Mirror
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4987 Commits
8 Branches
42 Tags
22 MiB
 
Tree: 019291fcdc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '019291fcdc'
${ noResults }
acme.sh/dnsapi/dns_he_dyntxt.sh

86 lines
2.6 KiB
Raw Blame History

#!/usr/bin/env sh
########################################################################
# Hurricane Electric hook script for acme.sh (dynamic TXT API)
#
# These are the pros and cons of dns_he_dyntxt, compared to dns_he:
# Pros:
# - No need to store a dns.he.net account password on your server
# - Uses a very simple write-only API
# Cons:
# - You must manually create placeholder _acme-challenge TXT records,
# and generate/copy the same DDNS key across all records.
# - This script WILL FAIL to issue both a domain and its wildcard, because
# '-d example.com -d *.example.com' requires multiple TXT records.
# Switch to 'dns_he' if you need this feature.
#
# Environment variable:
# HE_DynTXT_Key - DDNS key for all _acme-challenge TXT records
########################################################################
# Cheat sheet for passing the DNS.yml API test:
# - Set TEST_DNS_NO_WILDCARD=1
# - Create placeholder TXT records for the following domain names:
# - _acme-challenge.$TestingDomain
# - acmetestXyzRandomName.$TestingDomain
HE_DynTXT_Api="https://dyn.dns.he.net/nic/update"
######## Public functions #####################
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_he_dyntxt_add() {
fulldomain=$1
txtvalue=$2
HE_DynTXT_Key="${HE_DynTXT_Key:-$(_readaccountconf_mutable HE_DynTXT_Key)}"
if [ -z "$HE_DynTXT_Key" ]; then
HE_DynTXT_Key=""
_err "Missing HE_DynTXT_Key. See dnsapi/dns_he_dyntxt.sh for instructions."
return 1
fi
#save the DDNS key to the account conf file.
_saveaccountconf_mutable HE_DynTXT_Key "$HE_DynTXT_Key"
_info "Updating record $fulldomain"
_he_dyntxt_post "$fulldomain" "$txtvalue"
return "$?"
}
dns_he_dyntxt_rm() {
fulldomain=$1
txtvalue='""' # The record is just cleared, not removed.
HE_DynTXT_Key="${HE_DynTXT_Key:-$(_readaccountconf_mutable HE_DynTXT_Key)}"
_info "Clearing record $fulldomain"
_he_dyntxt_post "$fulldomain" "$txtvalue"
return "$?"
}
##################### Private functions below ##################################
_he_dyntxt_post() {
hostname=$1
txt=$2
response="$(_post "hostname=$hostname&password=$HE_DynTXT_Key&txt=$txt" "$HE_DynTXT_Api")"
if [ "$?" != "0" ]; then
_err "POST failed"
return 1
fi
_debug2 response "$response"
if _contains "$response" "good" || _contains "$response" "nochg"; then
_info "Updated, OK"
return 0
elif _contains "$response" "badauth"; then
_err "'$hostname' missing placeholder TXT record, or DDNS key incorrect"
return 1
else
_err "Unknown POST response: $response"
return 1
fi
}