add API for Gandi LiveDNS (#680)

* add API for Gandi LiveDNS * ensure Gandi API key is saved for renewing certificate. * gandi_livedns: use PUT instead of POST for creating DNS record * gandi_livedns: fix formatting * dns_gandi_livedns: fix shellcheck errors
8 years ago · fab2d9dc6a
3 changed files with 133 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -294,6 +294,7 @@ You don't have to do anything manually!
 1. FreeDNS (https://freedns.afraid.org/)
 1. cyon.ch
 1. Domain-Offensive/Resellerinterface/Domainrobot API
 1. Gandi LiveDNS API
 **More APIs coming soon...**
--- a/dnsapi/README.md
+++ b/dnsapi/README.md
@ -336,6 +336,18 @@ Ok, let's issue a cert now:
 acme.sh --issue --dns dns_do -d example.com -d www.example.com
 ```
 ## 18. Use Gandi LiveDNS API
 You will need your Gandi API key (on your Account preferences, go to Security and generate your API key) and export it before you run `acme.sh`:
 ```
 export GANDI_LIVEDNS_KEY="fdmlfsdklmfdkmqsdfk"
 ```
 Ok, let's issue a cert now:
 ```
 acme.sh --issue --dns dns_gandi_livedns -d example.com -d www.example.com
 ```
 # Use custom API
 If your API is not supported yet, you can write your own DNS API.
--- a/dnsapi/dns_gandi_livedns.sh
+++ b/dnsapi/dns_gandi_livedns.sh
@ -0,0 +1,120 @@
 #!/usr/bin/env sh
 # Gandi LiveDNS v5 API
 # http://doc.livedns.gandi.net/
 # currently under beta
 #
 # Requires GANDI API KEY set in GANDI_LIVEDNS_KEY set as environment variable
 #
 #Author: Frédéric Crozat <fcrozat@suse.com>
 #Report Bugs here: https://github.com/fcrozat/acme.sh
 #
 ########  Public functions #####################
 GANDI_LIVEDNS_API="https://dns.beta.gandi.net/api/v5"
 #Usage: dns_gandi_livedns_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
 dns_gandi_livedns_add() {
  fulldomain=$1
  txtvalue=$2
  if [ -z "$GANDI_LIVEDNS_KEY" ]; then
    _err "No API key specifed for Gandi LiveDNS."
    _err "Create your key and export it as GANDI_LIVEDNS_KEY"
    return 1
  fi
  _saveaccountconf GANDI_LIVEDNS_KEY "$GANDI_LIVEDNS_KEY"
  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi
  _debug fulldomain "$fulldomain"
  _debug txtvalue "$txtvalue"
  _debug domain "$_domain"
  _debug sub_domain "$_sub_domain"
  _gandi_livedns_rest PUT "domains/$_domain/records/$_sub_domain/TXT" "{\"rrset_ttl\": 300, \"rrset_values\":[\"$txtvalue\"]}"
  return $?
 }
 #Usage: fulldomain txtvalue
 #Remove the txt record after validation.
 dns_gandi_livedns_rm() {
  fulldomain=$1
  txtvalue=$2
  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi
  _debug fulldomain "$fulldomain"
  _debug domain "$_domain"
  _debug sub_domain "$_sub_domain"
  _gandi_livedns_rest DELETE "domains/$_domain/records/$_sub_domain/TXT" ""
  return $?
 }
 ####################  Private functions below ##################################
 #_acme-challenge.www.domain.com
 #returns
 # _sub_domain=_acme-challenge.www
 # _domain=domain.com
 _get_root() {
  domain=$1
  i=2
  p=1
  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
    if [ -z "$h" ]; then
      #not valid
      return 1
    fi
    if ! _gandi_livedns_rest GET "domains/$h"; then
      return 1
    fi
    if _contains "$response" '"code": 404'; then
      _debug "$h not found"
    else
      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
      _domain="$h"
      return 0
    fi
    p="$i"
    i=$(_math "$i" + 1)
  done
  return 1
 }
 _gandi_livedns_rest() {
  m=$1
  ep="$2"
  data="$3"
  _debug "$ep"
  export _H1="Content-Type: application/json"
  export _H2="X-Api-Key: $GANDI_LIVEDNS_KEY"
  if [ "$data" ] || [ "$m" = "DELETE" ]; then
    _debug data "$data"
    response="$(_post "$data" "$GANDI_LIVEDNS_API/$ep" "" "$m")"
  else
    response="$(_get "$GANDI_LIVEDNS_API/$ep")"
  fi
  if [ "$?" != "0" ]; then
    _err "error $ep"
    return 1
  fi
  _debug2 response "$response"
  return 0
 }