From fa98d72f3a87cf438ba16cccccf61fc268c517df Mon Sep 17 00:00:00 2001 From: RaidenII Date: Tue, 27 Jun 2017 09:21:39 -0400 Subject: [PATCH 01/11] Added preliminary support for DuckDNS TXT record API, a free Dynamic DNS provider --- dnsapi/dns_duckdns.sh | 93 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100755 dnsapi/dns_duckdns.sh diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh new file mode 100755 index 00000000..dc0d49ca --- /dev/null +++ b/dnsapi/dns_duckdns.sh @@ -0,0 +1,93 @@ +#!/usr/bin/env sh + +#Created by RaidenII, to use DuckDNS's API to add/remove text records +#06/27/2017 + +# Currently only support single domain access + +# DuckDNS uses StartSSL as their cert provider +# Seems not supported natively on Linux +# So I fall back to HTTP for API +DuckDNS_API="http://www.duckdns.org/update" + +######## Public functions ##################### + +#Usage: dns_duckdns_add _acme-challenge.domain.duckdns.org "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +dns_duckdns_add() { + fulldomain=$1 + txtvalue=$2 + + # We'll extract the domain/username from full domain + IFS='.' read -r -a fqdn <<< "$fulldomain" + DuckDNS_domain="${fqdn[-3]}" + + if [ -z "$DuckDNS_domain" ]; then + _err "Error extracting the domain." + return 1 + fi + + if [ -z "$DuckDNS_token" ]; then + DuckDNS_token="" + _err "The token for your DuckDNS account is necessary." + _err "You can look it up in your DuckDNS account." + return 1 + fi + + # Now save the credentials. + _saveaccountconf DuckDNS_domain "$DuckDNS_domain" + _saveaccountconf DuckDNS_token "$DuckDNS_token" + + # Unfortunately, DuckDNS does not seems to support lookup domain through API + # So I assume your credentials (which are your domain and token) are correct + # If something goes wrong, we will get a KO response from DuckDNS + + # Now add the TXT record to DuckDNS + _info "Trying to add TXT record" + if _duckdns_rest GET "domains=$DuckDNS_domain&token=$DuckDNS_token&txt=$txtvalue" && [ $response == "OK" ]; then + _info "TXT record has been successfully added to your DuckDNS domain." + _info "Note that all subdomains under this domain uses the same TXT record." + return 0 + else + _err "Errors happened during adding the TXT record." + return 1 + fi +} + +#Usage: fulldomain txtvalue +#Remove the txt record after validation. +dns_duckdns_rm() { + fulldomain=$1 + txtvalue=$2 + + # Now remove the TXT record from DuckDNS + _info "Trying to from TXT record" + if _duckdns_rest GET "domains=$DuckDNS_domain&token=$DuckDNS_token&txt=''&clear=true" && [ $response == "OK" ]; then + _info "TXT record has been successfully removed from your DuckDNS domain." + return 0 + else + _err "Errors happened during removing the TXT record." + return 1 + fi +} + +#################### Private functions below ################################## + +#Usage: method URI data +_duckdns_rest() { + method=$1 + param="$2" + _debug param "$param" + url="$DuckDNS_API?$param" + _debug url "$url" + + # DuckDNS uses GET to update domain info + if [ $method == "GET" ]; then + response="$(_get "$url")" + else + _err "Unsupported method" + return 1 + fi + + _debug response "$response" + return 0 +} From e7dff4756ffef5f14b40363cc2a888977b9d9efd Mon Sep 17 00:00:00 2001 From: RaidenII Date: Tue, 27 Jun 2017 15:28:10 -0400 Subject: [PATCH 02/11] Using HTTPS for DuckDNS API and added instruction. --- dnsapi/dns_duckdns.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index dc0d49ca..847b3fc5 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -4,11 +4,10 @@ #06/27/2017 # Currently only support single domain access +# Due to the fact that DuckDNS uses StartSSL as cert provider, --insecure must be used with acme.sh -# DuckDNS uses StartSSL as their cert provider -# Seems not supported natively on Linux -# So I fall back to HTTP for API -DuckDNS_API="http://www.duckdns.org/update" +DuckDNS_API="https://www.duckdns.org/update" +API_Params="domains=$DuckDNS_domain&token=$DuckDNS_token" ######## Public functions ##################### @@ -43,7 +42,7 @@ dns_duckdns_add() { # Now add the TXT record to DuckDNS _info "Trying to add TXT record" - if _duckdns_rest GET "domains=$DuckDNS_domain&token=$DuckDNS_token&txt=$txtvalue" && [ $response == "OK" ]; then + if _duckdns_rest GET "$API_Params&txt=$txtvalue" && [ $response == "OK" ]; then _info "TXT record has been successfully added to your DuckDNS domain." _info "Note that all subdomains under this domain uses the same TXT record." return 0 @@ -60,8 +59,8 @@ dns_duckdns_rm() { txtvalue=$2 # Now remove the TXT record from DuckDNS - _info "Trying to from TXT record" - if _duckdns_rest GET "domains=$DuckDNS_domain&token=$DuckDNS_token&txt=''&clear=true" && [ $response == "OK" ]; then + _info "Trying to remove TXT record" + if _duckdns_rest GET "$API_Params&txt=''&clear=true" && [ $response == "OK" ]; then _info "TXT record has been successfully removed from your DuckDNS domain." return 0 else @@ -72,7 +71,7 @@ dns_duckdns_rm() { #################### Private functions below ################################## -#Usage: method URI data +#Usage: method URI _duckdns_rest() { method=$1 param="$2" From e64ad5176ef6e4865c0d8fd7da83e318e07ef853 Mon Sep 17 00:00:00 2001 From: RaidenII Date: Wed, 28 Jun 2017 16:15:57 -0400 Subject: [PATCH 03/11] Added Name.com API support. Minor change to DuckDNS API support. --- dnsapi/dns_duckdns.sh | 2 +- dnsapi/dns_namecom.sh | 188 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 189 insertions(+), 1 deletion(-) create mode 100755 dnsapi/dns_namecom.sh diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index 847b3fc5..f86d516e 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -60,7 +60,7 @@ dns_duckdns_rm() { # Now remove the TXT record from DuckDNS _info "Trying to remove TXT record" - if _duckdns_rest GET "$API_Params&txt=''&clear=true" && [ $response == "OK" ]; then + if _duckdns_rest GET "$API_Params&txt=&clear=true" && [ $response == "OK" ]; then _info "TXT record has been successfully removed from your DuckDNS domain." return 0 else diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh new file mode 100755 index 00000000..7a84685f --- /dev/null +++ b/dnsapi/dns_namecom.sh @@ -0,0 +1,188 @@ +#!/usr/bin/env sh + +#Author: RaidneII +#Created 06/28/2017 +#Utilize name.com API to finish dns-01 verifications. +######## Public functions ##################### + +namecom_api="https://api.name.com/api/" + +#Usage: dns_namecom_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +dns_namecom_add() { + fulldomain=$1 + txtvalue=$2 + + # First we need name.com credentials. + if [ -z "$namecom_username" ]; then + namecom_username="" + _err "Username for name.com is missing." + _err "Please specify that in your environment variable." + return 1 + fi + + if [ -z "$namecom_token" ]; then + namecom_token="" + _err "API token for name.com is missing." + _err "Please specify that in your environment variable." + return 1 + fi + + # Save them in configuration. + _saveaccountconf namecom_username "$namecom_username" + _saveaccountconf namecom_token "$namecom_token" + + # Login in using API + _namecom_login + + # Find domain in domain list. + if ! _namecom_get_root "$fulldomain"; then + _err "Unable to find domain specified." + _namecom_logout + return 1 + fi + + # Add TXT record. + _namecom_addtxt_json="{\"hostname\":\"$_sub_domain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"ttl\":\"300\",\"priority\":\"10\"}" + if _namecom_rest POST "dns/create/$_domain" "$_namecom_addtxt_json"; then + retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") + _debug retcode "$retcode" + if [ ! -z "$retcode" ]; then + _info "Successfully added TXT record, ready for validation." + _namecom_logout + return 0 + else + _err "Unable to add the DNS record." + _namecom_logout + return 1 + fi + fi +} + +#Usage: fulldomain txtvalue +#Remove the txt record after validation. +dns_namecom_rm() { + fulldomain=$1 + txtvalue=$2 + + _namecom_login + + # Find domain in domain list. + if ! _namecom_get_root "$fulldomain"; then + _err "Unable to find domain specified." + _namecom_logout + return 1 + fi + + # Get the record id. + if _namecom_rest GET "dns/list/$_domain"; then + retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") + _debug retcode "$retcode" + if [ ! -z "$retcode" ]; then + _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d : -f 2 | cut -d \" -f 2) + _debug record_id "$_record_id" + _info "Successfully retrieved the record id for ACME challenge." + else + _err "Unable to retrieve the record id." + _namecom_logout + return 1 + fi + fi + + # Remove the DNS record using record id. + _namecom_rmtxt_json="{\"record_id\":\"$_record_id\"}" + if _namecom_rest POST "dns/delete/$_domain" "$_namecom_rmtxt_json"; then + retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") + _debug retcode "$retcode" + if [ ! -z "$retcode" ]; then + _info "Successfully removed the TXT record." + _namecom_logout + return 0 + else + _err "Unable to remove the DNS record." + _namecom_logout + return 1 + fi + fi +} + +#################### Private functions below ################################## +_namecom_rest() { + method=$1 + param=$2 + data=$3 + + export _H1="Content-Type: application/json" + export _H2="Api-Session-Token: $sessionkey" + if [ "$method" != "GET" ]; then + response="$(_post "$data" "$namecom_api/$param" "" "$method")" + else + response="$(_get "$namecom_api/$param")" + fi + + if [ "$?" != "0" ]; then + _err "error $param" + return 1 + fi + + _debug response "$response" + return 0 +} + +_namecom_login() { + namecom_login_json="{\"username\":\"$namecom_username\",\"api_token\":\"$namecom_token\"}" + + if _namecom_rest POST "login" "$namecom_login_json"; then + retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") + _debug retcode "$retcode" + if [ ! -z "$retcode" ]; then + _info "Successfully logged in. Fetching session token..." + sessionkey=$(printf "%s\n" "$response" | _egrep_o "\"session_token\":\".+" | cut -d \" -f 4) + if [ ! -z "$sessionkey" ]; then + _debug sessionkey "$sessionkey" + _info "Session key obtained." + else + _err "Unable to get session key." + return 1 + fi + else + _err "Logging in failed." + return 1 + fi + fi +} + +_namecom_logout() { + if _namecom_rest GET "logout"; then + retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") + if [ ! -z "$retcode" ]; then + _info "Successfully logged out." + else + _err "Error logging out." + return 1 + fi + fi +} + +_namecom_get_root() { + domain=$1 + i=2 + p=1 + + if _namecom_rest GET "domain/list"; then + while true; do + host=$(printf "%s" "$domain" | cut -d . -f $i-100) + if [ -z "$host" ]; then + return 1 + fi + + if _contains "$response" "$host"; then + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain="$host" + return 0 + fi + p=$i + i=$(_math "$i" + 1) + done + fi + return 1 +} From 168d712decb687c4ac665b02df716a7de9c99b6e Mon Sep 17 00:00:00 2001 From: RaidenII Date: Thu, 29 Jun 2017 09:43:11 -0400 Subject: [PATCH 04/11] Fixed URL of Name.com API and removed useless debug for retcode. --- dnsapi/dns_namecom.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh index 7a84685f..158a11b0 100755 --- a/dnsapi/dns_namecom.sh +++ b/dnsapi/dns_namecom.sh @@ -5,7 +5,7 @@ #Utilize name.com API to finish dns-01 verifications. ######## Public functions ##################### -namecom_api="https://api.name.com/api/" +namecom_api="https://api.name.com/api" #Usage: dns_namecom_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" dns_namecom_add() { @@ -45,7 +45,6 @@ dns_namecom_add() { _namecom_addtxt_json="{\"hostname\":\"$_sub_domain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"ttl\":\"300\",\"priority\":\"10\"}" if _namecom_rest POST "dns/create/$_domain" "$_namecom_addtxt_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - _debug retcode "$retcode" if [ ! -z "$retcode" ]; then _info "Successfully added TXT record, ready for validation." _namecom_logout @@ -76,7 +75,6 @@ dns_namecom_rm() { # Get the record id. if _namecom_rest GET "dns/list/$_domain"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - _debug retcode "$retcode" if [ ! -z "$retcode" ]; then _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d : -f 2 | cut -d \" -f 2) _debug record_id "$_record_id" @@ -92,7 +90,6 @@ dns_namecom_rm() { _namecom_rmtxt_json="{\"record_id\":\"$_record_id\"}" if _namecom_rest POST "dns/delete/$_domain" "$_namecom_rmtxt_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - _debug retcode "$retcode" if [ ! -z "$retcode" ]; then _info "Successfully removed the TXT record." _namecom_logout @@ -133,7 +130,6 @@ _namecom_login() { if _namecom_rest POST "login" "$namecom_login_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - _debug retcode "$retcode" if [ ! -z "$retcode" ]; then _info "Successfully logged in. Fetching session token..." sessionkey=$(printf "%s\n" "$response" | _egrep_o "\"session_token\":\".+" | cut -d \" -f 4) From eeda3062e1c2a79d65e01db192582586e11fb517 Mon Sep 17 00:00:00 2001 From: RaidenII Date: Thu, 29 Jun 2017 15:40:29 -0400 Subject: [PATCH 05/11] Fix against POSIX standard. --- dnsapi/dns_duckdns.sh | 9 ++-- dnsapi/dns_namecom.sh | 104 +++++++++++++++++++++--------------------- 2 files changed, 56 insertions(+), 57 deletions(-) diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index f86d516e..a34c8d36 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -17,8 +17,7 @@ dns_duckdns_add() { txtvalue=$2 # We'll extract the domain/username from full domain - IFS='.' read -r -a fqdn <<< "$fulldomain" - DuckDNS_domain="${fqdn[-3]}" + DuckDNS_domain=$(printf "%s\n" "$fulldomain" | rev | cut -d \. -f 3 | rev) if [ -z "$DuckDNS_domain" ]; then _err "Error extracting the domain." @@ -42,7 +41,7 @@ dns_duckdns_add() { # Now add the TXT record to DuckDNS _info "Trying to add TXT record" - if _duckdns_rest GET "$API_Params&txt=$txtvalue" && [ $response == "OK" ]; then + if _duckdns_rest GET "$API_Params&txt=$txtvalue" && [ "$response" -eq "OK" ]; then _info "TXT record has been successfully added to your DuckDNS domain." _info "Note that all subdomains under this domain uses the same TXT record." return 0 @@ -60,7 +59,7 @@ dns_duckdns_rm() { # Now remove the TXT record from DuckDNS _info "Trying to remove TXT record" - if _duckdns_rest GET "$API_Params&txt=&clear=true" && [ $response == "OK" ]; then + if _duckdns_rest GET "$API_Params&txt=&clear=true" && [ "$response" -eq "OK" ]; then _info "TXT record has been successfully removed from your DuckDNS domain." return 0 else @@ -80,7 +79,7 @@ _duckdns_rest() { _debug url "$url" # DuckDNS uses GET to update domain info - if [ $method == "GET" ]; then + if [ "$method" -eq "GET" ]; then response="$(_get "$url")" else _err "Unsupported method" diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh index 158a11b0..9a6e81f9 100755 --- a/dnsapi/dns_namecom.sh +++ b/dnsapi/dns_namecom.sh @@ -45,15 +45,15 @@ dns_namecom_add() { _namecom_addtxt_json="{\"hostname\":\"$_sub_domain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"ttl\":\"300\",\"priority\":\"10\"}" if _namecom_rest POST "dns/create/$_domain" "$_namecom_addtxt_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then - _info "Successfully added TXT record, ready for validation." - _namecom_logout - return 0 - else - _err "Unable to add the DNS record." - _namecom_logout - return 1 - fi + if [ ! -z "$retcode" ]; then + _info "Successfully added TXT record, ready for validation." + _namecom_logout + return 0 + else + _err "Unable to add the DNS record." + _namecom_logout + return 1 + fi fi } @@ -75,30 +75,30 @@ dns_namecom_rm() { # Get the record id. if _namecom_rest GET "dns/list/$_domain"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then - _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d : -f 2 | cut -d \" -f 2) - _debug record_id "$_record_id" - _info "Successfully retrieved the record id for ACME challenge." - else - _err "Unable to retrieve the record id." - _namecom_logout - return 1 - fi + if [ ! -z "$retcode" ]; then + _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d : -f 2 | cut -d \" -f 2) + _debug record_id "$_record_id" + _info "Successfully retrieved the record id for ACME challenge." + else + _err "Unable to retrieve the record id." + _namecom_logout + return 1 + fi fi # Remove the DNS record using record id. _namecom_rmtxt_json="{\"record_id\":\"$_record_id\"}" if _namecom_rest POST "dns/delete/$_domain" "$_namecom_rmtxt_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then - _info "Successfully removed the TXT record." - _namecom_logout - return 0 - else - _err "Unable to remove the DNS record." - _namecom_logout - return 1 - fi + if [ ! -z "$retcode" ]; then + _info "Successfully removed the TXT record." + _namecom_logout + return 0 + else + _err "Unable to remove the DNS record." + _namecom_logout + return 1 + fi fi } @@ -130,32 +130,32 @@ _namecom_login() { if _namecom_rest POST "login" "$namecom_login_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then - _info "Successfully logged in. Fetching session token..." - sessionkey=$(printf "%s\n" "$response" | _egrep_o "\"session_token\":\".+" | cut -d \" -f 4) - if [ ! -z "$sessionkey" ]; then - _debug sessionkey "$sessionkey" - _info "Session key obtained." - else - _err "Unable to get session key." - return 1 - fi + if [ ! -z "$retcode" ]; then + _info "Successfully logged in. Fetching session token..." + sessionkey=$(printf "%s\n" "$response" | _egrep_o "\"session_token\":\".+" | cut -d \" -f 4) + if [ ! -z "$sessionkey" ]; then + _debug sessionkey "$sessionkey" + _info "Session key obtained." else - _err "Logging in failed." + _err "Unable to get session key." return 1 fi - fi + else + _err "Logging in failed." + return 1 + fi + fi } _namecom_logout() { if _namecom_rest GET "logout"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then - _info "Successfully logged out." - else - _err "Error logging out." - return 1 - fi + if [ ! -z "$retcode" ]; then + _info "Successfully logged out." + else + _err "Error logging out." + return 1 + fi fi } @@ -171,13 +171,13 @@ _namecom_get_root() { return 1 fi - if _contains "$response" "$host"; then - _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) - _domain="$host" - return 0 - fi - p=$i - i=$(_math "$i" + 1) + if _contains "$response" "$host"; then + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain="$host" + return 0 + fi + p=$i + i=$(_math "$i" + 1) done fi return 1 From d0f5aece5f5c1708668faed8e2a7fe5671eceea8 Mon Sep 17 00:00:00 2001 From: RaidenII Date: Thu, 29 Jun 2017 15:43:58 -0400 Subject: [PATCH 06/11] Fix SC2170. --- dnsapi/dns_duckdns.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index a34c8d36..b1937cb8 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -41,7 +41,7 @@ dns_duckdns_add() { # Now add the TXT record to DuckDNS _info "Trying to add TXT record" - if _duckdns_rest GET "$API_Params&txt=$txtvalue" && [ "$response" -eq "OK" ]; then + if _duckdns_rest GET "$API_Params&txt=$txtvalue" && [ "$response" = "OK" ]; then _info "TXT record has been successfully added to your DuckDNS domain." _info "Note that all subdomains under this domain uses the same TXT record." return 0 @@ -59,7 +59,7 @@ dns_duckdns_rm() { # Now remove the TXT record from DuckDNS _info "Trying to remove TXT record" - if _duckdns_rest GET "$API_Params&txt=&clear=true" && [ "$response" -eq "OK" ]; then + if _duckdns_rest GET "$API_Params&txt=&clear=true" && [ "$response" = "OK" ]; then _info "TXT record has been successfully removed from your DuckDNS domain." return 0 else @@ -79,7 +79,7 @@ _duckdns_rest() { _debug url "$url" # DuckDNS uses GET to update domain info - if [ "$method" -eq "GET" ]; then + if [ "$method" = "GET" ]; then response="$(_get "$url")" else _err "Unsupported method" From 17fbfd14db2b71af580afb59cc515f09299ca37e Mon Sep 17 00:00:00 2001 From: RaidenII Date: Fri, 30 Jun 2017 08:32:39 -0400 Subject: [PATCH 07/11] Minor fixes. --- dnsapi/dns_duckdns.sh | 2 +- dnsapi/dns_namecom.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index b1937cb8..cacf5a8c 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -17,7 +17,7 @@ dns_duckdns_add() { txtvalue=$2 # We'll extract the domain/username from full domain - DuckDNS_domain=$(printf "%s\n" "$fulldomain" | rev | cut -d \. -f 3 | rev) + DuckDNS_domain=$(printf "%s\n" "$fulldomain" | rev | cut -d . -f 3 | rev) if [ -z "$DuckDNS_domain" ]; then _err "Error extracting the domain." diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh index 9a6e81f9..2c5a5df4 100755 --- a/dnsapi/dns_namecom.sh +++ b/dnsapi/dns_namecom.sh @@ -76,7 +76,7 @@ dns_namecom_rm() { if _namecom_rest GET "dns/list/$_domain"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") if [ ! -z "$retcode" ]; then - _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d : -f 2 | cut -d \" -f 2) + _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d \" -f 4) _debug record_id "$_record_id" _info "Successfully retrieved the record id for ACME challenge." else From 63c6ed3fd06263a5ad8ebb2788807bda13237f42 Mon Sep 17 00:00:00 2001 From: RaidenII Date: Sat, 1 Jul 2017 05:14:52 -0700 Subject: [PATCH 08/11] Fixes to follow coding standards. --- dnsapi/dns_duckdns.sh | 16 ++++++++-------- dnsapi/dns_namecom.sh | 32 ++++++++++++++++---------------- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index cacf5a8c..95df4c21 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -7,7 +7,7 @@ # Due to the fact that DuckDNS uses StartSSL as cert provider, --insecure must be used with acme.sh DuckDNS_API="https://www.duckdns.org/update" -API_Params="domains=$DuckDNS_domain&token=$DuckDNS_token" +API_Params="domains=$DuckDNS_Domain&token=$DuckDNS_Token" ######## Public functions ##################### @@ -17,23 +17,23 @@ dns_duckdns_add() { txtvalue=$2 # We'll extract the domain/username from full domain - DuckDNS_domain=$(printf "%s\n" "$fulldomain" | rev | cut -d . -f 3 | rev) + DuckDNS_Domain=$(echo $fulldomain | _lower_case | _egrep_o '.[^.]*.duckdns.org' | cut -d . -f 2) - if [ -z "$DuckDNS_domain" ]; then + if [ -z "$DuckDNS_Domain" ]; then _err "Error extracting the domain." return 1 fi - if [ -z "$DuckDNS_token" ]; then - DuckDNS_token="" + if [ -z "$DuckDNS_Token" ]; then + DuckDNS_Token="" _err "The token for your DuckDNS account is necessary." _err "You can look it up in your DuckDNS account." return 1 fi # Now save the credentials. - _saveaccountconf DuckDNS_domain "$DuckDNS_domain" - _saveaccountconf DuckDNS_token "$DuckDNS_token" + _saveaccountconf DuckDNS_Domain "$DuckDNS_Domain" + _saveaccountconf DuckDNS_Token "$DuckDNS_Token" # Unfortunately, DuckDNS does not seems to support lookup domain through API # So I assume your credentials (which are your domain and token) are correct @@ -86,6 +86,6 @@ _duckdns_rest() { return 1 fi - _debug response "$response" + _debug2 response "$response" return 0 } diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh index 2c5a5df4..15eae6c2 100755 --- a/dnsapi/dns_namecom.sh +++ b/dnsapi/dns_namecom.sh @@ -5,7 +5,7 @@ #Utilize name.com API to finish dns-01 verifications. ######## Public functions ##################### -namecom_api="https://api.name.com/api" +Namecom_API="https://api.name.com/api" #Usage: dns_namecom_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" dns_namecom_add() { @@ -13,23 +13,23 @@ dns_namecom_add() { txtvalue=$2 # First we need name.com credentials. - if [ -z "$namecom_username" ]; then - namecom_username="" + if [ -z "$Namecom_Username" ]; then + Namecom_Username="" _err "Username for name.com is missing." _err "Please specify that in your environment variable." return 1 fi - if [ -z "$namecom_token" ]; then - namecom_token="" + if [ -z "$Namecom_Token" ]; then + Namecom_Token="" _err "API token for name.com is missing." _err "Please specify that in your environment variable." return 1 fi # Save them in configuration. - _saveaccountconf namecom_username "$namecom_username" - _saveaccountconf namecom_token "$namecom_token" + _saveaccountconf Namecom_Username "$Namecom_Username" + _saveaccountconf Namecom_Token "$Namecom_Token" # Login in using API _namecom_login @@ -45,7 +45,7 @@ dns_namecom_add() { _namecom_addtxt_json="{\"hostname\":\"$_sub_domain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"ttl\":\"300\",\"priority\":\"10\"}" if _namecom_rest POST "dns/create/$_domain" "$_namecom_addtxt_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then + if [ "$retcode" ]; then _info "Successfully added TXT record, ready for validation." _namecom_logout return 0 @@ -75,7 +75,7 @@ dns_namecom_rm() { # Get the record id. if _namecom_rest GET "dns/list/$_domain"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then + if [ "$retcode" ]; then _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[0-9]+\",\"name\":\"$fulldomain\",\"type\":\"TXT\"" | cut -d \" -f 4) _debug record_id "$_record_id" _info "Successfully retrieved the record id for ACME challenge." @@ -90,7 +90,7 @@ dns_namecom_rm() { _namecom_rmtxt_json="{\"record_id\":\"$_record_id\"}" if _namecom_rest POST "dns/delete/$_domain" "$_namecom_rmtxt_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then + if [ "$retcode" ]; then _info "Successfully removed the TXT record." _namecom_logout return 0 @@ -111,9 +111,9 @@ _namecom_rest() { export _H1="Content-Type: application/json" export _H2="Api-Session-Token: $sessionkey" if [ "$method" != "GET" ]; then - response="$(_post "$data" "$namecom_api/$param" "" "$method")" + response="$(_post "$data" "$Namecom_API/$param" "" "$method")" else - response="$(_get "$namecom_api/$param")" + response="$(_get "$Namecom_API/$param")" fi if [ "$?" != "0" ]; then @@ -121,16 +121,16 @@ _namecom_rest() { return 1 fi - _debug response "$response" + _debug2 response "$response" return 0 } _namecom_login() { - namecom_login_json="{\"username\":\"$namecom_username\",\"api_token\":\"$namecom_token\"}" + namecom_login_json="{\"username\":\"$Namecom_Username\",\"api_token\":\"$Namecom_Token\"}" if _namecom_rest POST "login" "$namecom_login_json"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then + if [ "$retcode" ]; then _info "Successfully logged in. Fetching session token..." sessionkey=$(printf "%s\n" "$response" | _egrep_o "\"session_token\":\".+" | cut -d \" -f 4) if [ ! -z "$sessionkey" ]; then @@ -150,7 +150,7 @@ _namecom_login() { _namecom_logout() { if _namecom_rest GET "logout"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"code\":100") - if [ ! -z "$retcode" ]; then + if [ "$retcode" ]; then _info "Successfully logged out." else _err "Error logging out." From 9aed1e2d17331e4c2eeb8ed9f48aa132bdbf07ae Mon Sep 17 00:00:00 2001 From: RaidenII Date: Sat, 1 Jul 2017 05:18:12 -0700 Subject: [PATCH 09/11] Argh. Double quotes. --- dnsapi/dns_duckdns.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_duckdns.sh b/dnsapi/dns_duckdns.sh index 95df4c21..d6987352 100755 --- a/dnsapi/dns_duckdns.sh +++ b/dnsapi/dns_duckdns.sh @@ -17,7 +17,7 @@ dns_duckdns_add() { txtvalue=$2 # We'll extract the domain/username from full domain - DuckDNS_Domain=$(echo $fulldomain | _lower_case | _egrep_o '.[^.]*.duckdns.org' | cut -d . -f 2) + DuckDNS_Domain=$(echo "$fulldomain" | _lower_case | _egrep_o '.[^.]*.duckdns.org' | cut -d . -f 2) if [ -z "$DuckDNS_Domain" ]; then _err "Error extracting the domain." From 2e602ef6b078543c79b9c86a179ed039bad30ce6 Mon Sep 17 00:00:00 2001 From: RaidenII Date: Sun, 2 Jul 2017 04:45:07 -0700 Subject: [PATCH 10/11] Added ret value verification. --- dnsapi/dns_namecom.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh index 15eae6c2..146db4f6 100755 --- a/dnsapi/dns_namecom.sh +++ b/dnsapi/dns_namecom.sh @@ -32,7 +32,9 @@ dns_namecom_add() { _saveaccountconf Namecom_Token "$Namecom_Token" # Login in using API - _namecom_login + if ! _namecom_login; then + return 1 + fi # Find domain in domain list. if ! _namecom_get_root "$fulldomain"; then @@ -63,7 +65,9 @@ dns_namecom_rm() { fulldomain=$1 txtvalue=$2 - _namecom_login + if ! _namecom_login; then + return 1 + fi # Find domain in domain list. if ! _namecom_get_root "$fulldomain"; then From 1a504118e56dd73ae1fe7b2fb16b58fd76e68765 Mon Sep 17 00:00:00 2001 From: RaidenII Date: Sun, 2 Jul 2017 04:55:06 -0700 Subject: [PATCH 11/11] Updated DNS API support list. --- README.md | 3 ++- dnsapi/README.md | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5b6b03ae..7780b9ab 100644 --- a/README.md +++ b/README.md @@ -334,7 +334,8 @@ You don't have to do anything manually! 1. Dynu API (https://www.dynu.com) 1. DNSimple API 1. NS1.com API - +1. DuckDNS.org API +1. Name.com API And: diff --git a/dnsapi/README.md b/dnsapi/README.md index 5dca829a..7584b31e 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -505,6 +505,37 @@ Ok, let's issue a cert now: acme.sh --issue --dns dns_nsone -d example.com -d www.example.com ``` +## 27. Use DuckDNS.org API + +``` +export DuckDNS_Token="aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" +``` + +Please note that since DuckDNS uses StartSSL as their cert provider, thus +--insecure must be used when issuing certs: +``` +acme.sh --insecure --issue --dns dns_duckdns -d mydomain.duckdns.org +``` + +Also, DuckDNS uses the domain name as username for recording changing, so the +account file will always store the lastly used domain name. + +For issues, please report to https://github.com/raidenii/acme.sh/issues. + +## 28. Use Name.com API + +``` +export Namecom_Username="testuser" +export Namecom_Token="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" +``` + +And now you can issue certs with: +``` +acme.sh --issue --dns dns_namecom -d example.com -d www.example.com +``` + +For issues, please report to https://github.com/raidenii/acme.sh/issues. + # Use custom API If your API is not supported yet, you can write your own DNS API.