-
94dnsapi/dns_selfhost.sh
-
16dnsapi/dns_simply.sh
-
25dnsapi/dns_transip.sh
-
21dnsapi/dns_ultra.sh
-
142dnsapi/dns_vercel.sh
-
22dnsapi/dns_vultr.sh
-
70dnsapi/dns_world4you.sh
-
264dnsapi/dns_yc.sh
-
44notify/callmebotWhatsApp.sh
-
57notify/discord.sh
-
45notify/slack_app.sh
-
49notify/weixin_work.sh
@ -0,0 +1,71 @@ |
|||||
|
name: DragonFlyBSD |
||||
|
on: |
||||
|
push: |
||||
|
branches: |
||||
|
- '*' |
||||
|
paths: |
||||
|
- '*.sh' |
||||
|
- '.github/workflows/DragonFlyBSD.yml' |
||||
|
|
||||
|
pull_request: |
||||
|
branches: |
||||
|
- dev |
||||
|
paths: |
||||
|
- '*.sh' |
||||
|
- '.github/workflows/DragonFlyBSD.yml' |
||||
|
|
||||
|
concurrency: |
||||
|
group: ${{ github.workflow }}-${{ github.ref }} |
||||
|
cancel-in-progress: true |
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
jobs: |
||||
|
DragonFlyBSD: |
||||
|
strategy: |
||||
|
matrix: |
||||
|
include: |
||||
|
- TEST_ACME_Server: "LetsEncrypt.org_test" |
||||
|
CA_ECDSA: "" |
||||
|
CA: "" |
||||
|
CA_EMAIL: "" |
||||
|
TEST_PREFERRED_CHAIN: (STAGING) Pretend Pear X1 |
||||
|
#- TEST_ACME_Server: "ZeroSSL.com" |
||||
|
# CA_ECDSA: "ZeroSSL ECC Domain Secure Site CA" |
||||
|
# CA: "ZeroSSL RSA Domain Secure Site CA" |
||||
|
# CA_EMAIL: "githubtest@acme.sh" |
||||
|
# TEST_PREFERRED_CHAIN: "" |
||||
|
runs-on: macos-12 |
||||
|
env: |
||||
|
TEST_LOCAL: 1 |
||||
|
TEST_ACME_Server: ${{ matrix.TEST_ACME_Server }} |
||||
|
CA_ECDSA: ${{ matrix.CA_ECDSA }} |
||||
|
CA: ${{ matrix.CA }} |
||||
|
CA_EMAIL: ${{ matrix.CA_EMAIL }} |
||||
|
TEST_PREFERRED_CHAIN: ${{ matrix.TEST_PREFERRED_CHAIN }} |
||||
|
steps: |
||||
|
- uses: actions/checkout@v2 |
||||
|
- uses: vmactions/cf-tunnel@v0.0.3 |
||||
|
id: tunnel |
||||
|
with: |
||||
|
protocol: http |
||||
|
port: 8080 |
||||
|
- name: Set envs |
||||
|
run: echo "TestingDomain=${{steps.tunnel.outputs.server}}" >> $GITHUB_ENV |
||||
|
- name: Clone acmetest |
||||
|
run: cd .. && git clone https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/ |
||||
|
- uses: vmactions/dragonflybsd-vm@v0 |
||||
|
with: |
||||
|
envs: 'TEST_LOCAL TestingDomain TEST_ACME_Server CA_ECDSA CA CA_EMAIL TEST_PREFERRED_CHAIN' |
||||
|
copyback: "false" |
||||
|
nat: | |
||||
|
"8080": "80" |
||||
|
prepare: | |
||||
|
pkg install -y curl socat |
||||
|
usesh: true |
||||
|
run: | |
||||
|
cd ../acmetest \ |
||||
|
&& ./letest.sh |
||||
|
|
||||
|
|
@ -0,0 +1,72 @@ |
|||||
|
name: NetBSD |
||||
|
on: |
||||
|
push: |
||||
|
branches: |
||||
|
- '*' |
||||
|
paths: |
||||
|
- '*.sh' |
||||
|
- '.github/workflows/NetBSD.yml' |
||||
|
|
||||
|
pull_request: |
||||
|
branches: |
||||
|
- dev |
||||
|
paths: |
||||
|
- '*.sh' |
||||
|
- '.github/workflows/NetBSD.yml' |
||||
|
|
||||
|
concurrency: |
||||
|
group: ${{ github.workflow }}-${{ github.ref }} |
||||
|
cancel-in-progress: true |
||||
|
|
||||
|
|
||||
|
|
||||
|
|
||||
|
jobs: |
||||
|
NetBSD: |
||||
|
strategy: |
||||
|
matrix: |
||||
|
include: |
||||
|
- TEST_ACME_Server: "LetsEncrypt.org_test" |
||||
|
CA_ECDSA: "" |
||||
|
CA: "" |
||||
|
CA_EMAIL: "" |
||||
|
TEST_PREFERRED_CHAIN: (STAGING) Pretend Pear X1 |
||||
|
#- TEST_ACME_Server: "ZeroSSL.com" |
||||
|
# CA_ECDSA: "ZeroSSL ECC Domain Secure Site CA" |
||||
|
# CA: "ZeroSSL RSA Domain Secure Site CA" |
||||
|
# CA_EMAIL: "githubtest@acme.sh" |
||||
|
# TEST_PREFERRED_CHAIN: "" |
||||
|
runs-on: macos-12 |
||||
|
env: |
||||
|
TEST_LOCAL: 1 |
||||
|
TEST_ACME_Server: ${{ matrix.TEST_ACME_Server }} |
||||
|
CA_ECDSA: ${{ matrix.CA_ECDSA }} |
||||
|
CA: ${{ matrix.CA }} |
||||
|
CA_EMAIL: ${{ matrix.CA_EMAIL }} |
||||
|
TEST_PREFERRED_CHAIN: ${{ matrix.TEST_PREFERRED_CHAIN }} |
||||
|
steps: |
||||
|
- uses: actions/checkout@v2 |
||||
|
- uses: vmactions/cf-tunnel@v0.0.3 |
||||
|
id: tunnel |
||||
|
with: |
||||
|
protocol: http |
||||
|
port: 8080 |
||||
|
- name: Set envs |
||||
|
run: echo "TestingDomain=${{steps.tunnel.outputs.server}}" >> $GITHUB_ENV |
||||
|
- name: Clone acmetest |
||||
|
run: cd .. && git clone https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/ |
||||
|
- uses: vmactions/netbsd-vm@v0 |
||||
|
with: |
||||
|
envs: 'TEST_LOCAL TestingDomain TEST_ACME_Server CA_ECDSA CA CA_EMAIL TEST_PREFERRED_CHAIN' |
||||
|
nat: | |
||||
|
"8080": "80" |
||||
|
prepare: | |
||||
|
export PKG_PATH="http://cdn.NetBSD.org/pub/pkgsrc/packages/NetBSD/$(uname -p)/$(uname -r|cut -f '1 2' -d.)/All/" |
||||
|
pkg_add curl socat |
||||
|
usesh: true |
||||
|
copyback: false |
||||
|
run: | |
||||
|
cd ../acmetest \ |
||||
|
&& ./letest.sh |
||||
|
|
||||
|
|
@ -0,0 +1,76 @@ |
|||||
|
name: OpenBSD |
||||
|
on: |
||||
|
push: |
||||
|
branches: |
||||
|
- '*' |
||||
|
paths: |
||||
|
- '*.sh' |
||||
|
- '.github/workflows/OpenBSD.yml' |
||||
|
|
||||
|
pull_request: |
||||
|
branches: |
||||
|
- dev |
||||
|
paths: |
||||
|
- '*.sh' |
||||
|
- '.github/workflows/OpenBSD.yml' |
||||
|
|
||||
|
concurrency: |
||||
|
group: ${{ github.workflow }}-${{ github.ref }} |
||||
|
cancel-in-progress: true |
||||
|
|
||||
|
|
||||
|
|
||||
|
jobs: |
||||
|
OpenBSD: |
||||
|
strategy: |
||||
|
matrix: |
||||
|
include: |
||||
|
- TEST_ACME_Server: "LetsEncrypt.org_test" |
||||
|
CA_ECDSA: "" |
||||
|
CA: "" |
||||
|
CA_EMAIL: "" |
||||
|
TEST_PREFERRED_CHAIN: (STAGING) Pretend Pear X1 |
||||
|
- TEST_ACME_Server: "LetsEncrypt.org_test" |
||||
|
CA_ECDSA: "" |
||||
|
CA: "" |
||||
|
CA_EMAIL: "" |
||||
|
TEST_PREFERRED_CHAIN: (STAGING) Pretend Pear X1 |
||||
|
ACME_USE_WGET: 1 |
||||
|
#- TEST_ACME_Server: "ZeroSSL.com" |
||||
|
# CA_ECDSA: "ZeroSSL ECC Domain Secure Site CA" |
||||
|
# CA: "ZeroSSL RSA Domain Secure Site CA" |
||||
|
# CA_EMAIL: "githubtest@acme.sh" |
||||
|
# TEST_PREFERRED_CHAIN: "" |
||||
|
runs-on: macos-12 |
||||
|
env: |
||||
|
TEST_LOCAL: 1 |
||||
|
TEST_ACME_Server: ${{ matrix.TEST_ACME_Server }} |
||||
|
CA_ECDSA: ${{ matrix.CA_ECDSA }} |
||||
|
CA: ${{ matrix.CA }} |
||||
|
CA_EMAIL: ${{ matrix.CA_EMAIL }} |
||||
|
TEST_PREFERRED_CHAIN: ${{ matrix.TEST_PREFERRED_CHAIN }} |
||||
|
ACME_USE_WGET: ${{ matrix.ACME_USE_WGET }} |
||||
|
steps: |
||||
|
- uses: actions/checkout@v2 |
||||
|
- uses: vmactions/cf-tunnel@v0.0.3 |
||||
|
id: tunnel |
||||
|
with: |
||||
|
protocol: http |
||||
|
port: 8080 |
||||
|
- name: Set envs |
||||
|
run: echo "TestingDomain=${{steps.tunnel.outputs.server}}" >> $GITHUB_ENV |
||||
|
- name: Clone acmetest |
||||
|
run: cd .. && git clone https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/ |
||||
|
- uses: vmactions/openbsd-vm@v0 |
||||
|
with: |
||||
|
envs: 'TEST_LOCAL TestingDomain TEST_ACME_Server CA_ECDSA CA CA_EMAIL TEST_PREFERRED_CHAIN ACME_USE_WGET' |
||||
|
nat: | |
||||
|
"8080": "80" |
||||
|
prepare: pkg_add socat curl wget |
||||
|
usesh: true |
||||
|
copyback: false |
||||
|
run: | |
||||
|
cd ../acmetest \ |
||||
|
&& ./letest.sh |
||||
|
|
||||
|
|
@ -0,0 +1,19 @@ |
|||||
|
name: "Update issues" |
||||
|
on: |
||||
|
issues: |
||||
|
types: [opened] |
||||
|
|
||||
|
jobs: |
||||
|
comment: |
||||
|
runs-on: ubuntu-latest |
||||
|
steps: |
||||
|
- uses: actions/github-script@v6 |
||||
|
with: |
||||
|
script: | |
||||
|
github.rest.issues.createComment({ |
||||
|
issue_number: context.issue.number, |
||||
|
owner: context.repo.owner, |
||||
|
repo: context.repo.repo, |
||||
|
body: "Please upgrade to the latest code and try again first. Maybe it's already fixed. ```acme.sh --upgrade``` If it's still not working, please provide the log with `--debug 2`, otherwise, nobody can help you." |
||||
|
|
||||
|
}) |
@ -0,0 +1,30 @@ |
|||||
|
name: Check dns api |
||||
|
|
||||
|
on: |
||||
|
pull_request_target: |
||||
|
types: |
||||
|
- opened |
||||
|
branches: |
||||
|
- 'dev' |
||||
|
paths: |
||||
|
- 'dnsapi/*.sh' |
||||
|
|
||||
|
|
||||
|
jobs: |
||||
|
welcome: |
||||
|
runs-on: ubuntu-latest |
||||
|
steps: |
||||
|
- uses: actions/github-script@v6 |
||||
|
with: |
||||
|
script: | |
||||
|
await github.rest.issues.createComment({ |
||||
|
issue_number: context.issue.number, |
||||
|
owner: context.repo.owner, |
||||
|
repo: context.repo.repo, |
||||
|
body: `**Welcome** |
||||
|
Please make sure you're read our [DNS API Dev Guide](../wiki/DNS-API-Dev-Guide) and [DNS-API-Test](../wiki/DNS-API-Test). |
||||
|
Then reply on this message, otherwise, your code will not be reviewed or merged. |
||||
|
We look forward to reviewing your Pull request shortly ✨ |
||||
|
` |
||||
|
}) |
||||
|
|
@ -0,0 +1,30 @@ |
|||||
|
name: Check dns api |
||||
|
|
||||
|
on: |
||||
|
pull_request_target: |
||||
|
types: |
||||
|
- opened |
||||
|
branches: |
||||
|
- 'dev' |
||||
|
paths: |
||||
|
- 'notify/*.sh' |
||||
|
|
||||
|
|
||||
|
jobs: |
||||
|
welcome: |
||||
|
runs-on: ubuntu-latest |
||||
|
steps: |
||||
|
- uses: actions/github-script@v6 |
||||
|
with: |
||||
|
script: | |
||||
|
await github.rest.issues.createComment({ |
||||
|
issue_number: context.issue.number, |
||||
|
owner: context.repo.owner, |
||||
|
repo: context.repo.repo, |
||||
|
body: `**Welcome** |
||||
|
Please make sure you're read our [Code-of-conduct](../wiki/Code-of-conduct) and add the usage here: [notify](../wiki/notify). |
||||
|
Then reply on this message, otherwise, your code will not be reviewed or merged. |
||||
|
We look forward to reviewing your Pull request shortly ✨ |
||||
|
` |
||||
|
}) |
||||
|
|
@ -0,0 +1,132 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Deploy certificates to a proxmox virtual environment node using the API. |
||||
|
# |
||||
|
# Environment variables that can be set are: |
||||
|
# `DEPLOY_PROXMOXVE_SERVER`: The hostname of the proxmox ve node. Defaults to |
||||
|
# _cdomain. |
||||
|
# `DEPLOY_PROXMOXVE_SERVER_PORT`: The port number the management interface is on. |
||||
|
# Defaults to 8006. |
||||
|
# `DEPLOY_PROXMOXVE_NODE_NAME`: The name of the node we'll be connecting to. |
||||
|
# Defaults to the host portion of the server |
||||
|
# domain name. |
||||
|
# `DEPLOY_PROXMOXVE_USER`: The user we'll connect as. Defaults to root. |
||||
|
# `DEPLOY_PROXMOXVE_USER_REALM`: The authentication realm the user authenticates |
||||
|
# with. Defaults to pam. |
||||
|
# `DEPLOY_PROXMOXVE_API_TOKEN_NAME`: The name of the API token created for the |
||||
|
# user account. Defaults to acme. |
||||
|
# `DEPLOY_PROXMOXVE_API_TOKEN_KEY`: The API token. Required. |
||||
|
|
||||
|
proxmoxve_deploy() { |
||||
|
_cdomain="$1" |
||||
|
_ckey="$2" |
||||
|
_ccert="$3" |
||||
|
_cca="$4" |
||||
|
_cfullchain="$5" |
||||
|
|
||||
|
_debug _cdomain "$_cdomain" |
||||
|
_debug2 _ckey "$_ckey" |
||||
|
_debug _ccert "$_ccert" |
||||
|
_debug _cca "$_cca" |
||||
|
_debug _cfullchain "$_cfullchain" |
||||
|
|
||||
|
# "Sane" defaults. |
||||
|
_getdeployconf DEPLOY_PROXMOXVE_SERVER |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_SERVER" ]; then |
||||
|
_target_hostname="$_cdomain" |
||||
|
else |
||||
|
_target_hostname="$DEPLOY_PROXMOXVE_SERVER" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_SERVER "$DEPLOY_PROXMOXVE_SERVER" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_SERVER "$_target_hostname" |
||||
|
|
||||
|
_getdeployconf DEPLOY_PROXMOXVE_SERVER_PORT |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_SERVER_PORT" ]; then |
||||
|
_target_port="8006" |
||||
|
else |
||||
|
_target_port="$DEPLOY_PROXMOXVE_SERVER_PORT" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_SERVER_PORT "$DEPLOY_PROXMOXVE_SERVER_PORT" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_SERVER_PORT "$_target_port" |
||||
|
|
||||
|
_getdeployconf DEPLOY_PROXMOXVE_NODE_NAME |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_NODE_NAME" ]; then |
||||
|
_node_name=$(echo "$_target_hostname" | cut -d. -f1) |
||||
|
else |
||||
|
_node_name="$DEPLOY_PROXMOXVE_NODE_NAME" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_NODE_NAME "$DEPLOY_PROXMOXVE_NODE_NAME" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_NODE_NAME "$_node_name" |
||||
|
|
||||
|
# Complete URL. |
||||
|
_target_url="https://${_target_hostname}:${_target_port}/api2/json/nodes/${_node_name}/certificates/custom" |
||||
|
_debug TARGET_URL "$_target_url" |
||||
|
|
||||
|
# More "sane" defaults. |
||||
|
_getdeployconf DEPLOY_PROXMOXVE_USER |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_USER" ]; then |
||||
|
_proxmoxve_user="root" |
||||
|
else |
||||
|
_proxmoxve_user="$DEPLOY_PROXMOXVE_USER" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_USER "$DEPLOY_PROXMOXVE_USER" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_USER "$_proxmoxve_user" |
||||
|
|
||||
|
_getdeployconf DEPLOY_PROXMOXVE_USER_REALM |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_USER_REALM" ]; then |
||||
|
_proxmoxve_user_realm="pam" |
||||
|
else |
||||
|
_proxmoxve_user_realm="$DEPLOY_PROXMOXVE_USER_REALM" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_USER_REALM "$DEPLOY_PROXMOXVE_USER_REALM" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_USER_REALM "$_proxmoxve_user_realm" |
||||
|
|
||||
|
_getdeployconf DEPLOY_PROXMOXVE_API_TOKEN_NAME |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_API_TOKEN_NAME" ]; then |
||||
|
_proxmoxve_api_token_name="acme" |
||||
|
else |
||||
|
_proxmoxve_api_token_name="$DEPLOY_PROXMOXVE_API_TOKEN_NAME" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_API_TOKEN_NAME "$DEPLOY_PROXMOXVE_API_TOKEN_NAME" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_API_TOKEN_NAME "$_proxmoxve_api_token_name" |
||||
|
|
||||
|
# This is required. |
||||
|
_getdeployconf DEPLOY_PROXMOXVE_API_TOKEN_KEY |
||||
|
if [ -z "$DEPLOY_PROXMOXVE_API_TOKEN_KEY" ]; then |
||||
|
_err "API key not provided." |
||||
|
return 1 |
||||
|
else |
||||
|
_proxmoxve_api_token_key="$DEPLOY_PROXMOXVE_API_TOKEN_KEY" |
||||
|
_savedeployconf DEPLOY_PROXMOXVE_API_TOKEN_KEY "$DEPLOY_PROXMOXVE_API_TOKEN_KEY" |
||||
|
fi |
||||
|
_debug2 DEPLOY_PROXMOXVE_API_TOKEN_KEY _proxmoxve_api_token_key |
||||
|
|
||||
|
# PVE API Token header value. Used in "Authorization: PVEAPIToken". |
||||
|
_proxmoxve_header_api_token="${_proxmoxve_user}@${_proxmoxve_user_realm}!${_proxmoxve_api_token_name}=${_proxmoxve_api_token_key}" |
||||
|
_debug2 "Auth Header" _proxmoxve_header_api_token |
||||
|
|
||||
|
# Ugly. I hate putting heredocs inside functions because heredocs don't |
||||
|
# account for whitespace correctly but it _does_ work and is several times |
||||
|
# cleaner than anything else I had here. |
||||
|
# |
||||
|
# This dumps the json payload to a variable that should be passable to the |
||||
|
# _psot function. |
||||
|
_json_payload=$( |
||||
|
cat <<HEREDOC |
||||
|
{ |
||||
|
"certificates": "$(tr '\n' ':' <"$_cfullchain" | sed 's/:/\\n/g')", |
||||
|
"key": "$(tr '\n' ':' <"$_ckey" | sed 's/:/\\n/g')", |
||||
|
"node":"$_node_name", |
||||
|
"restart":"1", |
||||
|
"force":"1" |
||||
|
} |
||||
|
HEREDOC |
||||
|
) |
||||
|
_debug2 Payload "$_json_payload" |
||||
|
|
||||
|
# Push certificates to server. |
||||
|
export _HTTPS_INSECURE=1 |
||||
|
export _H1="Authorization: PVEAPIToken=${_proxmoxve_header_api_token}" |
||||
|
_post "$_json_payload" "$_target_url" "" POST "application/json" |
||||
|
|
||||
|
} |
@ -0,0 +1,248 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
## Will be called by acme.sh to add the TXT record via the Bunny DNS API. |
||||
|
## returns 0 means success, otherwise error. |
||||
|
|
||||
|
## Author: nosilver4u <nosilver4u at ewww.io> |
||||
|
## GitHub: https://github.com/nosilver4u/acme.sh |
||||
|
|
||||
|
## |
||||
|
## Environment Variables Required: |
||||
|
## |
||||
|
## BUNNY_API_KEY="75310dc4-ca77-9ac3-9a19-f6355db573b49ce92ae1-2655-3ebd-61ac-3a3ae34834cc" |
||||
|
## |
||||
|
|
||||
|
##################### Public functions ##################### |
||||
|
|
||||
|
## Create the text record for validation. |
||||
|
## Usage: fulldomain txtvalue |
||||
|
## EG: "_acme-challenge.www.other.domain.com" "XKrxpRBosdq0HG9i01zxXp5CPBs" |
||||
|
dns_bunny_add() { |
||||
|
fulldomain="$(echo "$1" | _lower_case)" |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
BUNNY_API_KEY="${BUNNY_API_KEY:-$(_readaccountconf_mutable BUNNY_API_KEY)}" |
||||
|
# Check if API Key is set |
||||
|
if [ -z "$BUNNY_API_KEY" ]; then |
||||
|
BUNNY_API_KEY="" |
||||
|
_err "You did not specify Bunny.net API key." |
||||
|
_err "Please export BUNNY_API_KEY and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_info "Using Bunny.net dns validation - add record" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
## save the env vars (key and domain split location) for later automated use |
||||
|
_saveaccountconf_mutable BUNNY_API_KEY "$BUNNY_API_KEY" |
||||
|
|
||||
|
## split the domain for Bunny API |
||||
|
if ! _get_base_domain "$fulldomain"; then |
||||
|
_err "domain not found in your account for addition" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
|
||||
|
## Set the header with our post type and auth key |
||||
|
export _H1="Accept: application/json" |
||||
|
export _H2="AccessKey: $BUNNY_API_KEY" |
||||
|
export _H3="Content-Type: application/json" |
||||
|
PURL="https://api.bunny.net/dnszone/$_domain_id/records" |
||||
|
PBODY='{"Id":'$_domain_id',"Type":3,"Name":"'$_sub_domain'","Value":"'$txtvalue'","ttl":120}' |
||||
|
|
||||
|
_debug PURL "$PURL" |
||||
|
_debug PBODY "$PBODY" |
||||
|
|
||||
|
## the create request - POST |
||||
|
## args: BODY, URL, [need64, httpmethod] |
||||
|
response="$(_post "$PBODY" "$PURL" "" "PUT")" |
||||
|
|
||||
|
## check response |
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error in response: $response" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
|
||||
|
## finished correctly |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
## Remove the txt record after validation. |
||||
|
## Usage: fulldomain txtvalue |
||||
|
## EG: "_acme-challenge.www.other.domain.com" "XKrxpRBosdq0HG9i01zxXp5CPBs" |
||||
|
dns_bunny_rm() { |
||||
|
fulldomain="$(echo "$1" | _lower_case)" |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
BUNNY_API_KEY="${BUNNY_API_KEY:-$(_readaccountconf_mutable BUNNY_API_KEY)}" |
||||
|
# Check if API Key Exists |
||||
|
if [ -z "$BUNNY_API_KEY" ]; then |
||||
|
BUNNY_API_KEY="" |
||||
|
_err "You did not specify Bunny.net API key." |
||||
|
_err "Please export BUNNY_API_KEY and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_info "Using Bunny.net dns validation - remove record" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
## split the domain for Bunny API |
||||
|
if ! _get_base_domain "$fulldomain"; then |
||||
|
_err "Domain not found in your account for TXT record removal" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
|
||||
|
## Set the header with our post type and key auth key |
||||
|
export _H1="Accept: application/json" |
||||
|
export _H2="AccessKey: $BUNNY_API_KEY" |
||||
|
## get URL for the list of DNS records |
||||
|
GURL="https://api.bunny.net/dnszone/$_domain_id" |
||||
|
|
||||
|
## 1) Get the domain/zone records |
||||
|
## the fetch request - GET |
||||
|
## args: URL, [onlyheader, timeout] |
||||
|
domain_list="$(_get "$GURL")" |
||||
|
|
||||
|
## check response |
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error in domain_list response: $domain_list" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 domain_list "$domain_list" |
||||
|
|
||||
|
## 2) search through records |
||||
|
## check for what we are looking for: "Type":3,"Value":"$txtvalue","Name":"$_sub_domain" |
||||
|
record="$(echo "$domain_list" | _egrep_o "\"Id\"\s*\:\s*\"*[0-9]+\"*,\s*\"Type\"[^}]*\"Value\"\s*\:\s*\"$txtvalue\"[^}]*\"Name\"\s*\:\s*\"$_sub_domain\"")" |
||||
|
|
||||
|
if [ -n "$record" ]; then |
||||
|
|
||||
|
## We found records |
||||
|
rec_ids="$(echo "$record" | _egrep_o "Id\"\s*\:\s*\"*[0-9]+" | _egrep_o "[0-9]+")" |
||||
|
_debug rec_ids "$rec_ids" |
||||
|
if [ -n "$rec_ids" ]; then |
||||
|
echo "$rec_ids" | while IFS= read -r rec_id; do |
||||
|
## delete the record |
||||
|
## delete URL for removing the one we dont want |
||||
|
DURL="https://api.bunny.net/dnszone/$_domain_id/records/$rec_id" |
||||
|
|
||||
|
## the removal request - DELETE |
||||
|
## args: BODY, URL, [need64, httpmethod] |
||||
|
response="$(_post "" "$DURL" "" "DELETE")" |
||||
|
|
||||
|
## check response (sort of) |
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error in remove response: $response" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
|
||||
|
done |
||||
|
fi |
||||
|
fi |
||||
|
|
||||
|
## finished correctly |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
##################### Private functions below ##################### |
||||
|
|
||||
|
## Split the domain provided into the "base domain" and the "start prefix". |
||||
|
## This function searches for the longest subdomain in your account |
||||
|
## for the full domain given and splits it into the base domain (zone) |
||||
|
## and the prefix/record to be added/removed |
||||
|
## USAGE: fulldomain |
||||
|
## EG: "_acme-challenge.two.three.four.domain.com" |
||||
|
## returns |
||||
|
## _sub_domain="_acme-challenge.two" |
||||
|
## _domain="three.four.domain.com" *IF* zone "three.four.domain.com" exists |
||||
|
## _domain_id=234 |
||||
|
## if only "domain.com" exists it will return |
||||
|
## _sub_domain="_acme-challenge.two.three.four" |
||||
|
## _domain="domain.com" |
||||
|
## _domain_id=234 |
||||
|
_get_base_domain() { |
||||
|
# args |
||||
|
fulldomain="$(echo "$1" | _lower_case)" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
|
||||
|
# domain max legal length = 253 |
||||
|
MAX_DOM=255 |
||||
|
page=1 |
||||
|
|
||||
|
## get a list of domains for the account to check thru |
||||
|
## Set the headers |
||||
|
export _H1="Accept: application/json" |
||||
|
export _H2="AccessKey: $BUNNY_API_KEY" |
||||
|
_debug BUNNY_API_KEY "$BUNNY_API_KEY" |
||||
|
## get URL for the list of domains |
||||
|
## may get: "links":{"pages":{"last":".../v2/domains/DOM/records?page=2","next":".../v2/domains/DOM/records?page=2"}} |
||||
|
DOMURL="https://api.bunny.net/dnszone" |
||||
|
|
||||
|
## while we dont have a matching domain we keep going |
||||
|
while [ -z "$found" ]; do |
||||
|
## get the domain list (current page) |
||||
|
domain_list="$(_get "$DOMURL")" |
||||
|
|
||||
|
## check response |
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error in domain_list response: $domain_list" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 domain_list "$domain_list" |
||||
|
|
||||
|
i=1 |
||||
|
while [ $i -gt 0 ]; do |
||||
|
## get next longest domain |
||||
|
_domain=$(printf "%s" "$fulldomain" | cut -d . -f "$i"-"$MAX_DOM") |
||||
|
## check we got something back from our cut (or are we at the end) |
||||
|
if [ -z "$_domain" ]; then |
||||
|
break |
||||
|
fi |
||||
|
## we got part of a domain back - grep it out |
||||
|
found="$(echo "$domain_list" | _egrep_o "\"Id\"\s*:\s*\"*[0-9]+\"*,\s*\"Domain\"\s*\:\s*\"$_domain\"")" |
||||
|
## check if it exists |
||||
|
if [ -n "$found" ]; then |
||||
|
## exists - exit loop returning the parts |
||||
|
sub_point=$(_math $i - 1) |
||||
|
_sub_domain=$(printf "%s" "$fulldomain" | cut -d . -f 1-"$sub_point") |
||||
|
_domain_id="$(echo "$found" | _egrep_o "Id\"\s*\:\s*\"*[0-9]+" | _egrep_o "[0-9]+")" |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
_debug _domain "$_domain" |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
found="" |
||||
|
return 0 |
||||
|
fi |
||||
|
## increment cut point $i |
||||
|
i=$(_math $i + 1) |
||||
|
done |
||||
|
|
||||
|
if [ -z "$found" ]; then |
||||
|
page=$(_math $page + 1) |
||||
|
nextpage="https://api.bunny.net/dnszone?page=$page" |
||||
|
## Find the next page if we don't have a match. |
||||
|
hasnextpage="$(echo "$domain_list" | _egrep_o "\"HasMoreItems\"\s*:\s*true")" |
||||
|
if [ -z "$hasnextpage" ]; then |
||||
|
_err "No record and no nextpage in Bunny.net domain search." |
||||
|
found="" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 nextpage "$nextpage" |
||||
|
DOMURL="$nextpage" |
||||
|
fi |
||||
|
|
||||
|
done |
||||
|
|
||||
|
## We went through the entire domain zone list and didn't find one that matched. |
||||
|
## If we ever get here, something is broken in the code... |
||||
|
_err "Domain not found in Bunny.net account, but we should never get here!" |
||||
|
found="" |
||||
|
return 1 |
||||
|
} |
@ -0,0 +1,159 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#Script to use with curanet.dk, scannet.dk, wannafind.dk, dandomain.dk DNS management. |
||||
|
#Requires api credentials with scope: dns |
||||
|
#Author: Peter L. Hansen <peter@r12.dk> |
||||
|
#Version 1.0 |
||||
|
|
||||
|
CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains" |
||||
|
CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token" |
||||
|
CURANET_ACCESS_TOKEN="" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: dns_curanet_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_curanet_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
_info "Using curanet" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}" |
||||
|
CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}" |
||||
|
if [ -z "$CURANET_AUTHCLIENTID" ] || [ -z "$CURANET_AUTHSECRET" ]; then |
||||
|
CURANET_AUTHCLIENTID="" |
||||
|
CURANET_AUTHSECRET="" |
||||
|
_err "You don't specify curanet api client and secret." |
||||
|
_err "Please create your auth info and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
#save the credentials to the account conf file. |
||||
|
_saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID" |
||||
|
_saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET" |
||||
|
|
||||
|
if ! _get_token; then |
||||
|
_err "Unable to get token" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "Invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
export _H1="Content-Type: application/json-patch+json" |
||||
|
export _H2="Accept: application/json" |
||||
|
export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" |
||||
|
data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}" |
||||
|
response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")" |
||||
|
|
||||
|
if _contains "$response" "$txtvalue"; then |
||||
|
_debug "TXT record added OK" |
||||
|
else |
||||
|
_err "Unable to add TXT record" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#Usage: fulldomain txtvalue |
||||
|
#Remove the txt record after validation. |
||||
|
dns_curanet_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
_info "Using curanet" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}" |
||||
|
CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}" |
||||
|
|
||||
|
if ! _get_token; then |
||||
|
_err "Unable to get token" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "Invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug "Getting current record list to identify TXT to delete" |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
export _H2="Accept: application/json" |
||||
|
export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" |
||||
|
|
||||
|
response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")" |
||||
|
|
||||
|
if ! _contains "$response" "$txtvalue"; then |
||||
|
_err "Unable to delete record (does not contain $txtvalue )" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
recordid=$(echo "$response" | _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" | _egrep_o "id\":[0-9]+" | cut -c 5-) |
||||
|
|
||||
|
if [ -z "$recordid" ]; then |
||||
|
_err "Unable to get recordid" |
||||
|
_debug "regex {\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" |
||||
|
_debug "response $response" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug "Deleting recordID $recordid" |
||||
|
response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
|
||||
|
_get_token() { |
||||
|
response="$(_post "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" "$CURANET_AUTH_URL" "" "")" |
||||
|
if ! _contains "$response" "access_token"; then |
||||
|
_err "Unable get access token" |
||||
|
return 1 |
||||
|
fi |
||||
|
CURANET_ACCESS_TOKEN=$(echo "$response" | _egrep_o "\"access_token\":\"[^\"]+" | cut -c 17-) |
||||
|
|
||||
|
if [ -z "$CURANET_ACCESS_TOKEN" ]; then |
||||
|
_err "Unable to get token" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
return 0 |
||||
|
|
||||
|
} |
||||
|
|
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _domain=domain.com |
||||
|
# _domain_id=sdjkglgdfewsdfg |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
i=1 |
||||
|
|
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
_debug h "$h" |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
export _H2="Accept: application/json" |
||||
|
export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" |
||||
|
response="$(_get "$CURANET_REST_URL/$h/Records" "" "")" |
||||
|
|
||||
|
if [ ! "$(echo "$response" | _egrep_o "Entity not found")" ]; then |
||||
|
_domain=$h |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
return 1 |
||||
|
} |
@ -1,185 +0,0 @@ |
|||||
#!/usr/bin/env sh |
|
||||
|
|
||||
# CloudXNS Domain api |
|
||||
# |
|
||||
#CX_Key="1234" |
|
||||
# |
|
||||
#CX_Secret="sADDsdasdgdsf" |
|
||||
|
|
||||
CX_Api="https://www.cloudxns.net/api2" |
|
||||
|
|
||||
#REST_API |
|
||||
######## Public functions ##################### |
|
||||
|
|
||||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
|
||||
dns_cx_add() { |
|
||||
fulldomain=$1 |
|
||||
txtvalue=$2 |
|
||||
|
|
||||
CX_Key="${CX_Key:-$(_readaccountconf_mutable CX_Key)}" |
|
||||
CX_Secret="${CX_Secret:-$(_readaccountconf_mutable CX_Secret)}" |
|
||||
if [ -z "$CX_Key" ] || [ -z "$CX_Secret" ]; then |
|
||||
CX_Key="" |
|
||||
CX_Secret="" |
|
||||
_err "You don't specify cloudxns.net api key or secret yet." |
|
||||
_err "Please create you key and try again." |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
REST_API="$CX_Api" |
|
||||
|
|
||||
#save the api key and email to the account conf file. |
|
||||
_saveaccountconf_mutable CX_Key "$CX_Key" |
|
||||
_saveaccountconf_mutable CX_Secret "$CX_Secret" |
|
||||
|
|
||||
_debug "First detect the root zone" |
|
||||
if ! _get_root "$fulldomain"; then |
|
||||
_err "invalid domain" |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
add_record "$_domain" "$_sub_domain" "$txtvalue" |
|
||||
} |
|
||||
|
|
||||
#fulldomain txtvalue |
|
||||
dns_cx_rm() { |
|
||||
fulldomain=$1 |
|
||||
txtvalue=$2 |
|
||||
CX_Key="${CX_Key:-$(_readaccountconf_mutable CX_Key)}" |
|
||||
CX_Secret="${CX_Secret:-$(_readaccountconf_mutable CX_Secret)}" |
|
||||
REST_API="$CX_Api" |
|
||||
if _get_root "$fulldomain"; then |
|
||||
record_id="" |
|
||||
existing_records "$_domain" "$_sub_domain" "$txtvalue" |
|
||||
if [ "$record_id" ]; then |
|
||||
_rest DELETE "record/$record_id/$_domain_id" "{}" |
|
||||
_info "Deleted record ${fulldomain}" |
|
||||
fi |
|
||||
fi |
|
||||
} |
|
||||
|
|
||||
#usage: root sub |
|
||||
#return if the sub record already exists. |
|
||||
#echos the existing records count. |
|
||||
# '0' means doesn't exist |
|
||||
existing_records() { |
|
||||
_debug "Getting txt records" |
|
||||
root=$1 |
|
||||
sub=$2 |
|
||||
if ! _rest GET "record/$_domain_id?:domain_id?host_id=0&offset=0&row_num=100"; then |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
seg=$(printf "%s\n" "$response" | _egrep_o '"record_id":[^{]*host":"'"$_sub_domain"'"[^}]*\}') |
|
||||
_debug seg "$seg" |
|
||||
if [ -z "$seg" ]; then |
|
||||
return 0 |
|
||||
fi |
|
||||
|
|
||||
if printf "%s" "$response" | grep '"type":"TXT"' >/dev/null; then |
|
||||
record_id=$(printf "%s\n" "$seg" | _egrep_o '"record_id":"[^"]*"' | cut -d : -f 2 | tr -d \" | _head_n 1) |
|
||||
_debug record_id "$record_id" |
|
||||
return 0 |
|
||||
fi |
|
||||
|
|
||||
} |
|
||||
|
|
||||
#add the txt record. |
|
||||
#usage: root sub txtvalue |
|
||||
add_record() { |
|
||||
root=$1 |
|
||||
sub=$2 |
|
||||
txtvalue=$3 |
|
||||
fulldomain="$sub.$root" |
|
||||
|
|
||||
_info "Adding record" |
|
||||
|
|
||||
if ! _rest POST "record" "{\"domain_id\": $_domain_id, \"host\":\"$_sub_domain\", \"value\":\"$txtvalue\", \"type\":\"TXT\",\"ttl\":600, \"line_id\":1}"; then |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
return 0 |
|
||||
} |
|
||||
|
|
||||
#################### Private functions below ################################## |
|
||||
#_acme-challenge.www.domain.com |
|
||||
#returns |
|
||||
# _sub_domain=_acme-challenge.www |
|
||||
# _domain=domain.com |
|
||||
# _domain_id=sdjkglgdfewsdfg |
|
||||
_get_root() { |
|
||||
domain=$1 |
|
||||
i=2 |
|
||||
p=1 |
|
||||
|
|
||||
if ! _rest GET "domain"; then |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
while true; do |
|
||||
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
|
||||
_debug h "$h" |
|
||||
if [ -z "$h" ]; then |
|
||||
#not valid |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
if _contains "$response" "$h."; then |
|
||||
seg=$(printf "%s\n" "$response" | _egrep_o '"id":[^{]*"'"$h"'."[^}]*}') |
|
||||
_debug seg "$seg" |
|
||||
_domain_id=$(printf "%s\n" "$seg" | _egrep_o "\"id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \") |
|
||||
_debug _domain_id "$_domain_id" |
|
||||
if [ "$_domain_id" ]; then |
|
||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
|
||||
_debug _sub_domain "$_sub_domain" |
|
||||
_domain="$h" |
|
||||
_debug _domain "$_domain" |
|
||||
return 0 |
|
||||
fi |
|
||||
return 1 |
|
||||
fi |
|
||||
p="$i" |
|
||||
i=$(_math "$i" + 1) |
|
||||
done |
|
||||
return 1 |
|
||||
} |
|
||||
|
|
||||
#Usage: method URI data |
|
||||
_rest() { |
|
||||
m=$1 |
|
||||
ep="$2" |
|
||||
_debug ep "$ep" |
|
||||
url="$REST_API/$ep" |
|
||||
_debug url "$url" |
|
||||
|
|
||||
cdate=$(date -u "+%Y-%m-%d %H:%M:%S UTC") |
|
||||
_debug cdate "$cdate" |
|
||||
|
|
||||
data="$3" |
|
||||
_debug data "$data" |
|
||||
|
|
||||
sec="$CX_Key$url$data$cdate$CX_Secret" |
|
||||
_debug sec "$sec" |
|
||||
hmac=$(printf "%s" "$sec" | _digest md5 hex) |
|
||||
_debug hmac "$hmac" |
|
||||
|
|
||||
export _H1="API-KEY: $CX_Key" |
|
||||
export _H2="API-REQUEST-DATE: $cdate" |
|
||||
export _H3="API-HMAC: $hmac" |
|
||||
export _H4="Content-Type: application/json" |
|
||||
|
|
||||
if [ "$data" ]; then |
|
||||
response="$(_post "$data" "$url" "" "$m")" |
|
||||
else |
|
||||
response="$(_get "$url")" |
|
||||
fi |
|
||||
|
|
||||
if [ "$?" != "0" ]; then |
|
||||
_err "error $ep" |
|
||||
return 1 |
|
||||
fi |
|
||||
_debug2 response "$response" |
|
||||
|
|
||||
_contains "$response" '"code":1' |
|
||||
|
|
||||
} |
|
@ -0,0 +1,248 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#This file name is "dns_dnsservices.sh" |
||||
|
#Script for Danish DNS registra and DNS hosting provider https://dns.services |
||||
|
|
||||
|
#Author: Bjarke Bruun <bbruun@gmail.com> |
||||
|
#Report Bugs here: https://github.com/acmesh-official/acme.sh/issues/4152 |
||||
|
|
||||
|
# Global variable to connect to the DNS.Services API |
||||
|
DNSServices_API=https://dns.services/api |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: dns_dnsservices_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_dnsservices_add() { |
||||
|
fulldomain="$1" |
||||
|
txtvalue="$2" |
||||
|
|
||||
|
_info "Using dns.services to create ACME DNS challenge" |
||||
|
_debug2 add_fulldomain "$fulldomain" |
||||
|
_debug2 add_txtvalue "$txtvalue" |
||||
|
|
||||
|
# Read username/password from environment or .acme.sh/accounts.conf |
||||
|
DnsServices_Username="${DnsServices_Username:-$(_readaccountconf_mutable DnsServices_Username)}" |
||||
|
DnsServices_Password="${DnsServices_Password:-$(_readaccountconf_mutable DnsServices_Password)}" |
||||
|
if [ -z "$DnsServices_Username" ] || [ -z "$DnsServices_Password" ]; then |
||||
|
DnsServices_Username="" |
||||
|
DnsServices_Password="" |
||||
|
_err "You didn't specify dns.services api username and password yet." |
||||
|
_err "Set environment variables DnsServices_Username and DnsServices_Password" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# Setup GET/POST/DELETE headers |
||||
|
_setup_headers |
||||
|
|
||||
|
#save the credentials to the account conf file. |
||||
|
_saveaccountconf_mutable DnsServices_Username "$DnsServices_Username" |
||||
|
_saveaccountconf_mutable DnsServices_Password "$DnsServices_Password" |
||||
|
|
||||
|
if ! _contains "$DnsServices_Username" "@"; then |
||||
|
_err "It seems that the username variable DnsServices_Username has not been set/left blank" |
||||
|
_err "or is not a valid email. Please correct and try again." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _get_root "${fulldomain}"; then |
||||
|
_err "Invalid domain ${fulldomain}" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! createRecord "$fulldomain" "${txtvalue}"; then |
||||
|
_err "Error creating TXT record in domain $fulldomain in $rootZoneName" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug2 challenge-created "Created $fulldomain" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#Usage: fulldomain txtvalue |
||||
|
#Description: Remove the txt record after validation. |
||||
|
dns_dnsservices_rm() { |
||||
|
fulldomain="$1" |
||||
|
txtvalue="$2" |
||||
|
|
||||
|
_info "Using dns.services to remove DNS record $fulldomain TXT $txtvalue" |
||||
|
_debug rm_fulldomain "$fulldomain" |
||||
|
_debug rm_txtvalue "$txtvalue" |
||||
|
|
||||
|
# Read username/password from environment or .acme.sh/accounts.conf |
||||
|
DnsServices_Username="${DnsServices_Username:-$(_readaccountconf_mutable DnsServices_Username)}" |
||||
|
DnsServices_Password="${DnsServices_Password:-$(_readaccountconf_mutable DnsServices_Password)}" |
||||
|
if [ -z "$DnsServices_Username" ] || [ -z "$DnsServices_Password" ]; then |
||||
|
DnsServices_Username="" |
||||
|
DnsServices_Password="" |
||||
|
_err "You didn't specify dns.services api username and password yet." |
||||
|
_err "Set environment variables DnsServices_Username and DnsServices_Password" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# Setup GET/POST/DELETE headers |
||||
|
_setup_headers |
||||
|
|
||||
|
if ! _get_root "${fulldomain}"; then |
||||
|
_err "Invalid domain ${fulldomain}" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug2 rm_rootDomainInfo "found root domain $rootZoneName for $fulldomain" |
||||
|
|
||||
|
if ! deleteRecord "${fulldomain}" "${txtvalue}"; then |
||||
|
_err "Error removing record: $fulldomain TXT ${txtvalue}" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
|
||||
|
_setup_headers() { |
||||
|
# Set up API Headers for _get() and _post() |
||||
|
# The <function>_add or <function>_rm must have been called before to work |
||||
|
|
||||
|
if [ -z "$DnsServices_Username" ] || [ -z "$DnsServices_Password" ]; then |
||||
|
_err "Could not setup BASIC authentication headers, they are missing" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
DnsServiceCredentials="$(printf "%s" "$DnsServices_Username:$DnsServices_Password" | _base64)" |
||||
|
export _H1="Authorization: Basic $DnsServiceCredentials" |
||||
|
export _H2="Content-Type: application/json" |
||||
|
|
||||
|
# Just return if headers are set |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
_get_root() { |
||||
|
domain="$1" |
||||
|
_debug2 _get_root "Get the root domain of ${domain} for DNS API" |
||||
|
|
||||
|
# Setup _get() and _post() headers |
||||
|
#_setup_headers |
||||
|
|
||||
|
result=$(_H1="$_H1" _H2="$_H2" _get "$DNSServices_API/dns") |
||||
|
result2="$(printf "%s\n" "$result" | tr '[' '\n' | grep '"name"')" |
||||
|
result3="$(printf "%s\n" "$result2" | tr '}' '\n' | grep '"name"' | sed "s,^\,,,g" | sed "s,$,},g")" |
||||
|
useResult="" |
||||
|
_debug2 _get_root "Got the following root domain(s) $result" |
||||
|
_debug2 _get_root "- JSON: $result" |
||||
|
|
||||
|
if [ "$(printf "%s\n" "$result" | tr '}' '\n' | grep -c '"name"')" -gt "1" ]; then |
||||
|
checkMultiZones="true" |
||||
|
_debug2 _get_root "- multiple zones found" |
||||
|
else |
||||
|
checkMultiZones="false" |
||||
|
_debug2 _get_root "- single zone found" |
||||
|
fi |
||||
|
|
||||
|
# Find/isolate the root zone to work with in createRecord() and deleteRecord() |
||||
|
rootZone="" |
||||
|
if [ "$checkMultiZones" = "true" ]; then |
||||
|
#rootZone=$(for x in $(printf "%s" "${result3}" | tr ',' '\n' | sed -n 's/.*"name":"\(.*\)",.*/\1/p'); do if [ "$(echo "$domain" | grep "$x")" != "" ]; then echo "$x"; fi; done) |
||||
|
rootZone=$(for x in $(printf "%s\n" "${result3}" | tr ',' '\n' | grep name | cut -d'"' -f4); do if [ "$(echo "$domain" | grep "$x")" != "" ]; then echo "$x"; fi; done) |
||||
|
if [ "$rootZone" != "" ]; then |
||||
|
_debug2 _rootZone "- root zone for $domain is $rootZone" |
||||
|
else |
||||
|
_err "Could not find root zone for $domain, is it correctly typed?" |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
rootZone=$(echo "$result" | tr '}' '\n' | _egrep_o '"name":"[^"]*' | cut -d'"' -f4) |
||||
|
_debug2 _get_root "- only found 1 domain in API: $rootZone" |
||||
|
fi |
||||
|
|
||||
|
if [ -z "$rootZone" ]; then |
||||
|
_err "Could not find root domain for $domain - is it correctly typed?" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# Make sure we use the correct API zone data |
||||
|
useResult="$(printf "%s\n" "${result3}" tr ',' '\n' | grep "$rootZone")" |
||||
|
_debug2 _useResult "useResult=$useResult" |
||||
|
|
||||
|
# Setup variables used by other functions to communicate with DNS.Services API |
||||
|
#zoneInfo=$(printf "%s\n" "$useResult" | sed -E 's,.*(zones)(.*),\1\2,g' | sed -E 's,^(.*"name":")([^"]*)"(.*)$,\2,g') |
||||
|
zoneInfo=$(printf "%s\n" "$useResult" | tr ',' '\n' | grep '"name"' | cut -d'"' -f4) |
||||
|
rootZoneName="$rootZone" |
||||
|
subDomainName="$(printf "%s\n" "$domain" | sed "s,\.$rootZone,,g")" |
||||
|
subDomainNameClean="$(printf "%s\n" "$domain" | sed "s,_acme-challenge.,,g")" |
||||
|
rootZoneDomainID=$(printf "%s\n" "$useResult" | tr ',' '\n' | grep domain_id | cut -d'"' -f4) |
||||
|
rootZoneServiceID=$(printf "%s\n" "$useResult" | tr ',' '\n' | grep service_id | cut -d'"' -f4) |
||||
|
|
||||
|
_debug2 _zoneInfo "Zone info from API : $zoneInfo" |
||||
|
_debug2 _get_root "Root zone name : $rootZoneName" |
||||
|
_debug2 _get_root "Root zone domain ID : $rootZoneDomainID" |
||||
|
_debug2 _get_root "Root zone service ID: $rootZoneServiceID" |
||||
|
_debug2 _get_root "Sub domain : $subDomainName" |
||||
|
|
||||
|
_debug _get_root "Found valid root domain $rootZone for $subDomainNameClean" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
createRecord() { |
||||
|
fulldomain="$1" |
||||
|
txtvalue="$2" |
||||
|
|
||||
|
# Get root domain information - needed for DNS.Services API communication |
||||
|
if [ -z "$rootZoneName" ] || [ -z "$rootZoneDomainID" ] || [ -z "$rootZoneServiceID" ]; then |
||||
|
_get_root "$fulldomain" |
||||
|
fi |
||||
|
if [ -z "$rootZoneName" ] || [ -z "$rootZoneDomainID" ] || [ -z "$rootZoneServiceID" ]; then |
||||
|
_err "Something happend - could not get the API zone information" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug2 createRecord "CNAME TXT value is: $txtvalue" |
||||
|
|
||||
|
# Prepare data to send to API |
||||
|
data="{\"name\":\"${fulldomain}\",\"type\":\"TXT\",\"content\":\"${txtvalue}\", \"ttl\":\"10\"}" |
||||
|
|
||||
|
_debug2 createRecord "data to API: $data" |
||||
|
result=$(_post "$data" "$DNSServices_API/service/$rootZoneServiceID/dns/$rootZoneDomainID/records" "" "POST") |
||||
|
_debug2 createRecord "result from API: $result" |
||||
|
|
||||
|
if [ "$(echo "$result" | _egrep_o "\"success\":true")" = "" ]; then |
||||
|
_err "Failed to create TXT record $fulldomain with content $txtvalue in zone $rootZoneName" |
||||
|
_err "$result" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_info "Record \"$fulldomain TXT $txtvalue\" has been created" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
deleteRecord() { |
||||
|
fulldomain="$1" |
||||
|
txtvalue="$2" |
||||
|
|
||||
|
_log deleteRecord "Deleting $fulldomain TXT $txtvalue record" |
||||
|
|
||||
|
if [ -z "$rootZoneName" ] || [ -z "$rootZoneDomainID" ] || [ -z "$rootZoneServiceID" ]; then |
||||
|
_get_root "$fulldomain" |
||||
|
fi |
||||
|
|
||||
|
result="$(_H1="$_H1" _H2="$_H2" _get "$DNSServices_API/service/$rootZoneServiceID/dns/$rootZoneDomainID")" |
||||
|
#recordInfo="$(echo "$result" | sed -e 's/:{/:{\n/g' -e 's/},/\n},\n/g' | grep "${txtvalue}")" |
||||
|
#recordID="$(echo "$recordInfo" | sed -e 's/:{/:{\n/g' -e 's/},/\n},\n/g' | grep "${txtvalue}" | sed -E 's,.*(zones)(.*),\1\2,g' | sed -E 's,^(.*"id":")([^"]*)"(.*)$,\2,g')" |
||||
|
recordID="$(printf "%s\n" "$result" | tr '}' '\n' | grep -- "$txtvalue" | tr ',' '\n' | grep '"id"' | cut -d'"' -f4)" |
||||
|
_debug2 _recordID "recordID used for deletion of record: $recordID" |
||||
|
|
||||
|
if [ -z "$recordID" ]; then |
||||
|
_info "Record $fulldomain TXT $txtvalue not found or already deleted" |
||||
|
return 0 |
||||
|
else |
||||
|
_debug2 deleteRecord "Found recordID=$recordID" |
||||
|
fi |
||||
|
|
||||
|
_debug2 deleteRecord "DELETE request $DNSServices_API/service/$rootZoneServiceID/dns/$rootZoneDomainID/records/$recordID" |
||||
|
_log "curl DELETE request $DNSServices_API/service/$rootZoneServiceID/dns/$rootZoneDomainID/records/$recordID" |
||||
|
result="$(_H1="$_H1" _H2="$_H2" _post "" "$DNSServices_API/service/$rootZoneServiceID/dns/$rootZoneDomainID/records/$recordID" "" "DELETE")" |
||||
|
_debug2 deleteRecord "API Delete result \"$result\"" |
||||
|
_log "curl API Delete result \"$result\"" |
||||
|
|
||||
|
# Return OK regardless |
||||
|
return 0 |
||||
|
} |
@ -0,0 +1,146 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#Author: Timur Umarov <inbox@tumarov.com> |
||||
|
|
||||
|
FORNEX_API_URL="https://fornex.com/api/dns/v0.1" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: dns_fornex_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_fornex_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
if ! _Fornex_API; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "Unable to determine root domain" |
||||
|
return 1 |
||||
|
else |
||||
|
_debug _domain "$_domain" |
||||
|
fi |
||||
|
|
||||
|
_info "Adding record" |
||||
|
if _rest POST "$_domain/entry_set/add/" "host=$fulldomain&type=TXT&value=$txtvalue&apikey=$FORNEX_API_KEY"; then |
||||
|
_debug _response "$response" |
||||
|
if _contains "$response" '"ok": true' || _contains "$response" 'Такая запись уже существует.'; then |
||||
|
_info "Added, OK" |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
#Usage: dns_fornex_rm _acme-challenge.www.domain.com |
||||
|
dns_fornex_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
if ! _Fornex_API; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "Unable to determine root domain" |
||||
|
return 1 |
||||
|
else |
||||
|
_debug _domain "$_domain" |
||||
|
fi |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
_rest GET "$_domain/entry_set.json?apikey=$FORNEX_API_KEY" |
||||
|
|
||||
|
if ! _contains "$response" "$txtvalue"; then |
||||
|
_err "Txt record not found" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_record_id="$(echo "$response" | _egrep_o "{[^{]*\"value\"*:*\"$txtvalue\"[^}]*}" | sed -n -e 's#.*"id": \([0-9]*\).*#\1#p')" |
||||
|
_debug "_record_id" "$_record_id" |
||||
|
if [ -z "$_record_id" ]; then |
||||
|
_err "can not find _record_id" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _rest POST "$_domain/entry_set/$_record_id/delete/" "apikey=$FORNEX_API_KEY"; then |
||||
|
_err "Delete record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
|
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _sub_domain=_acme-challenge.www |
||||
|
# _domain=domain.com |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
|
||||
|
i=1 |
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
_debug h "$h" |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _rest GET "domain_list.json?q=$h&apikey=$FORNEX_API_KEY"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _contains "$response" "\"$h\"" >/dev/null; then |
||||
|
_domain=$h |
||||
|
return 0 |
||||
|
else |
||||
|
_debug "$h not found" |
||||
|
fi |
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
|
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_Fornex_API() { |
||||
|
FORNEX_API_KEY="${FORNEX_API_KEY:-$(_readaccountconf_mutable FORNEX_API_KEY)}" |
||||
|
if [ -z "$FORNEX_API_KEY" ]; then |
||||
|
FORNEX_API_KEY="" |
||||
|
|
||||
|
_err "You didn't specify the Fornex API key yet." |
||||
|
_err "Please create your key and try again." |
||||
|
|
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_saveaccountconf_mutable FORNEX_API_KEY "$FORNEX_API_KEY" |
||||
|
} |
||||
|
|
||||
|
#method method action data |
||||
|
_rest() { |
||||
|
m=$1 |
||||
|
ep="$2" |
||||
|
data="$3" |
||||
|
_debug "$ep" |
||||
|
|
||||
|
export _H1="Accept: application/json" |
||||
|
|
||||
|
if [ "$m" != "GET" ]; then |
||||
|
_debug data "$data" |
||||
|
response="$(_post "$data" "$FORNEX_API_URL/$ep" "" "$m")" |
||||
|
else |
||||
|
response="$(_get "$FORNEX_API_URL/$ep" | _normalizeJson)" |
||||
|
fi |
||||
|
|
||||
|
_ret="$?" |
||||
|
if [ "$_ret" != "0" ]; then |
||||
|
_err "error $ep" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
@ -1,177 +0,0 @@ |
|||||
#!/usr/bin/env sh |
|
||||
#Author: Herman Sletteng |
|
||||
#Report Bugs here: https://github.com/loial/acme.sh |
|
||||
# |
|
||||
# |
|
||||
# Note, gratisdns requires a login first, so the script needs to handle |
|
||||
# temporary cookies. Since acme.sh _get/_post currently don't directly support |
|
||||
# cookies, I've defined wrapper functions _myget/_mypost to set the headers |
|
||||
|
|
||||
GDNSDK_API="https://admin.gratisdns.com" |
|
||||
######## Public functions ##################### |
|
||||
#Usage: dns_gdnsdk_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
|
||||
dns_gdnsdk_add() { |
|
||||
fulldomain=$1 |
|
||||
txtvalue=$2 |
|
||||
_info "Using gratisdns.dk" |
|
||||
_debug fulldomain "$fulldomain" |
|
||||
_debug txtvalue "$txtvalue" |
|
||||
if ! _gratisdns_login; then |
|
||||
_err "Login failed!" |
|
||||
return 1 |
|
||||
fi |
|
||||
#finding domain zone |
|
||||
if ! _get_domain; then |
|
||||
_err "No matching root domain for $fulldomain found" |
|
||||
return 1 |
|
||||
fi |
|
||||
# adding entry |
|
||||
_info "Adding the entry" |
|
||||
_mypost "action=dns_primary_record_added_txt&user_domain=$_domain&name=$fulldomain&txtdata=$txtvalue&ttl=1" |
|
||||
if _successful_update; then return 0; fi |
|
||||
_err "Couldn't create entry!" |
|
||||
return 1 |
|
||||
} |
|
||||
|
|
||||
#Usage: fulldomain txtvalue |
|
||||
#Remove the txt record after validation. |
|
||||
dns_gdnsdk_rm() { |
|
||||
fulldomain=$1 |
|
||||
txtvalue=$2 |
|
||||
_info "Using gratisdns.dk" |
|
||||
_debug fulldomain "$fulldomain" |
|
||||
_debug txtvalue "$txtvalue" |
|
||||
if ! _gratisdns_login; then |
|
||||
_err "Login failed!" |
|
||||
return 1 |
|
||||
fi |
|
||||
if ! _get_domain; then |
|
||||
_err "No matching root domain for $fulldomain found" |
|
||||
return 1 |
|
||||
fi |
|
||||
_findentry "$fulldomain" "$txtvalue" |
|
||||
if [ -z "$_id" ]; then |
|
||||
_info "Entry doesn't exist, nothing to delete" |
|
||||
return 0 |
|
||||
fi |
|
||||
_debug "Deleting record..." |
|
||||
_mypost "action=dns_primary_delete_txt&user_domain=$_domain&id=$_id" |
|
||||
# removing entry |
|
||||
|
|
||||
if _successful_update; then return 0; fi |
|
||||
_err "Couldn't delete entry!" |
|
||||
return 1 |
|
||||
} |
|
||||
|
|
||||
#################### Private functions below ################################## |
|
||||
|
|
||||
_checkcredentials() { |
|
||||
GDNSDK_Username="${GDNSDK_Username:-$(_readaccountconf_mutable GDNSDK_Username)}" |
|
||||
GDNSDK_Password="${GDNSDK_Password:-$(_readaccountconf_mutable GDNSDK_Password)}" |
|
||||
|
|
||||
if [ -z "$GDNSDK_Username" ] || [ -z "$GDNSDK_Password" ]; then |
|
||||
GDNSDK_Username="" |
|
||||
GDNSDK_Password="" |
|
||||
_err "You haven't specified gratisdns.dk username and password yet." |
|
||||
_err "Please add credentials and try again." |
|
||||
return 1 |
|
||||
fi |
|
||||
#save the credentials to the account conf file. |
|
||||
_saveaccountconf_mutable GDNSDK_Username "$GDNSDK_Username" |
|
||||
_saveaccountconf_mutable GDNSDK_Password "$GDNSDK_Password" |
|
||||
return 0 |
|
||||
} |
|
||||
|
|
||||
_checkcookie() { |
|
||||
GDNSDK_Cookie="${GDNSDK_Cookie:-$(_readaccountconf_mutable GDNSDK_Cookie)}" |
|
||||
if [ -z "$GDNSDK_Cookie" ]; then |
|
||||
_debug "No cached cookie found" |
|
||||
return 1 |
|
||||
fi |
|
||||
_myget "action=" |
|
||||
if (echo "$_result" | grep -q "logmeout"); then |
|
||||
_debug "Cached cookie still valid" |
|
||||
return 0 |
|
||||
fi |
|
||||
_debug "Cached cookie no longer valid" |
|
||||
GDNSDK_Cookie="" |
|
||||
_saveaccountconf_mutable GDNSDK_Cookie "$GDNSDK_Cookie" |
|
||||
return 1 |
|
||||
} |
|
||||
|
|
||||
_gratisdns_login() { |
|
||||
if ! _checkcredentials; then return 1; fi |
|
||||
|
|
||||
if _checkcookie; then |
|
||||
_debug "Already logged in" |
|
||||
return 0 |
|
||||
fi |
|
||||
_debug "Logging into GratisDNS with user $GDNSDK_Username" |
|
||||
|
|
||||
if ! _mypost "login=$GDNSDK_Username&password=$GDNSDK_Password&action=logmein"; then |
|
||||
_err "GratisDNS login failed for user $GDNSDK_Username bad RC from _post" |
|
||||
return 1 |
|
||||
fi |
|
||||
|
|
||||
GDNSDK_Cookie="$(grep -A 15 '302 Found' "$HTTP_HEADER" | _egrep_o 'Cookie: [^;]*' | _head_n 1 | cut -d ' ' -f2)" |
|
||||
|
|
||||
if [ -z "$GDNSDK_Cookie" ]; then |
|
||||
_err "GratisDNS login failed for user $GDNSDK_Username. Check $HTTP_HEADER file" |
|
||||
return 1 |
|
||||
fi |
|
||||
export GDNSDK_Cookie |
|
||||
_saveaccountconf_mutable GDNSDK_Cookie "$GDNSDK_Cookie" |
|
||||
return 0 |
|
||||
} |
|
||||
|
|
||||
_myget() { |
|
||||
#Adds cookie to request |
|
||||
export _H1="Cookie: $GDNSDK_Cookie" |
|
||||
_result=$(_get "$GDNSDK_API?$1") |
|
||||
} |
|
||||
_mypost() { |
|
||||
#Adds cookie to request |
|
||||
export _H1="Cookie: $GDNSDK_Cookie" |
|
||||
_result=$(_post "$1" "$GDNSDK_API") |
|
||||
} |
|
||||
|
|
||||
_get_domain() { |
|
||||
_myget 'action=dns_primarydns' |
|
||||
_domains=$(echo "$_result" | _egrep_o ' domain="[[:alnum:]._-]+' | sed 's/^.*"//') |
|
||||
if [ -z "$_domains" ]; then |
|
||||
_err "Primary domain list not found!" |
|
||||
return 1 |
|
||||
fi |
|
||||
for _domain in $_domains; do |
|
||||
if (_endswith "$fulldomain" "$_domain"); then |
|
||||
_debug "Root domain: $_domain" |
|
||||
return 0 |
|
||||
fi |
|
||||
done |
|
||||
return 1 |
|
||||
} |
|
||||
|
|
||||
_successful_update() { |
|
||||
if (echo "$_result" | grep -q 'table-success'); then return 0; fi |
|
||||
return 1 |
|
||||
} |
|
||||
|
|
||||
_findentry() { |
|
||||
#args $1: fulldomain, $2: txtvalue |
|
||||
#returns id of dns entry, if it exists |
|
||||
_myget "action=dns_primary_changeDNSsetup&user_domain=$_domain" |
|
||||
_debug3 "_result: $_result" |
|
||||
|
|
||||
_tmp_result=$(echo "$_result" | tr -d '\n\r' | _egrep_o "<td>$1</td>\s*<td>$2</td>[^?]*[^&]*&id=[^&]*") |
|
||||
_debug _tmp_result "$_tmp_result" |
|
||||
if [ -z "${_tmp_result:-}" ]; then |
|
||||
_debug "The variable is _tmp_result is not supposed to be empty, there may be something wrong with the script" |
|
||||
fi |
|
||||
|
|
||||
_id=$(echo "$_tmp_result" | sed 's/^.*=//') |
|
||||
if [ -n "$_id" ]; then |
|
||||
_debug "Entry found with _id=$_id" |
|
||||
return 0 |
|
||||
fi |
|
||||
return 1 |
|
||||
} |
|
@ -0,0 +1,232 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
######################################################################## |
||||
|
# Geoscaling hook script for acme.sh |
||||
|
# |
||||
|
# Environment variables: |
||||
|
# |
||||
|
# - $GEOSCALING_Username (your Geoscaling username - this is usually NOT an amail address) |
||||
|
# - $GEOSCALING_Password (your Geoscaling password) |
||||
|
|
||||
|
#-- dns_geoscaling_add() - Add TXT record -------------------------------------- |
||||
|
# Usage: dns_geoscaling_add _acme-challenge.subdomain.domain.com "XyZ123..." |
||||
|
|
||||
|
dns_geoscaling_add() { |
||||
|
full_domain=$1 |
||||
|
txt_value=$2 |
||||
|
_info "Using DNS-01 Geoscaling DNS2 hook" |
||||
|
|
||||
|
GEOSCALING_Username="${GEOSCALING_Username:-$(_readaccountconf_mutable GEOSCALING_Username)}" |
||||
|
GEOSCALING_Password="${GEOSCALING_Password:-$(_readaccountconf_mutable GEOSCALING_Password)}" |
||||
|
if [ -z "$GEOSCALING_Username" ] || [ -z "$GEOSCALING_Password" ]; then |
||||
|
GEOSCALING_Username= |
||||
|
GEOSCALING_Password= |
||||
|
_err "No auth details provided. Please set user credentials using the \$GEOSCALING_Username and \$GEOSCALING_Password environment variables." |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable GEOSCALING_Username "${GEOSCALING_Username}" |
||||
|
_saveaccountconf_mutable GEOSCALING_Password "${GEOSCALING_Password}" |
||||
|
|
||||
|
# Fills in the $zone_id and $zone_name |
||||
|
find_zone "${full_domain}" || return 1 |
||||
|
_debug "Zone id '${zone_id}' will be used." |
||||
|
|
||||
|
# We're logged in here |
||||
|
|
||||
|
# we should add ${full_domain} minus the trailing ${zone_name} |
||||
|
|
||||
|
prefix=$(echo "${full_domain}" | sed "s|\\.${zone_name}\$||") |
||||
|
|
||||
|
body="id=${zone_id}&name=${prefix}&type=TXT&content=${txt_value}&ttl=300&prio=0" |
||||
|
|
||||
|
do_post "$body" "https://www.geoscaling.com/dns2/ajax/add_record.php" |
||||
|
exit_code="$?" |
||||
|
if [ "${exit_code}" -eq 0 ]; then |
||||
|
_info "TXT record added successfully." |
||||
|
else |
||||
|
_err "Couldn't add the TXT record." |
||||
|
fi |
||||
|
do_logout |
||||
|
return "${exit_code}" |
||||
|
} |
||||
|
|
||||
|
#-- dns_geoscaling_rm() - Remove TXT record ------------------------------------ |
||||
|
# Usage: dns_geoscaling_rm _acme-challenge.subdomain.domain.com "XyZ123..." |
||||
|
|
||||
|
dns_geoscaling_rm() { |
||||
|
full_domain=$1 |
||||
|
txt_value=$2 |
||||
|
_info "Cleaning up after DNS-01 Geoscaling DNS2 hook" |
||||
|
|
||||
|
GEOSCALING_Username="${GEOSCALING_Username:-$(_readaccountconf_mutable GEOSCALING_Username)}" |
||||
|
GEOSCALING_Password="${GEOSCALING_Password:-$(_readaccountconf_mutable GEOSCALING_Password)}" |
||||
|
if [ -z "$GEOSCALING_Username" ] || [ -z "$GEOSCALING_Password" ]; then |
||||
|
GEOSCALING_Username= |
||||
|
GEOSCALING_Password= |
||||
|
_err "No auth details provided. Please set user credentials using the \$GEOSCALING_Username and \$GEOSCALING_Password environment variables." |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable GEOSCALING_Username "${GEOSCALING_Username}" |
||||
|
_saveaccountconf_mutable GEOSCALING_Password "${GEOSCALING_Password}" |
||||
|
|
||||
|
# fills in the $zone_id |
||||
|
find_zone "${full_domain}" || return 1 |
||||
|
_debug "Zone id '${zone_id}' will be used." |
||||
|
|
||||
|
# Here we're logged in |
||||
|
# Find the record id to clean |
||||
|
|
||||
|
# get the domain |
||||
|
response=$(do_get "https://www.geoscaling.com/dns2/index.php?module=domain&id=${zone_id}") |
||||
|
_debug2 "response" "$response" |
||||
|
|
||||
|
table="$(echo "${response}" | tr -d '\n' | sed 's|.*<div class="box"><div class="boxtitle">Basic Records</div><div class="boxtext"><table|<table|; s|</table>.*|</table>|')" |
||||
|
_debug2 table "${table}" |
||||
|
names=$(echo "${table}" | _egrep_o 'id="[0-9]+\.name">[^<]*</td>' | sed 's|</td>||; s|.*>||') |
||||
|
ids=$(echo "${table}" | _egrep_o 'id="[0-9]+\.name">[^<]*</td>' | sed 's|\.name">.*||; s|id="||') |
||||
|
types=$(echo "${table}" | _egrep_o 'id="[0-9]+\.type">[^<]*</td>' | sed 's|</td>||; s|.*>||') |
||||
|
values=$(echo "${table}" | _egrep_o 'id="[0-9]+\.content">[^<]*</td>' | sed 's|</td>||; s|.*>||') |
||||
|
|
||||
|
_debug2 names "${names}" |
||||
|
_debug2 ids "${ids}" |
||||
|
_debug2 types "${types}" |
||||
|
_debug2 values "${values}" |
||||
|
|
||||
|
# look for line whose name is ${full_domain}, whose type is TXT, and whose value is ${txt_value} |
||||
|
line_num="$(echo "${values}" | grep -F -n -- "${txt_value}" | _head_n 1 | cut -d ':' -f 1)" |
||||
|
_debug2 line_num "${line_num}" |
||||
|
found_id= |
||||
|
if [ -n "$line_num" ]; then |
||||
|
type=$(echo "${types}" | sed -n "${line_num}p") |
||||
|
name=$(echo "${names}" | sed -n "${line_num}p") |
||||
|
id=$(echo "${ids}" | sed -n "${line_num}p") |
||||
|
|
||||
|
_debug2 type "$type" |
||||
|
_debug2 name "$name" |
||||
|
_debug2 id "$id" |
||||
|
_debug2 full_domain "$full_domain" |
||||
|
|
||||
|
if [ "${type}" = "TXT" ] && [ "${name}" = "${full_domain}" ]; then |
||||
|
found_id=${id} |
||||
|
fi |
||||
|
fi |
||||
|
|
||||
|
if [ "${found_id}" = "" ]; then |
||||
|
_err "Can not find record id." |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
# Remove the record |
||||
|
body="id=${zone_id}&record_id=${found_id}" |
||||
|
response=$(do_post "$body" "https://www.geoscaling.com/dns2/ajax/delete_record.php") |
||||
|
exit_code="$?" |
||||
|
if [ "$exit_code" -eq 0 ]; then |
||||
|
_info "Record removed successfully." |
||||
|
else |
||||
|
_err "Could not clean (remove) up the record. Please go to Geoscaling administration interface and clean it by hand." |
||||
|
fi |
||||
|
do_logout |
||||
|
return "${exit_code}" |
||||
|
} |
||||
|
|
||||
|
########################## PRIVATE FUNCTIONS ########################### |
||||
|
|
||||
|
do_get() { |
||||
|
_url=$1 |
||||
|
export _H1="Cookie: $geoscaling_phpsessid_cookie" |
||||
|
_get "${_url}" |
||||
|
} |
||||
|
|
||||
|
do_post() { |
||||
|
_body=$1 |
||||
|
_url=$2 |
||||
|
export _H1="Cookie: $geoscaling_phpsessid_cookie" |
||||
|
_post "${_body}" "${_url}" |
||||
|
} |
||||
|
|
||||
|
do_login() { |
||||
|
|
||||
|
_info "Logging in..." |
||||
|
|
||||
|
username_encoded="$(printf "%s" "${GEOSCALING_Username}" | _url_encode)" |
||||
|
password_encoded="$(printf "%s" "${GEOSCALING_Password}" | _url_encode)" |
||||
|
body="username=${username_encoded}&password=${password_encoded}" |
||||
|
|
||||
|
response=$(_post "$body" "https://www.geoscaling.com/dns2/index.php?module=auth") |
||||
|
_debug2 response "${response}" |
||||
|
|
||||
|
#retcode=$(grep '^HTTP[^ ]*' "${HTTP_HEADER}" | _head_n 1 | _egrep_o '[0-9]+$') |
||||
|
retcode=$(grep '^HTTP[^ ]*' "${HTTP_HEADER}" | _head_n 1 | cut -d ' ' -f 2) |
||||
|
|
||||
|
if [ "$retcode" != "302" ]; then |
||||
|
_err "Geoscaling login failed for user ${GEOSCALING_Username}. Check ${HTTP_HEADER} file" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
geoscaling_phpsessid_cookie="$(grep -i '^set-cookie:' "${HTTP_HEADER}" | _egrep_o 'PHPSESSID=[^;]*;' | tr -d ';')" |
||||
|
return 0 |
||||
|
|
||||
|
} |
||||
|
|
||||
|
do_logout() { |
||||
|
_info "Logging out." |
||||
|
response="$(do_get "https://www.geoscaling.com/dns2/index.php?module=auth")" |
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
find_zone() { |
||||
|
domain="$1" |
||||
|
|
||||
|
# do login |
||||
|
do_login || return 1 |
||||
|
|
||||
|
# get zones |
||||
|
response="$(do_get "https://www.geoscaling.com/dns2/index.php?module=domains")" |
||||
|
|
||||
|
table="$(echo "${response}" | tr -d '\n' | sed 's|.*<div class="box"><div class="boxtitle">Your domains</div><div class="boxtext"><table|<table|; s|</table>.*|</table>|')" |
||||
|
_debug2 table "${table}" |
||||
|
zone_names="$(echo "${table}" | _egrep_o '<b>[^<]*</b>' | sed 's|<b>||;s|</b>||')" |
||||
|
_debug2 _matches "${zone_names}" |
||||
|
# Zone names and zone IDs are in same order |
||||
|
zone_ids=$(echo "${table}" | _egrep_o '<a href=.index\.php\?module=domain&id=[0-9]+. onclick="javascript:show_loader\(\);">' | sed 's|.*id=||;s|. .*||') |
||||
|
|
||||
|
_debug2 "These are the zones on this Geoscaling account:" |
||||
|
_debug2 "zone_names" "${zone_names}" |
||||
|
_debug2 "And these are their respective IDs:" |
||||
|
_debug2 "zone_ids" "${zone_ids}" |
||||
|
if [ -z "${zone_names}" ] || [ -z "${zone_ids}" ]; then |
||||
|
_err "Can not get zone names or IDs." |
||||
|
return 1 |
||||
|
fi |
||||
|
# Walk through all possible zone names |
||||
|
strip_counter=1 |
||||
|
while true; do |
||||
|
attempted_zone=$(echo "${domain}" | cut -d . -f ${strip_counter}-) |
||||
|
|
||||
|
# All possible zone names have been tried |
||||
|
if [ -z "${attempted_zone}" ]; then |
||||
|
_err "No zone for domain '${domain}' found." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug "Looking for zone '${attempted_zone}'" |
||||
|
|
||||
|
line_num="$(echo "${zone_names}" | grep -n "^${attempted_zone}\$" | _head_n 1 | cut -d : -f 1)" |
||||
|
_debug2 line_num "${line_num}" |
||||
|
if [ "$line_num" ]; then |
||||
|
zone_id=$(echo "${zone_ids}" | sed -n "${line_num}p") |
||||
|
zone_name=$(echo "${zone_names}" | sed -n "${line_num}p") |
||||
|
if [ -z "${zone_id}" ]; then |
||||
|
_err "Can not find zone id." |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug "Found relevant zone '${attempted_zone}' with id '${zone_id}' - will be used for domain '${domain}'." |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
_debug "Zone '${attempted_zone}' doesn't exist, let's try a less specific zone." |
||||
|
strip_counter=$(_math "${strip_counter}" + 1) |
||||
|
done |
||||
|
} |
||||
|
# vim: et:ts=2:sw=2: |
@ -0,0 +1,147 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#LA_Id="test123" |
||||
|
#LA_Key="d1j2fdo4dee3948" |
||||
|
|
||||
|
LA_Api="https://api.dns.la/api" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: dns_la_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_la_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
LA_Id="${LA_Id:-$(_readaccountconf_mutable LA_Id)}" |
||||
|
LA_Key="${LA_Key:-$(_readaccountconf_mutable LA_Key)}" |
||||
|
|
||||
|
if [ -z "$LA_Id" ] || [ -z "$LA_Key" ]; then |
||||
|
LA_Id="" |
||||
|
LA_Key="" |
||||
|
_err "You didn't specify a dnsla api id and key yet." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
#save the api key and email to the account conf file. |
||||
|
_saveaccountconf_mutable LA_Id "$LA_Id" |
||||
|
_saveaccountconf_mutable LA_Key "$LA_Key" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_info "Adding record" |
||||
|
if _la_rest "record.ashx?cmd=create&apiid=$LA_Id&apipass=$LA_Key&rtype=json&domainid=$_domain_id&host=$_sub_domain&recordtype=TXT&recorddata=$txtvalue&recordline="; then |
||||
|
if _contains "$response" '"resultid":'; then |
||||
|
_info "Added, OK" |
||||
|
return 0 |
||||
|
elif _contains "$response" '"code":532'; then |
||||
|
_info "Already exists, OK" |
||||
|
return 0 |
||||
|
else |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
|
||||
|
} |
||||
|
|
||||
|
#fulldomain txtvalue |
||||
|
dns_la_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
LA_Id="${LA_Id:-$(_readaccountconf_mutable LA_Id)}" |
||||
|
LA_Key="${LA_Key:-$(_readaccountconf_mutable LA_Key)}" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
if ! _la_rest "record.ashx?cmd=listn&apiid=$LA_Id&apipass=$LA_Key&rtype=json&domainid=$_domain_id&domain=$_domain&host=$_sub_domain&recordtype=TXT&recorddata=$txtvalue"; then |
||||
|
_err "Error" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _contains "$response" '"recordid":'; then |
||||
|
_info "Don't need to remove." |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
record_id=$(printf "%s" "$response" | grep '"recordid":' | cut -d : -f 2 | cut -d , -f 1 | tr -d '\r' | tr -d '\n') |
||||
|
_debug "record_id" "$record_id" |
||||
|
if [ -z "$record_id" ]; then |
||||
|
_err "Can not get record id to remove." |
||||
|
return 1 |
||||
|
fi |
||||
|
if ! _la_rest "record.ashx?cmd=remove&apiid=$LA_Id&apipass=$LA_Key&rtype=json&domainid=$_domain_id&domain=$_domain&recordid=$record_id"; then |
||||
|
_err "Delete record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
_contains "$response" '"code":300' |
||||
|
|
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _sub_domain=_acme-challenge.www |
||||
|
# _domain=domain.com |
||||
|
# _domain_id=sdjkglgdfewsdfg |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
i=1 |
||||
|
p=1 |
||||
|
|
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _la_rest "domain.ashx?cmd=get&apiid=$LA_Id&apipass=$LA_Key&rtype=json&domain=$h"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _contains "$response" '"domainid":'; then |
||||
|
_domain_id=$(printf "%s" "$response" | grep '"domainid":' | cut -d : -f 2 | cut -d , -f 1 | tr -d '\r' | tr -d '\n') |
||||
|
if [ "$_domain_id" ]; then |
||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
||||
|
_domain="$h" |
||||
|
return 0 |
||||
|
fi |
||||
|
return 1 |
||||
|
fi |
||||
|
p="$i" |
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
#Usage: URI |
||||
|
_la_rest() { |
||||
|
url="$LA_Api/$1" |
||||
|
_debug "$url" |
||||
|
|
||||
|
if ! response="$(_get "$url" | tr -d ' ' | tr "}" ",")"; then |
||||
|
_err "Error: $url" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
@ -0,0 +1,115 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# |
||||
|
#RAGE4_TOKEN="sdfsdfsdfljlbjkljlkjsdfoiwje" |
||||
|
# |
||||
|
#RAGE4_USERNAME="xxxx@sss.com" |
||||
|
|
||||
|
RAGE4_Api="https://rage4.com/rapi/" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_rage4_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
unquotedtxtvalue=$(echo "$txtvalue" | tr -d \") |
||||
|
|
||||
|
RAGE4_USERNAME="${RAGE4_USERNAME:-$(_readaccountconf_mutable RAGE4_USERNAME)}" |
||||
|
RAGE4_TOKEN="${RAGE4_TOKEN:-$(_readaccountconf_mutable RAGE4_TOKEN)}" |
||||
|
|
||||
|
if [ -z "$RAGE4_USERNAME" ] || [ -z "$RAGE4_TOKEN" ]; then |
||||
|
RAGE4_USERNAME="" |
||||
|
RAGE4_TOKEN="" |
||||
|
_err "You didn't specify a Rage4 api token and username yet." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
#save the api key and email to the account conf file. |
||||
|
_saveaccountconf_mutable RAGE4_USERNAME "$RAGE4_USERNAME" |
||||
|
_saveaccountconf_mutable RAGE4_TOKEN "$RAGE4_TOKEN" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
|
||||
|
_rage4_rest "createrecord/?id=$_domain_id&name=$fulldomain&content=$unquotedtxtvalue&type=TXT&active=true&ttl=1" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#fulldomain txtvalue |
||||
|
dns_rage4_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
RAGE4_USERNAME="${RAGE4_USERNAME:-$(_readaccountconf_mutable RAGE4_USERNAME)}" |
||||
|
RAGE4_TOKEN="${RAGE4_TOKEN:-$(_readaccountconf_mutable RAGE4_TOKEN)}" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
_rage4_rest "getrecords/?id=${_domain_id}" |
||||
|
|
||||
|
_record_id=$(echo "$response" | sed -rn 's/.*"id":([[:digit:]]+)[^\}]*'"$txtvalue"'.*/\1/p') |
||||
|
_rage4_rest "deleterecord/?id=${_record_id}" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _domain=domain.com |
||||
|
# _domain_id=sdjkglgdfewsdfg |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
|
||||
|
if ! _rage4_rest "getdomains"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _get_root_domain "$domain" |
||||
|
|
||||
|
for line in $(echo "$response" | tr '}' '\n'); do |
||||
|
__domain=$(echo "$line" | sed -rn 's/.*"name":"([^"]*)",.*/\1/p') |
||||
|
__domain_id=$(echo "$line" | sed -rn 's/.*"id":([^,]*),.*/\1/p') |
||||
|
if [ "$domain" != "${domain%"$__domain"*}" ]; then |
||||
|
_domain_id="$__domain_id" |
||||
|
break |
||||
|
fi |
||||
|
done |
||||
|
|
||||
|
if [ -z "$_domain_id" ]; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
_rage4_rest() { |
||||
|
ep="$1" |
||||
|
_debug "$ep" |
||||
|
|
||||
|
username_trimmed=$(echo "$RAGE4_USERNAME" | tr -d '"') |
||||
|
token_trimmed=$(echo "$RAGE4_TOKEN" | tr -d '"') |
||||
|
auth=$(printf '%s:%s' "$username_trimmed" "$token_trimmed" | _base64) |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
export _H2="Authorization: Basic $auth" |
||||
|
|
||||
|
response="$(_get "$RAGE4_Api$ep")" |
||||
|
|
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error $ep" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
@ -0,0 +1,94 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
# |
||||
|
# Author: Marvin Edeler |
||||
|
# Report Bugs here: https://github.com/Marvo2011/acme.sh/issues/1 |
||||
|
# Last Edit: 17.02.2022 |
||||
|
|
||||
|
dns_selfhost_add() { |
||||
|
fulldomain=$1 |
||||
|
txt=$2 |
||||
|
_info "Calling acme-dns on selfhost" |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txt" |
||||
|
|
||||
|
SELFHOSTDNS_UPDATE_URL="https://selfhost.de/cgi-bin/api.pl" |
||||
|
|
||||
|
# Get values, but don't save until we successfully validated |
||||
|
SELFHOSTDNS_USERNAME="${SELFHOSTDNS_USERNAME:-$(_readaccountconf_mutable SELFHOSTDNS_USERNAME)}" |
||||
|
SELFHOSTDNS_PASSWORD="${SELFHOSTDNS_PASSWORD:-$(_readaccountconf_mutable SELFHOSTDNS_PASSWORD)}" |
||||
|
# These values are domain dependent, so read them from there |
||||
|
SELFHOSTDNS_MAP="${SELFHOSTDNS_MAP:-$(_readdomainconf SELFHOSTDNS_MAP)}" |
||||
|
# Selfhost api can't dynamically add TXT record, |
||||
|
# so we have to store the last used RID of the domain to support a second RID for wildcard domains |
||||
|
# (format: 'fulldomainA:lastRid fulldomainB:lastRid ...') |
||||
|
SELFHOSTDNS_MAP_LAST_USED_INTERNAL=$(_readdomainconf SELFHOSTDNS_MAP_LAST_USED_INTERNAL) |
||||
|
|
||||
|
if [ -z "${SELFHOSTDNS_USERNAME:-}" ] || [ -z "${SELFHOSTDNS_PASSWORD:-}" ]; then |
||||
|
_err "SELFHOSTDNS_USERNAME and SELFHOSTDNS_PASSWORD must be set" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# get the domain entry from SELFHOSTDNS_MAP |
||||
|
# only match full domains (at the beginning of the string or with a leading whitespace), |
||||
|
# e.g. don't match mytest.example.com or sub.test.example.com for test.example.com |
||||
|
# if the domain is defined multiple times only the last occurance will be matched |
||||
|
mapEntry=$(echo "$SELFHOSTDNS_MAP" | sed -n -E "s/(^|^.*[[:space:]])($fulldomain)(:[[:digit:]]+)([:]?[[:digit:]]*)(.*)/\2\3\4/p") |
||||
|
_debug2 mapEntry "$mapEntry" |
||||
|
if test -z "$mapEntry"; then |
||||
|
_err "SELFHOSTDNS_MAP must contain the fulldomain incl. prefix and at least one RID" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# get the RIDs from the map entry |
||||
|
rid1=$(echo "$mapEntry" | cut -d: -f2) |
||||
|
rid2=$(echo "$mapEntry" | cut -d: -f3) |
||||
|
|
||||
|
# read last used rid domain |
||||
|
lastUsedRidForDomainEntry=$(echo "$SELFHOSTDNS_MAP_LAST_USED_INTERNAL" | sed -n -E "s/(^|^.*[[:space:]])($fulldomain:[[:digit:]]+)(.*)/\2/p") |
||||
|
_debug2 lastUsedRidForDomainEntry "$lastUsedRidForDomainEntry" |
||||
|
lastUsedRidForDomain=$(echo "$lastUsedRidForDomainEntry" | cut -d: -f2) |
||||
|
|
||||
|
rid="$rid1" |
||||
|
if [ "$lastUsedRidForDomain" = "$rid" ] && ! test -z "$rid2"; then |
||||
|
rid="$rid2" |
||||
|
fi |
||||
|
|
||||
|
_info "Trying to add $txt on selfhost for rid: $rid" |
||||
|
|
||||
|
data="?username=$SELFHOSTDNS_USERNAME&password=$SELFHOSTDNS_PASSWORD&rid=$rid&content=$txt" |
||||
|
response="$(_get "$SELFHOSTDNS_UPDATE_URL$data")" |
||||
|
|
||||
|
if ! echo "$response" | grep "200 OK" >/dev/null; then |
||||
|
_err "Invalid response of acme-dns for selfhost" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
# write last used rid domain |
||||
|
newLastUsedRidForDomainEntry="$fulldomain:$rid" |
||||
|
if ! test -z "$lastUsedRidForDomainEntry"; then |
||||
|
# replace last used rid entry for domain |
||||
|
SELFHOSTDNS_MAP_LAST_USED_INTERNAL=$(echo "$SELFHOSTDNS_MAP_LAST_USED_INTERNAL" | sed -n -E "s/$lastUsedRidForDomainEntry/$newLastUsedRidForDomainEntry/p") |
||||
|
else |
||||
|
# add last used rid entry for domain |
||||
|
if test -z "$SELFHOSTDNS_MAP_LAST_USED_INTERNAL"; then |
||||
|
SELFHOSTDNS_MAP_LAST_USED_INTERNAL="$newLastUsedRidForDomainEntry" |
||||
|
else |
||||
|
SELFHOSTDNS_MAP_LAST_USED_INTERNAL="$SELFHOSTDNS_MAP_LAST_USED_INTERNAL $newLastUsedRidForDomainEntry" |
||||
|
fi |
||||
|
fi |
||||
|
|
||||
|
# Now that we know the values are good, save them |
||||
|
_saveaccountconf_mutable SELFHOSTDNS_USERNAME "$SELFHOSTDNS_USERNAME" |
||||
|
_saveaccountconf_mutable SELFHOSTDNS_PASSWORD "$SELFHOSTDNS_PASSWORD" |
||||
|
# These values are domain dependent, so store them there |
||||
|
_savedomainconf SELFHOSTDNS_MAP "$SELFHOSTDNS_MAP" |
||||
|
_savedomainconf SELFHOSTDNS_MAP_LAST_USED_INTERNAL "$SELFHOSTDNS_MAP_LAST_USED_INTERNAL" |
||||
|
} |
||||
|
|
||||
|
dns_selfhost_rm() { |
||||
|
fulldomain=$1 |
||||
|
txt=$2 |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txt" |
||||
|
_info "Creating and removing of records is not supported by selfhost API, will not delete anything." |
||||
|
} |
@ -0,0 +1,142 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
# Vercel DNS API |
||||
|
# |
||||
|
# This is your API token which can be acquired on the account page. |
||||
|
# https://vercel.com/account/tokens |
||||
|
# |
||||
|
# VERCEL_TOKEN="sdfsdfsdfljlbjkljlkjsdfoiwje" |
||||
|
|
||||
|
VERCEL_API="https://api.vercel.com" |
||||
|
|
||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_vercel_add() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
_debug fulldomain "$fulldomain" |
||||
|
_debug txtvalue "$txtvalue" |
||||
|
|
||||
|
VERCEL_TOKEN="${VERCEL_TOKEN:-$(_readaccountconf_mutable VERCEL_TOKEN)}" |
||||
|
|
||||
|
if [ -z "$VERCEL_TOKEN" ]; then |
||||
|
VERCEL_TOKEN="" |
||||
|
_err "You have not set the Vercel API token yet." |
||||
|
_err "Please visit https://vercel.com/account/tokens to generate it." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_saveaccountconf_mutable VERCEL_TOKEN "$VERCEL_TOKEN" |
||||
|
|
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_info "Adding record" |
||||
|
if _vercel_rest POST "v2/domains/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"value\":\"$txtvalue\"}"; then |
||||
|
if printf -- "%s" "$response" | grep "\"uid\":\"" >/dev/null; then |
||||
|
_info "Added" |
||||
|
return 0 |
||||
|
else |
||||
|
_err "Unexpected response while adding text record." |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Add txt record error." |
||||
|
} |
||||
|
|
||||
|
dns_vercel_rm() { |
||||
|
fulldomain=$1 |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_vercel_rest GET "v2/domains/$_domain/records" |
||||
|
|
||||
|
count=$(printf "%s\n" "$response" | _egrep_o "\"name\":\"$_sub_domain\",[^{]*\"type\":\"TXT\"" | wc -l | tr -d " ") |
||||
|
|
||||
|
if [ "$count" = "0" ]; then |
||||
|
_info "Don't need to remove." |
||||
|
else |
||||
|
_record_id=$(printf "%s" "$response" | _egrep_o "\"id\":[^,]*,\"slug\":\"[^,]*\",\"name\":\"$_sub_domain\",[^{]*\"type\":\"TXT\",\"value\":\"$txtvalue\"" | cut -d: -f2 | cut -d, -f1 | tr -d '"') |
||||
|
|
||||
|
if [ "$_record_id" ]; then |
||||
|
echo "$_record_id" | while read -r item; do |
||||
|
if _vercel_rest DELETE "v2/domains/$_domain/records/$item"; then |
||||
|
_info "removed record" "$item" |
||||
|
return 0 |
||||
|
else |
||||
|
_err "failed to remove record" "$item" |
||||
|
return 1 |
||||
|
fi |
||||
|
done |
||||
|
fi |
||||
|
fi |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _sub_domain=_acme-challenge.www |
||||
|
# _domain=domain.com |
||||
|
_get_root() { |
||||
|
domain="$1" |
||||
|
ep="$2" |
||||
|
i=1 |
||||
|
p=1 |
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if ! _vercel_rest GET "v4/domains/$h"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _contains "$response" "\"name\":\"$h\"" >/dev/null; then |
||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
||||
|
_domain=$h |
||||
|
return 0 |
||||
|
fi |
||||
|
p=$i |
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_vercel_rest() { |
||||
|
m="$1" |
||||
|
ep="$2" |
||||
|
data="$3" |
||||
|
|
||||
|
path="$VERCEL_API/$ep" |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
export _H2="Authorization: Bearer $VERCEL_TOKEN" |
||||
|
|
||||
|
if [ "$m" != "GET" ]; then |
||||
|
_secure_debug2 data "$data" |
||||
|
response="$(_post "$data" "$path" "" "$m")" |
||||
|
else |
||||
|
response="$(_get "$path")" |
||||
|
fi |
||||
|
_ret="$?" |
||||
|
_code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")" |
||||
|
_debug "http response code $_code" |
||||
|
_secure_debug2 response "$response" |
||||
|
if [ "$_ret" != "0" ]; then |
||||
|
_err "error $ep" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
response="$(printf "%s" "$response" | _normalizeJson)" |
||||
|
return 0 |
||||
|
} |
@ -0,0 +1,264 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#YC_Zone_ID="" # DNS Zone ID |
||||
|
#YC_Folder_ID="" # YC Folder ID |
||||
|
#YC_SA_ID="" # Service Account ID |
||||
|
#YC_SA_Key_ID="" # Service Account IAM Key ID |
||||
|
#YC_SA_Key_File_Path="/path/to/private.key" # Path to private.key use instead of YC_SA_Key_File_PEM_b64 |
||||
|
#YC_SA_Key_File_PEM_b64="" # Base64 content of private.key use instead of YC_SA_Key_File_Path |
||||
|
YC_Api="https://dns.api.cloud.yandex.net/dns/v1" |
||||
|
|
||||
|
######## Public functions ##################### |
||||
|
|
||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
||||
|
dns_yc_add() { |
||||
|
fulldomain="$(echo "$1". | _lower_case)" # Add dot at end of domain name |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
YC_SA_Key_File_PEM_b64="${YC_SA_Key_File_PEM_b64:-$(_readaccountconf_mutable YC_SA_Key_File_PEM_b64)}" |
||||
|
YC_SA_Key_File_Path="${YC_SA_Key_File_Path:-$(_readaccountconf_mutable YC_SA_Key_File_Path)}" |
||||
|
|
||||
|
if [ "$YC_SA_Key_File_PEM_b64" ]; then |
||||
|
echo "$YC_SA_Key_File_PEM_b64" | _dbase64 >private.key |
||||
|
YC_SA_Key_File="private.key" |
||||
|
_savedomainconf YC_SA_Key_File_PEM_b64 "$YC_SA_Key_File_PEM_b64" |
||||
|
else |
||||
|
YC_SA_Key_File="$YC_SA_Key_File_Path" |
||||
|
_savedomainconf YC_SA_Key_File_Path "$YC_SA_Key_File_Path" |
||||
|
fi |
||||
|
|
||||
|
YC_Zone_ID="${YC_Zone_ID:-$(_readaccountconf_mutable YC_Zone_ID)}" |
||||
|
YC_Folder_ID="${YC_Folder_ID:-$(_readaccountconf_mutable YC_Folder_ID)}" |
||||
|
YC_SA_ID="${YC_SA_ID:-$(_readaccountconf_mutable YC_SA_ID)}" |
||||
|
YC_SA_Key_ID="${YC_SA_Key_ID:-$(_readaccountconf_mutable YC_SA_Key_ID)}" |
||||
|
|
||||
|
if [ "$YC_SA_ID" ] && [ "$YC_SA_Key_ID" ] && [ "$YC_SA_Key_File" ]; then |
||||
|
if [ -f "$YC_SA_Key_File" ]; then |
||||
|
if _isRSA "$YC_SA_Key_File" >/dev/null 2>&1; then |
||||
|
if [ "$YC_Zone_ID" ]; then |
||||
|
_savedomainconf YC_Zone_ID "$YC_Zone_ID" |
||||
|
_savedomainconf YC_SA_ID "$YC_SA_ID" |
||||
|
_savedomainconf YC_SA_Key_ID "$YC_SA_Key_ID" |
||||
|
elif [ "$YC_Folder_ID" ]; then |
||||
|
_savedomainconf YC_Folder_ID "$YC_Folder_ID" |
||||
|
_saveaccountconf_mutable YC_SA_ID "$YC_SA_ID" |
||||
|
_saveaccountconf_mutable YC_SA_Key_ID "$YC_SA_Key_ID" |
||||
|
_clearaccountconf_mutable YC_Zone_ID |
||||
|
_clearaccountconf YC_Zone_ID |
||||
|
else |
||||
|
_err "You didn't specify a Yandex Cloud Zone ID or Folder ID yet." |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
_err "YC_SA_Key_File not a RSA file(_isRSA function return false)." |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
_err "YC_SA_Key_File not found in path $YC_SA_Key_File." |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
_clearaccountconf YC_Zone_ID |
||||
|
_clearaccountconf YC_Folder_ID |
||||
|
_clearaccountconf YC_SA_ID |
||||
|
_clearaccountconf YC_SA_Key_ID |
||||
|
_clearaccountconf YC_SA_Key_File_PEM_b64 |
||||
|
_clearaccountconf YC_SA_Key_File_Path |
||||
|
_err "You didn't specify a YC_SA_ID or YC_SA_Key_ID or YC_SA_Key_File." |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
if ! _yc_rest GET "zones/${_domain_id}:getRecordSet?type=TXT&name=$_sub_domain"; then |
||||
|
_err "Error: $response" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
_info "Adding record" |
||||
|
if _yc_rest POST "zones/$_domain_id:upsertRecordSets" "{\"merges\": [ { \"name\":\"$_sub_domain\",\"type\":\"TXT\",\"ttl\":\"120\",\"data\":[\"$txtvalue\"]}]}"; then |
||||
|
if _contains "$response" "\"done\": true"; then |
||||
|
_info "Added, OK" |
||||
|
return 0 |
||||
|
else |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Add txt record error." |
||||
|
return 1 |
||||
|
|
||||
|
} |
||||
|
|
||||
|
#fulldomain txtvalue |
||||
|
dns_yc_rm() { |
||||
|
fulldomain="$(echo "$1". | _lower_case)" # Add dot at end of domain name |
||||
|
txtvalue=$2 |
||||
|
|
||||
|
YC_Zone_ID="${YC_Zone_ID:-$(_readaccountconf_mutable YC_Zone_ID)}" |
||||
|
YC_Folder_ID="${YC_Folder_ID:-$(_readaccountconf_mutable YC_Folder_ID)}" |
||||
|
YC_SA_ID="${YC_SA_ID:-$(_readaccountconf_mutable YC_SA_ID)}" |
||||
|
YC_SA_Key_ID="${YC_SA_Key_ID:-$(_readaccountconf_mutable YC_SA_Key_ID)}" |
||||
|
|
||||
|
_debug "First detect the root zone" |
||||
|
if ! _get_root "$fulldomain"; then |
||||
|
_err "invalid domain" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
_debug _sub_domain "$_sub_domain" |
||||
|
_debug _domain "$_domain" |
||||
|
|
||||
|
_debug "Getting txt records" |
||||
|
if _yc_rest GET "zones/${_domain_id}:getRecordSet?type=TXT&name=$_sub_domain"; then |
||||
|
exists_txtvalue=$(echo "$response" | _normalizeJson | _egrep_o "\"data\".*\][^,]*" | _egrep_o "[^:]*$") |
||||
|
_debug exists_txtvalue "$exists_txtvalue" |
||||
|
else |
||||
|
_err "Error: $response" |
||||
|
return 1 |
||||
|
fi |
||||
|
|
||||
|
if _yc_rest POST "zones/$_domain_id:updateRecordSets" "{\"deletions\": [ { \"name\":\"$_sub_domain\",\"type\":\"TXT\",\"ttl\":\"120\",\"data\":$exists_txtvalue}]}"; then |
||||
|
if _contains "$response" "\"done\": true"; then |
||||
|
_info "Delete, OK" |
||||
|
return 0 |
||||
|
else |
||||
|
_err "Delete record error." |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
_err "Delete record error." |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
#################### Private functions below ################################## |
||||
|
#_acme-challenge.www.domain.com |
||||
|
#returns |
||||
|
# _sub_domain=_acme-challenge.www |
||||
|
# _domain=domain.com |
||||
|
# _domain_id=sdjkglgdfewsdfg |
||||
|
_get_root() { |
||||
|
domain=$1 |
||||
|
i=1 |
||||
|
p=1 |
||||
|
|
||||
|
# Use Zone ID directly if provided |
||||
|
if [ "$YC_Zone_ID" ]; then |
||||
|
if ! _yc_rest GET "zones/$YC_Zone_ID"; then |
||||
|
return 1 |
||||
|
else |
||||
|
if echo "$response" | tr -d " " | _egrep_o "\"id\":\"$YC_Zone_ID\"" >/dev/null; then |
||||
|
_domain=$(echo "$response" | _egrep_o "\"zone\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | _head_n 1 | tr -d " ") |
||||
|
if [ "$_domain" ]; then |
||||
|
_cutlength=$((${#domain} - ${#_domain})) |
||||
|
_sub_domain=$(printf "%s" "$domain" | cut -c "1-$_cutlength") |
||||
|
_domain_id=$YC_Zone_ID |
||||
|
return 0 |
||||
|
else |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
return 1 |
||||
|
fi |
||||
|
fi |
||||
|
fi |
||||
|
|
||||
|
while true; do |
||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100) |
||||
|
_debug h "$h" |
||||
|
if [ -z "$h" ]; then |
||||
|
#not valid |
||||
|
return 1 |
||||
|
fi |
||||
|
if [ "$YC_Folder_ID" ]; then |
||||
|
if ! _yc_rest GET "zones?folderId=$YC_Folder_ID"; then |
||||
|
return 1 |
||||
|
fi |
||||
|
else |
||||
|
echo "You didn't specify a Yandex Cloud Folder ID." |
||||
|
return 1 |
||||
|
fi |
||||
|
if _contains "$response" "\"zone\": \"$h\""; then |
||||
|
_domain_id=$(echo "$response" | _normalizeJson | _egrep_o "[^{]*\"zone\":\"$h\"[^}]*" | _egrep_o "\"id\"[^,]*" | _egrep_o "[^:]*$" | tr -d '"') |
||||
|
_debug _domain_id "$_domain_id" |
||||
|
if [ "$_domain_id" ]; then |
||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
||||
|
_domain=$h |
||||
|
return 0 |
||||
|
fi |
||||
|
return 1 |
||||
|
fi |
||||
|
p=$i |
||||
|
i=$(_math "$i" + 1) |
||||
|
done |
||||
|
return 1 |
||||
|
} |
||||
|
|
||||
|
_yc_rest() { |
||||
|
m=$1 |
||||
|
ep="$2" |
||||
|
data="$3" |
||||
|
_debug "$ep" |
||||
|
|
||||
|
if [ ! "$YC_Token" ]; then |
||||
|
_debug "Login" |
||||
|
_yc_login |
||||
|
else |
||||
|
_debug "Token already exists. Skip Login." |
||||
|
fi |
||||
|
|
||||
|
token_trimmed=$(echo "$YC_Token" | tr -d '"') |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
export _H2="Authorization: Bearer $token_trimmed" |
||||
|
|
||||
|
if [ "$m" != "GET" ]; then |
||||
|
_debug data "$data" |
||||
|
response="$(_post "$data" "$YC_Api/$ep" "" "$m")" |
||||
|
else |
||||
|
response="$(_get "$YC_Api/$ep")" |
||||
|
fi |
||||
|
|
||||
|
if [ "$?" != "0" ]; then |
||||
|
_err "error $ep" |
||||
|
return 1 |
||||
|
fi |
||||
|
_debug2 response "$response" |
||||
|
return 0 |
||||
|
} |
||||
|
|
||||
|
_yc_login() { |
||||
|
header=$(echo "{\"typ\":\"JWT\",\"alg\":\"PS256\",\"kid\":\"$YC_SA_Key_ID\"}" | _normalizeJson | _base64 | _url_replace) |
||||
|
_debug header "$header" |
||||
|
|
||||
|
_current_timestamp=$(_time) |
||||
|
_expire_timestamp=$(_math "$_current_timestamp" + 1200) # 20 minutes |
||||
|
payload=$(echo "{\"iss\":\"$YC_SA_ID\",\"aud\":\"https://iam.api.cloud.yandex.net/iam/v1/tokens\",\"iat\":$_current_timestamp,\"exp\":$_expire_timestamp}" | _normalizeJson | _base64 | _url_replace) |
||||
|
_debug payload "$payload" |
||||
|
|
||||
|
#signature=$(printf "%s.%s" "$header" "$payload" | ${ACME_OPENSSL_BIN:-openssl} dgst -sign "$YC_SA_Key_File -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1" | _base64 | _url_replace ) |
||||
|
_signature=$(printf "%s.%s" "$header" "$payload" | _sign "$YC_SA_Key_File" "sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1" | _url_replace) |
||||
|
_debug2 _signature "$_signature" |
||||
|
|
||||
|
rm -rf "$YC_SA_Key_File" |
||||
|
|
||||
|
_jwt=$(printf "{\"jwt\": \"%s.%s.%s\"}" "$header" "$payload" "$_signature") |
||||
|
_debug2 _jwt "$_jwt" |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
_iam_response="$(_post "$_jwt" "https://iam.api.cloud.yandex.net/iam/v1/tokens" "" "POST")" |
||||
|
_debug3 _iam_response "$(echo "$_iam_response" | _normalizeJson)" |
||||
|
|
||||
|
YC_Token="$(echo "$_iam_response" | _normalizeJson | _egrep_o "\"iamToken\"[^,]*" | _egrep_o "[^:]*$" | tr -d '"')" |
||||
|
_debug3 YC_Token |
||||
|
|
||||
|
return 0 |
||||
|
} |
@ -0,0 +1,44 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#Support CallMeBot Whatsapp webhooks |
||||
|
|
||||
|
#CALLMEBOT_YOUR_PHONE_NO="" |
||||
|
#CALLMEBOT_API_KEY="" |
||||
|
|
||||
|
callmebotWhatsApp_send() { |
||||
|
_subject="$1" |
||||
|
_content="$2" |
||||
|
_statusCode="$3" #0: success, 1: error 2($RENEW_SKIP): skipped |
||||
|
_debug "_statusCode" "$_statusCode" |
||||
|
|
||||
|
CALLMEBOT_YOUR_PHONE_NO="${CALLMEBOT_YOUR_PHONE_NO:-$(_readaccountconf_mutable CALLMEBOT_YOUR_PHONE_NO)}" |
||||
|
if [ -z "$CALLMEBOT_YOUR_PHONE_NO" ]; then |
||||
|
CALLMEBOT_YOUR_PHONE_NO="" |
||||
|
_err "You didn't specify a Slack webhook url CALLMEBOT_YOUR_PHONE_NO yet." |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable CALLMEBOT_YOUR_PHONE_NO "$CALLMEBOT_YOUR_PHONE_NO" |
||||
|
|
||||
|
CALLMEBOT_API_KEY="${CALLMEBOT_API_KEY:-$(_readaccountconf_mutable CALLMEBOT_API_KEY)}" |
||||
|
if [ "$CALLMEBOT_API_KEY" ]; then |
||||
|
_saveaccountconf_mutable CALLMEBOT_API_KEY "$CALLMEBOT_API_KEY" |
||||
|
fi |
||||
|
|
||||
|
_waUrl="https://api.callmebot.com/whatsapp.php" |
||||
|
|
||||
|
_Phone_No="$(printf "%s" "$CALLMEBOT_YOUR_PHONE_NO" | _url_encode)" |
||||
|
_apikey="$(printf "%s" "$CALLMEBOT_API_KEY" | _url_encode)" |
||||
|
_message="$(printf "*%s*\\n%s" "$_subject" "$_content" | _url_encode)" |
||||
|
|
||||
|
_finalUrl="$_waUrl?phone=$_Phone_No&apikey=$_apikey&text=$_message" |
||||
|
response="$(_get "$_finalUrl")" |
||||
|
|
||||
|
if [ "$?" = "0" ] && _contains ".<p><b>Message queued.</b> You will receive it in a few seconds."; then |
||||
|
_info "wa send success." |
||||
|
return 0 |
||||
|
fi |
||||
|
_err "wa send error." |
||||
|
_debug "URL" "$_finalUrl" |
||||
|
_debug "Response" "$response" |
||||
|
return 1 |
||||
|
} |
@ -0,0 +1,57 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#Support Discord webhooks |
||||
|
|
||||
|
# Required: |
||||
|
#DISCORD_WEBHOOK_URL="" |
||||
|
# Optional: |
||||
|
#DISCORD_USERNAME="" |
||||
|
#DISCORD_AVATAR_URL="" |
||||
|
|
||||
|
discord_send() { |
||||
|
_subject="$1" |
||||
|
_content="$2" |
||||
|
_statusCode="$3" #0: success, 1: error 2($RENEW_SKIP): skipped |
||||
|
_debug "_statusCode" "$_statusCode" |
||||
|
|
||||
|
DISCORD_WEBHOOK_URL="${DISCORD_WEBHOOK_URL:-$(_readaccountconf_mutable DISCORD_WEBHOOK_URL)}" |
||||
|
if [ -z "$DISCORD_WEBHOOK_URL" ]; then |
||||
|
DISCORD_WEBHOOK_URL="" |
||||
|
_err "You didn't specify a Discord webhook url DISCORD_WEBHOOK_URL yet." |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable DISCORD_WEBHOOK_URL "$DISCORD_WEBHOOK_URL" |
||||
|
|
||||
|
DISCORD_USERNAME="${DISCORD_USERNAME:-$(_readaccountconf_mutable DISCORD_USERNAME)}" |
||||
|
if [ "$DISCORD_USERNAME" ]; then |
||||
|
_saveaccountconf_mutable DISCORD_USERNAME "$DISCORD_USERNAME" |
||||
|
fi |
||||
|
|
||||
|
DISCORD_AVATAR_URL="${DISCORD_AVATAR_URL:-$(_readaccountconf_mutable DISCORD_AVATAR_URL)}" |
||||
|
if [ "$DISCORD_AVATAR_URL" ]; then |
||||
|
_saveaccountconf_mutable DISCORD_AVATAR_URL "$DISCORD_AVATAR_URL" |
||||
|
fi |
||||
|
|
||||
|
export _H1="Content-Type: application/json" |
||||
|
|
||||
|
_content="$(printf "**%s**\n%s" "$_subject" "$_content" | _json_encode)" |
||||
|
_data="{\"content\": \"$_content\" " |
||||
|
if [ "$DISCORD_USERNAME" ]; then |
||||
|
_data="$_data, \"username\": \"$DISCORD_USERNAME\" " |
||||
|
fi |
||||
|
if [ "$DISCORD_AVATAR_URL" ]; then |
||||
|
_data="$_data, \"avatar_url\": \"$DISCORD_AVATAR_URL\" " |
||||
|
fi |
||||
|
_data="$_data}" |
||||
|
|
||||
|
if _post "$_data" "$DISCORD_WEBHOOK_URL?wait=true"; then |
||||
|
# shellcheck disable=SC2154 |
||||
|
if [ "$response" ]; then |
||||
|
_info "discord send success." |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
_err "discord send error." |
||||
|
_err "$response" |
||||
|
return 1 |
||||
|
} |
@ -0,0 +1,45 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#Support Slack APP notifications |
||||
|
|
||||
|
#SLACK_APP_CHANNEL="" |
||||
|
#SLACK_APP_TOKEN="" |
||||
|
|
||||
|
slack_app_send() { |
||||
|
_subject="$1" |
||||
|
_content="$2" |
||||
|
_statusCode="$3" #0: success, 1: error 2($RENEW_SKIP): skipped |
||||
|
_debug "_statusCode" "$_statusCode" |
||||
|
|
||||
|
SLACK_APP_CHANNEL="${SLACK_APP_CHANNEL:-$(_readaccountconf_mutable SLACK_APP_CHANNEL)}" |
||||
|
if [ -n "$SLACK_APP_CHANNEL" ]; then |
||||
|
_saveaccountconf_mutable SLACK_APP_CHANNEL "$SLACK_APP_CHANNEL" |
||||
|
fi |
||||
|
|
||||
|
SLACK_APP_TOKEN="${SLACK_APP_TOKEN:-$(_readaccountconf_mutable SLACK_APP_TOKEN)}" |
||||
|
if [ -n "$SLACK_APP_TOKEN" ]; then |
||||
|
_saveaccountconf_mutable SLACK_APP_TOKEN "$SLACK_APP_TOKEN" |
||||
|
fi |
||||
|
|
||||
|
_content="$(printf "*%s*\n%s" "$_subject" "$_content" | _json_encode)" |
||||
|
_data="{\"text\": \"$_content\", " |
||||
|
if [ -n "$SLACK_APP_CHANNEL" ]; then |
||||
|
_data="$_data\"channel\": \"$SLACK_APP_CHANNEL\", " |
||||
|
fi |
||||
|
_data="$_data\"mrkdwn\": \"true\"}" |
||||
|
|
||||
|
export _H1="Authorization: Bearer $SLACK_APP_TOKEN" |
||||
|
|
||||
|
SLACK_APP_API_URL="https://slack.com/api/chat.postMessage" |
||||
|
if _post "$_data" "$SLACK_APP_API_URL" "" "POST" "application/json; charset=utf-8"; then |
||||
|
# shellcheck disable=SC2154 |
||||
|
SLACK_APP_RESULT_OK=$(echo "$response" | _egrep_o 'ok" *: *true') |
||||
|
if [ "$?" = "0" ] && [ "$SLACK_APP_RESULT_OK" ]; then |
||||
|
_info "slack send success." |
||||
|
return 0 |
||||
|
fi |
||||
|
fi |
||||
|
_err "slack send error." |
||||
|
_err "$response" |
||||
|
return 1 |
||||
|
} |
@ -0,0 +1,49 @@ |
|||||
|
#!/usr/bin/env sh |
||||
|
|
||||
|
#Support weixin work webhooks api |
||||
|
|
||||
|
#WEIXIN_WORK_WEBHOOK="xxxx" |
||||
|
|
||||
|
#optional |
||||
|
#WEIXIN_WORK_KEYWORD="yyyy" |
||||
|
|
||||
|
#`WEIXIN_WORK_SIGNING_KEY`="SEC08ffdbd403cbc3fc8a65xxxxxxxxxxxxxxxxxxxx" |
||||
|
|
||||
|
# subject content statusCode |
||||
|
weixin_work_send() { |
||||
|
_subject="$1" |
||||
|
_content="$2" |
||||
|
_statusCode="$3" #0: success, 1: error 2($RENEW_SKIP): skipped |
||||
|
_debug "_subject" "$_subject" |
||||
|
_debug "_content" "$_content" |
||||
|
_debug "_statusCode" "$_statusCode" |
||||
|
|
||||
|
WEIXIN_WORK_WEBHOOK="${WEIXIN_WORK_WEBHOOK:-$(_readaccountconf_mutable WEIXIN_WORK_WEBHOOK)}" |
||||
|
if [ -z "$WEIXIN_WORK_WEBHOOK" ]; then |
||||
|
WEIXIN_WORK_WEBHOOK="" |
||||
|
_err "You didn't specify a weixin_work webhooks WEIXIN_WORK_WEBHOOK yet." |
||||
|
_err "You can get yours from https://work.weixin.qq.com/api/doc/90000/90136/91770" |
||||
|
return 1 |
||||
|
fi |
||||
|
_saveaccountconf_mutable WEIXIN_WORK_WEBHOOK "$WEIXIN_WORK_WEBHOOK" |
||||
|
|
||||
|
WEIXIN_WORK_KEYWORD="${WEIXIN_WORK_KEYWORD:-$(_readaccountconf_mutable WEIXIN_WORK_KEYWORD)}" |
||||
|
if [ "$WEIXIN_WORK_KEYWORD" ]; then |
||||
|
_saveaccountconf_mutable WEIXIN_WORK_KEYWORD "$WEIXIN_WORK_KEYWORD" |
||||
|
fi |
||||
|
|
||||
|
_content=$(echo "$_content" | _json_encode) |
||||
|
_subject=$(echo "$_subject" | _json_encode) |
||||
|
_data="{\"msgtype\": \"text\", \"text\": {\"content\": \"[$WEIXIN_WORK_KEYWORD]\n$_subject\n$_content\"}}" |
||||
|
|
||||
|
response="$(_post "$_data" "$WEIXIN_WORK_WEBHOOK" "" "POST" "application/json")" |
||||
|
|
||||
|
if [ "$?" = "0" ] && _contains "$response" "errmsg\":\"ok"; then |
||||
|
_info "weixin_work webhooks event fired success." |
||||
|
return 0 |
||||
|
fi |
||||
|
|
||||
|
_err "weixin_work webhooks event fired error." |
||||
|
_err "$response" |
||||
|
return 1 |
||||
|
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue