Browse Source

Merge pull request #1457 from Neilpang/dev

sync
pull/1450/merge
neil 7 years ago
committed by GitHub
parent
commit
f0365d32aa
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 3
      README.md
  2. 8
      acme.sh
  3. 6
      deploy/keychain.sh
  4. 18
      dnsapi/README.md
  5. 53
      dnsapi/dns_dnsimple.sh
  6. 2
      dnsapi/dns_he.sh
  7. 107
      dnsapi/dns_kinghost.sh

3
README.md

@ -315,6 +315,7 @@ You don't have to do anything manually!
1. zonomi.com DNS API 1. zonomi.com DNS API
1. DreamHost.com API 1. DreamHost.com API
1. DirectAdmin API 1. DirectAdmin API
1. KingHost (https://www.kinghost.com.br/)
And: And:
@ -331,6 +332,8 @@ For more details: [How to use DNS API](dnsapi)
# 8. Use DNS manual mode: # 8. Use DNS manual mode:
See: https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode first.
If your dns provider doesn't support any api access, you can add the txt record by your hand. If your dns provider doesn't support any api access, you can add the txt record by your hand.
```bash ```bash

8
acme.sh

@ -1806,6 +1806,7 @@ _send_signed_request() {
MAX_REQUEST_RETRY_TIMES=5 MAX_REQUEST_RETRY_TIMES=5
_request_retry_times=0 _request_retry_times=0
while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do while [ "${_request_retry_times}" -lt "$MAX_REQUEST_RETRY_TIMES" ]; do
_request_retry_times=$(_math "$_request_retry_times" + 1)
_debug3 _request_retry_times "$_request_retry_times" _debug3 _request_retry_times "$_request_retry_times"
if [ -z "$_CACHED_NONCE" ]; then if [ -z "$_CACHED_NONCE" ]; then
_headers="" _headers=""
@ -1836,7 +1837,11 @@ _send_signed_request() {
fi fi
nonce="$_CACHED_NONCE" nonce="$_CACHED_NONCE"
_debug2 nonce "$nonce" _debug2 nonce "$nonce"
if [ -z "$nonce" ]; then
_info "Could not get nonce, let's try again."
_sleep 2
continue
fi
if [ "$ACME_VERSION" = "2" ]; then if [ "$ACME_VERSION" = "2" ]; then
if [ "$url" = "$ACME_NEW_ACCOUNT" ] || [ "$url" = "$ACME_REVOKE_CERT" ]; then if [ "$url" = "$ACME_NEW_ACCOUNT" ] || [ "$url" = "$ACME_REVOKE_CERT" ]; then
protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}' protected="$JWK_HEADERPLACE_PART1$nonce\", \"url\": \"${url}$JWK_HEADERPLACE_PART2, \"jwk\": $jwk"'}'
@ -1894,7 +1899,6 @@ _send_signed_request() {
if _contains "$_body" "JWS has invalid anti-replay nonce"; then if _contains "$_body" "JWS has invalid anti-replay nonce"; then
_info "It seems the CA server is busy now, let's wait and retry." _info "It seems the CA server is busy now, let's wait and retry."
_request_retry_times=$(_math "$_request_retry_times" + 1)
_sleep 5 _sleep 5
continue continue
fi fi

6
deploy/keychain.sh

@ -1,11 +1,5 @@
#!/usr/bin/env sh #!/usr/bin/env sh
#Here is a sample custom api script.
#This file name is "myapi.sh"
#So, here must be a method myapi_deploy()
#Which will be called by acme.sh to deploy the cert
#returns 0 means success, otherwise error.
######## Public functions ##################### ######## Public functions #####################
#domain keyfile certfile cafile fullchain #domain keyfile certfile cafile fullchain

18
dnsapi/README.md

@ -325,6 +325,8 @@ The `CY_Username`, `CY_Password` and `CY_OTP_Secret` will be saved in `~/.acme.s
## 17. Use Domain-Offensive/Resellerinterface/Domainrobot API ## 17. Use Domain-Offensive/Resellerinterface/Domainrobot API
ATTENTION: You need to be a registered Reseller to be able to use the ResellerInterface. As a normal user you can not use this method.
You will need your login credentials (Partner ID+Password) to the Resellerinterface, and export them before you run `acme.sh`: You will need your login credentials (Partner ID+Password) to the Resellerinterface, and export them before you run `acme.sh`:
``` ```
export DO_PID="KD-1234567" export DO_PID="KD-1234567"
@ -525,8 +527,9 @@ For issues, please report to https://github.com/raidenii/acme.sh/issues.
## 28. Use Name.com API ## 28. Use Name.com API
You'll need to fill out the form at https://www.name.com/reseller/apply to apply
for API username and token.
Create your API token here: https://www.name.com/account/settings/api
Note: `Namecom_Username` should be your Name.com username and not the token name. If you accidentally run the script with the token name as the username see `~/.acme.sh/account.conf` to fix the issue
``` ```
export Namecom_Username="testuser" export Namecom_Username="testuser"
@ -784,6 +787,17 @@ acme.sh --issue --dns dns_da -d example.com -d www.example.com
The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
## 42. Use KingHost DNS API
API access must be enabled at https://painel.kinghost.com.br/painel.api.php
```
export KINGHOST_Username="yourusername"
export KINGHOST_Password="yourpassword"
acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com
```
The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
# Use custom API # Use custom API

53
dnsapi/dns_dnsimple.sh

@ -39,34 +39,17 @@ dns_dnsimple_add() {
_get_records "$_account_id" "$_domain" "$_sub_domain" _get_records "$_account_id" "$_domain" "$_sub_domain"
if [ "$_records_count" = "0" ]; then
_info "Adding record"
if _dnsimple_rest POST "$_account_id/zones/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
if printf -- "%s" "$response" | grep "\"name\":\"$_sub_domain\"" >/dev/null; then
_info "Added"
return 0
else
_err "Unexpected response while adding text record."
return 1
fi
fi
_err "Add txt record error."
else
_info "Updating record"
_extract_record_id "$_records" "$_sub_domain"
if _dnsimple_rest \
PATCH \
"$_account_id/zones/$_domain/records/$_record_id" \
"{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
_info "Updated!"
_info "Adding record"
if _dnsimple_rest POST "$_account_id/zones/$_domain/records" "{\"type\":\"TXT\",\"name\":\"$_sub_domain\",\"content\":\"$txtvalue\",\"ttl\":120}"; then
if printf -- "%s" "$response" | grep "\"name\":\"$_sub_domain\"" >/dev/null; then
_info "Added"
return 0 return 0
else
_err "Unexpected response while adding text record."
return 1
fi fi
_err "Update error"
return 1
fi fi
_err "Add txt record error."
} }
# fulldomain # fulldomain
@ -84,19 +67,19 @@ dns_dnsimple_rm() {
fi fi
_get_records "$_account_id" "$_domain" "$_sub_domain" _get_records "$_account_id" "$_domain" "$_sub_domain"
_extract_record_id "$_records" "$_sub_domain"
_extract_record_id "$_records" "$_sub_domain"
if [ "$_record_id" ]; then if [ "$_record_id" ]; then
if _dnsimple_rest DELETE "$_account_id/zones/$_domain/records/$_record_id"; then
_info "removed record" "$_record_id"
return 0
fi
echo "$_record_id" | while read -r item; do
if _dnsimple_rest DELETE "$_account_id/zones/$_domain/records/$item"; then
_info "removed record" "$item"
return 0
else
_err "failed to remove record" "$item"
return 1
fi
done
fi fi
_err "failed to remove record" "$_record_id"
return 1
} }
#################### Private functions bellow ################################## #################### Private functions bellow ##################################

2
dnsapi/dns_he.sh

@ -143,7 +143,7 @@ _find_zone() {
_debug "Looking for zone \"${_attempted_zone}\"" _debug "Looking for zone \"${_attempted_zone}\""
line_num="$(echo "$_zone_names" | grep -n "$_attempted_zone" | cut -d : -f 1)"
line_num="$(echo "$_zone_names" | grep -n "^$_attempted_zone" | cut -d : -f 1)"
if [ "$line_num" ]; then if [ "$line_num" ]; then
_zone_id=$(echo "$_zone_ids" | sed -n "${line_num}p") _zone_id=$(echo "$_zone_ids" | sed -n "${line_num}p")

107
dnsapi/dns_kinghost.sh

@ -0,0 +1,107 @@
#!/usr/bin/env sh
############################################################
# KingHost API support #
# http://api.kinghost.net/doc/ #
# #
# Author: Felipe Keller Braz <felipebraz@kinghost.com.br> #
# Report Bugs here: https://github.com/kinghost/acme.sh #
# #
# Values to export: #
# export KINGHOST_Username="email@provider.com" #
# export KINGHOST_Password="xxxxxxxxxx" #
############################################################
KING_Api="https://api.kinghost.net/acme"
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
# Used to add txt record
dns_kinghost_add() {
fulldomain=$1
txtvalue=$2
KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}"
KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}"
if [ -z "$KINGHOST_Username" ] || [ -z "$KINGHOST_Password" ]; then
KINGHOST_Username=""
KINGHOST_Password=""
_err "You don't specify KingHost api password and email yet."
_err "Please create you key and try again."
return 1
fi
#save the credentials to the account conf file.
_saveaccountconf_mutable KINGHOST_Username "$KINGHOST_Username"
_saveaccountconf_mutable KINGHOST_Password "$KINGHOST_Password"
_debug "Getting txt records"
_kinghost_rest GET "dns" "name=$fulldomain&content=$txtvalue"
#This API call returns "status":"ok" if dns record does not exists
#We are creating a new txt record here, so we expect the "ok" status
if ! echo "$response" | grep '"status":"ok"' >/dev/null; then
_err "Error"
_err "$response"
return 1
fi
_kinghost_rest POST "dns" "name=$fulldomain&content=$txtvalue"
if ! echo "$response" | grep '"status":"ok"' >/dev/null; then
_err "Error"
_err "$response"
return 1
fi
return 0
}
# Usage: fulldomain txtvalue
# Used to remove the txt record after validation
dns_kinghost_rm() {
fulldomain=$1
txtvalue=$2
KINGHOST_Password="${KINGHOST_Password:-$(_readaccountconf_mutable KINGHOST_Password)}"
KINGHOST_Username="${KINGHOST_Username:-$(_readaccountconf_mutable KINGHOST_Username)}"
if [ -z "$KINGHOST_Password" ] || [ -z "$KINGHOST_Username" ]; then
KINGHOST_Password=""
KINGHOST_Username=""
_err "You don't specify KingHost api key and email yet."
_err "Please create you key and try again."
return 1
fi
_kinghost_rest DELETE "dns" "name=$fulldomain&content=$txtvalue"
if ! echo "$response" | grep '"status":"ok"' >/dev/null; then
_err "Error"
_err "$response"
return 1
fi
return 0
}
#################### Private functions below ##################################
_kinghost_rest() {
method=$1
uri="$2"
data="$3"
_debug "$uri"
export _H1="X-Auth-Email: $KINGHOST_Username"
export _H2="X-Auth-Key: $KINGHOST_Password"
if [ "$method" != "GET" ]; then
_debug data "$data"
response="$(_post "$data" "$KING_Api/$uri.json" "" "$method")"
else
response="$(_get "$KING_Api/$uri.json?$data")"
fi
if [ "$?" != "0" ]; then
_err "error $uri"
return 1
fi
_debug2 response "$response"
return 0
}
Loading…
Cancel
Save