mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-22 13:11:41 +00:00
commit
44615c6fa2
20
acme.sh
20
acme.sh
@ -1722,6 +1722,14 @@ _mktemp() {
|
|||||||
_err "Can not create temp file."
|
_err "Can not create temp file."
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#clear all the https envs to cause _inithttp() to run next time.
|
||||||
|
_resethttp() {
|
||||||
|
__HTTP_INITIALIZED=""
|
||||||
|
_ACME_CURL=""
|
||||||
|
_ACME_WGET=""
|
||||||
|
ACME_HTTP_NO_REDIRECTS=""
|
||||||
|
}
|
||||||
|
|
||||||
_inithttp() {
|
_inithttp() {
|
||||||
|
|
||||||
if [ -z "$HTTP_HEADER" ] || ! touch "$HTTP_HEADER"; then
|
if [ -z "$HTTP_HEADER" ] || ! touch "$HTTP_HEADER"; then
|
||||||
@ -1737,7 +1745,10 @@ _inithttp() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "$_ACME_CURL" ] && _exists "curl"; then
|
if [ -z "$_ACME_CURL" ] && _exists "curl"; then
|
||||||
_ACME_CURL="curl -L --silent --dump-header $HTTP_HEADER "
|
_ACME_CURL="curl --silent --dump-header $HTTP_HEADER "
|
||||||
|
if [ -z "$ACME_HTTP_NO_REDIRECTS" ]; then
|
||||||
|
_ACME_CURL="$_ACME_CURL -L "
|
||||||
|
fi
|
||||||
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
||||||
_CURL_DUMP="$(_mktemp)"
|
_CURL_DUMP="$(_mktemp)"
|
||||||
_ACME_CURL="$_ACME_CURL --trace-ascii $_CURL_DUMP "
|
_ACME_CURL="$_ACME_CURL --trace-ascii $_CURL_DUMP "
|
||||||
@ -1756,6 +1767,9 @@ _inithttp() {
|
|||||||
|
|
||||||
if [ -z "$_ACME_WGET" ] && _exists "wget"; then
|
if [ -z "$_ACME_WGET" ] && _exists "wget"; then
|
||||||
_ACME_WGET="wget -q"
|
_ACME_WGET="wget -q"
|
||||||
|
if [ "$ACME_HTTP_NO_REDIRECTS" ]; then
|
||||||
|
_ACME_WGET="$_ACME_WGET --max-redirect 0 "
|
||||||
|
fi
|
||||||
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
if [ "$DEBUG" ] && [ "$DEBUG" -ge "2" ]; then
|
||||||
_ACME_WGET="$_ACME_WGET -d "
|
_ACME_WGET="$_ACME_WGET -d "
|
||||||
fi
|
fi
|
||||||
@ -6649,8 +6663,8 @@ _checkSudo() {
|
|||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
if [ -n "$SUDO_COMMAND" ]; then
|
if [ -n "$SUDO_COMMAND" ]; then
|
||||||
#it's a normal user doing "sudo su", or `sudo -i` or `sudo -s`
|
#it's a normal user doing "sudo su", or `sudo -i` or `sudo -s`, or `sudo su acmeuser1`
|
||||||
_endswith "$SUDO_COMMAND" /bin/su || grep "^$SUDO_COMMAND\$" /etc/shells >/dev/null 2>&1
|
_endswith "$SUDO_COMMAND" /bin/su || _contains "$SUDO_COMMAND" "/bin/su " || grep "^$SUDO_COMMAND\$" /etc/shells >/dev/null 2>&1
|
||||||
return $?
|
return $?
|
||||||
fi
|
fi
|
||||||
#otherwise
|
#otherwise
|
||||||
|
70
deploy/cleverreach.sh
Normal file
70
deploy/cleverreach.sh
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
# Here is the script to deploy the cert to your CleverReach Account using the CleverReach REST API.
|
||||||
|
# Your OAuth needs the right scope, please contact CleverReach support for that.
|
||||||
|
#
|
||||||
|
# Written by Jan-Philipp Benecke <github@bnck.me>
|
||||||
|
# Public domain, 2020
|
||||||
|
#
|
||||||
|
# Following environment variables must be set:
|
||||||
|
#
|
||||||
|
#export DEPLOY_CLEVERREACH_CLIENT_ID=myid
|
||||||
|
#export DEPLOY_CLEVERREACH_CLIENT_SECRET=mysecret
|
||||||
|
|
||||||
|
cleverreach_deploy() {
|
||||||
|
_cdomain="$1"
|
||||||
|
_ckey="$2"
|
||||||
|
_ccert="$3"
|
||||||
|
_cca="$4"
|
||||||
|
_cfullchain="$5"
|
||||||
|
|
||||||
|
_debug _cdomain "$_cdomain"
|
||||||
|
_debug _ckey "$_ckey"
|
||||||
|
_debug _ccert "$_ccert"
|
||||||
|
_debug _cca "$_cca"
|
||||||
|
_debug _cfullchain "$_cfullchain"
|
||||||
|
|
||||||
|
_getdeployconf DEPLOY_CLEVERREACH_CLIENT_ID
|
||||||
|
_getdeployconf DEPLOY_CLEVERREACH_CLIENT_SECRET
|
||||||
|
|
||||||
|
if [ -z "${DEPLOY_CLEVERREACH_CLIENT_ID}" ]; then
|
||||||
|
_err "CleverReach Client ID is not found, please define DEPLOY_CLEVERREACH_CLIENT_ID."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
if [ -z "${DEPLOY_CLEVERREACH_CLIENT_SECRET}" ]; then
|
||||||
|
_err "CleverReach client secret is not found, please define DEPLOY_CLEVERREACH_CLIENT_SECRET."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_savedeployconf DEPLOY_CLEVERREACH_CLIENT_ID "${DEPLOY_CLEVERREACH_CLIENT_ID}"
|
||||||
|
_savedeployconf DEPLOY_CLEVERREACH_CLIENT_SECRET "${DEPLOY_CLEVERREACH_CLIENT_SECRET}"
|
||||||
|
|
||||||
|
_info "Obtaining a CleverReach access token"
|
||||||
|
|
||||||
|
_data="{\"grant_type\": \"client_credentials\", \"client_id\": \"${DEPLOY_CLEVERREACH_CLIENT_ID}\", \"client_secret\": \"${DEPLOY_CLEVERREACH_CLIENT_SECRET}\"}"
|
||||||
|
_auth_result="$(_post "$_data" "https://rest.cleverreach.com/oauth/token.php" "" "POST" "application/json")"
|
||||||
|
|
||||||
|
_debug _data "$_data"
|
||||||
|
_debug _auth_result "$_auth_result"
|
||||||
|
|
||||||
|
_regex=".*\"access_token\":\"\([-._0-9A-Za-z]*\)\".*$"
|
||||||
|
_debug _regex "$_regex"
|
||||||
|
_access_token=$(echo "$_auth_result" | _json_decode | sed -n "s/$_regex/\1/p")
|
||||||
|
|
||||||
|
_info "Uploading certificate and key to CleverReach"
|
||||||
|
|
||||||
|
_certData="{\"cert\":\"$(_json_encode <"$_cfullchain")\", \"key\":\"$(_json_encode <"$_ckey")\"}"
|
||||||
|
export _H1="Authorization: Bearer ${_access_token}"
|
||||||
|
_add_cert_result="$(_post "$_certData" "https://rest.cleverreach.com/v3/ssl" "" "POST" "application/json")"
|
||||||
|
|
||||||
|
_debug "Destroying token at CleverReach"
|
||||||
|
_post "" "https://rest.cleverreach.com/v3/oauth/token.json" "" "DELETE" "application/json"
|
||||||
|
|
||||||
|
if ! echo "$_add_cert_result" | grep '"error":' >/dev/null; then
|
||||||
|
_info "Uploaded certificate successfully"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_debug _add_cert_result "$_add_cert_result"
|
||||||
|
_err "Unable to update certificate"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
@ -28,11 +28,13 @@ fritzbox_deploy() {
|
|||||||
_debug _cfullchain "$_cfullchain"
|
_debug _cfullchain "$_cfullchain"
|
||||||
|
|
||||||
if ! _exists iconv; then
|
if ! _exists iconv; then
|
||||||
|
if ! _exists uconv; then
|
||||||
if ! _exists perl; then
|
if ! _exists perl; then
|
||||||
_err "iconv or perl not found"
|
_err "iconv or uconv or perl not found"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
_fritzbox_username="${DEPLOY_FRITZBOX_USERNAME}"
|
_fritzbox_username="${DEPLOY_FRITZBOX_USERNAME}"
|
||||||
_fritzbox_password="${DEPLOY_FRITZBOX_PASSWORD}"
|
_fritzbox_password="${DEPLOY_FRITZBOX_PASSWORD}"
|
||||||
@ -65,6 +67,8 @@ fritzbox_deploy() {
|
|||||||
_fritzbox_challenge="$(_get "${_fritzbox_url}/login_sid.lua" | sed -e 's/^.*<Challenge>//' -e 's/<\/Challenge>.*$//')"
|
_fritzbox_challenge="$(_get "${_fritzbox_url}/login_sid.lua" | sed -e 's/^.*<Challenge>//' -e 's/<\/Challenge>.*$//')"
|
||||||
if _exists iconv; then
|
if _exists iconv; then
|
||||||
_fritzbox_hash="$(printf "%s-%s" "${_fritzbox_challenge}" "${_fritzbox_password}" | iconv -f ASCII -t UTF16LE | _digest md5 hex)"
|
_fritzbox_hash="$(printf "%s-%s" "${_fritzbox_challenge}" "${_fritzbox_password}" | iconv -f ASCII -t UTF16LE | _digest md5 hex)"
|
||||||
|
elif _exists uconv; then
|
||||||
|
_fritzbox_hash="$(printf "%s-%s" "${_fritzbox_challenge}" "${_fritzbox_password}" | uconv -f ASCII -t UTF16LE | _digest md5 hex)"
|
||||||
else
|
else
|
||||||
_fritzbox_hash="$(printf "%s-%s" "${_fritzbox_challenge}" "${_fritzbox_password}" | perl -p -e 'use Encode qw/encode/; print encode("UTF-16LE","$_"); $_="";' | _digest md5 hex)"
|
_fritzbox_hash="$(printf "%s-%s" "${_fritzbox_challenge}" "${_fritzbox_password}" | perl -p -e 'use Encode qw/encode/; print encode("UTF-16LE","$_"); $_="";' | _digest md5 hex)"
|
||||||
fi
|
fi
|
||||||
|
@ -61,7 +61,7 @@ dns_desec_add() {
|
|||||||
fi
|
fi
|
||||||
_debug txtvalues "$txtvalues"
|
_debug txtvalues "$txtvalues"
|
||||||
_info "Adding record"
|
_info "Adding record"
|
||||||
body="[{\"subname\":\"$_sub_domain\", \"type\":\"TXT\", \"records\":[$txtvalues], \"ttl\":60}]"
|
body="[{\"subname\":\"$_sub_domain\", \"type\":\"TXT\", \"records\":[$txtvalues], \"ttl\":3600}]"
|
||||||
|
|
||||||
if _desec_rest PUT "$REST_API/$DEDYN_NAME/rrsets/" "$body"; then
|
if _desec_rest PUT "$REST_API/$DEDYN_NAME/rrsets/" "$body"; then
|
||||||
if _contains "$response" "$txtvalue"; then
|
if _contains "$response" "$txtvalue"; then
|
||||||
@ -130,7 +130,7 @@ dns_desec_rm() {
|
|||||||
_debug txtvalues "$txtvalues"
|
_debug txtvalues "$txtvalues"
|
||||||
|
|
||||||
_info "Deleting record"
|
_info "Deleting record"
|
||||||
body="[{\"subname\":\"$_sub_domain\", \"type\":\"TXT\", \"records\":[$txtvalues], \"ttl\":60}]"
|
body="[{\"subname\":\"$_sub_domain\", \"type\":\"TXT\", \"records\":[$txtvalues], \"ttl\":3600}]"
|
||||||
_desec_rest PUT "$REST_API/$DEDYN_NAME/rrsets/" "$body"
|
_desec_rest PUT "$REST_API/$DEDYN_NAME/rrsets/" "$body"
|
||||||
if [ "$_code" = "200" ]; then
|
if [ "$_code" = "200" ]; then
|
||||||
_info "Deleted, OK"
|
_info "Deleted, OK"
|
||||||
|
255
dnsapi/dns_huaweicloud.sh
Normal file
255
dnsapi/dns_huaweicloud.sh
Normal file
@ -0,0 +1,255 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# HUAWEICLOUD_Username
|
||||||
|
# HUAWEICLOUD_Password
|
||||||
|
# HUAWEICLOUD_ProjectID
|
||||||
|
|
||||||
|
iam_api="https://iam.myhuaweicloud.com"
|
||||||
|
dns_api="https://dns.ap-southeast-1.myhuaweicloud.com"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
# Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
# Used to add txt record
|
||||||
|
#
|
||||||
|
# Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/zh-cn_topic_0132421999.html
|
||||||
|
#
|
||||||
|
|
||||||
|
dns_huaweicloud_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
|
||||||
|
HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
|
||||||
|
HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
|
||||||
|
|
||||||
|
# Check information
|
||||||
|
if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Password}" ] || [ -z "${HUAWEICLOUD_ProjectID}" ]; then
|
||||||
|
_err "Not enough information provided to dns_huaweicloud!"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
|
||||||
|
_debug2 "${token}"
|
||||||
|
zoneid="$(_get_zoneid "${token}" "${fulldomain}")"
|
||||||
|
_debug "${zoneid}"
|
||||||
|
|
||||||
|
_debug "Adding Record"
|
||||||
|
_add_record "${token}" "${fulldomain}" "${txtvalue}"
|
||||||
|
ret="$?"
|
||||||
|
if [ "${ret}" != "0" ]; then
|
||||||
|
_err "dns_huaweicloud: Error adding record."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Do saving work if all succeeded
|
||||||
|
_saveaccountconf_mutable HUAWEICLOUD_Username "${HUAWEICLOUD_Username}"
|
||||||
|
_saveaccountconf_mutable HUAWEICLOUD_Password "${HUAWEICLOUD_Password}"
|
||||||
|
_saveaccountconf_mutable HUAWEICLOUD_ProjectID "${HUAWEICLOUD_ProjectID}"
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
# Usage: fulldomain txtvalue
|
||||||
|
# Used to remove the txt record after validation
|
||||||
|
#
|
||||||
|
# Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/dns_api_64005.html
|
||||||
|
#
|
||||||
|
|
||||||
|
dns_huaweicloud_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}"
|
||||||
|
HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}"
|
||||||
|
HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}"
|
||||||
|
|
||||||
|
# Check information
|
||||||
|
if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Password}" ] || [ -z "${HUAWEICLOUD_ProjectID}" ]; then
|
||||||
|
_err "Not enough information provided to dns_huaweicloud!"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")"
|
||||||
|
_debug2 "${token}"
|
||||||
|
zoneid="$(_get_zoneid "${token}" "${fulldomain}")"
|
||||||
|
_debug "${zoneid}"
|
||||||
|
record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
|
||||||
|
_debug "Record Set ID is: ${record_id}"
|
||||||
|
|
||||||
|
# Remove all records
|
||||||
|
# Therotically HuaweiCloud does not allow more than one record set
|
||||||
|
# But remove them recurringly to increase robusty
|
||||||
|
while [ "${record_id}" != "0" ]; do
|
||||||
|
_debug "Removing Record"
|
||||||
|
_rm_record "${token}" "${zoneid}" "${record_id}"
|
||||||
|
record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")"
|
||||||
|
done
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
################### Private functions below ##################################
|
||||||
|
|
||||||
|
# _get_zoneid
|
||||||
|
#
|
||||||
|
# _token=$1
|
||||||
|
# _domain_string=$2
|
||||||
|
#
|
||||||
|
# printf "%s" "${_zoneid}"
|
||||||
|
_get_zoneid() {
|
||||||
|
_token=$1
|
||||||
|
_domain_string=$2
|
||||||
|
export _H1="X-Auth-Token: ${_token}"
|
||||||
|
|
||||||
|
i=1
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "${_domain_string}" | cut -d . -f $i-100)
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug "$h"
|
||||||
|
response=$(_get "${dns_api}/v2/zones?name=${h}")
|
||||||
|
|
||||||
|
if _contains "${response}" "id"; then
|
||||||
|
_debug "Get Zone ID Success."
|
||||||
|
_zoneid=$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")
|
||||||
|
printf "%s" "${_zoneid}"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_get_recordset_id() {
|
||||||
|
_token=$1
|
||||||
|
_domain=$2
|
||||||
|
_zoneid=$3
|
||||||
|
export _H1="X-Auth-Token: ${_token}"
|
||||||
|
|
||||||
|
response=$(_get "${dns_api}/v2/zones/${_zoneid}/recordsets?name=${_domain}")
|
||||||
|
if _contains "${response}" "id"; then
|
||||||
|
_id="$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")"
|
||||||
|
printf "%s" "${_id}"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
printf "%s" "0"
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_add_record() {
|
||||||
|
_token=$1
|
||||||
|
_domain=$2
|
||||||
|
_txtvalue=$3
|
||||||
|
|
||||||
|
# Get Existing Records
|
||||||
|
export _H1="X-Auth-Token: ${_token}"
|
||||||
|
response=$(_get "${dns_api}/v2/zones/${zoneid}/recordsets?name=${_domain}")
|
||||||
|
|
||||||
|
_debug2 "${response}"
|
||||||
|
_exist_record=$(echo "${response}" | _egrep_o '"records":[^]]*' | sed 's/\"records\"\:\[//g')
|
||||||
|
_debug "${_exist_record}"
|
||||||
|
|
||||||
|
# Check if record exist
|
||||||
|
# Generate body data
|
||||||
|
if [ -z "${_exist_record}" ]; then
|
||||||
|
_post_body="{
|
||||||
|
\"name\": \"${_domain}.\",
|
||||||
|
\"description\": \"ACME Challenge\",
|
||||||
|
\"type\": \"TXT\",
|
||||||
|
\"ttl\": 1,
|
||||||
|
\"records\": [
|
||||||
|
\"\\\"${_txtvalue}\\\"\"
|
||||||
|
]
|
||||||
|
}"
|
||||||
|
else
|
||||||
|
_post_body="{
|
||||||
|
\"name\": \"${_domain}.\",
|
||||||
|
\"description\": \"ACME Challenge\",
|
||||||
|
\"type\": \"TXT\",
|
||||||
|
\"ttl\": 1,
|
||||||
|
\"records\": [
|
||||||
|
${_exist_record},
|
||||||
|
\"\\\"${_txtvalue}\\\"\"
|
||||||
|
]
|
||||||
|
}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
_record_id="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
|
||||||
|
_debug "Record Set ID is: ${_record_id}"
|
||||||
|
|
||||||
|
# Remove all records
|
||||||
|
while [ "${_record_id}" != "0" ]; do
|
||||||
|
_debug "Removing Record"
|
||||||
|
_rm_record "${_token}" "${zoneid}" "${_record_id}"
|
||||||
|
_record_id="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Add brand new records with all old and new records
|
||||||
|
export _H2="Content-Type: application/json"
|
||||||
|
export _H1="X-Auth-Token: ${_token}"
|
||||||
|
|
||||||
|
_debug2 "${_post_body}"
|
||||||
|
_post "${_post_body}" "${dns_api}/v2/zones/${zoneid}/recordsets" >/dev/null
|
||||||
|
_code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")"
|
||||||
|
if [ "$_code" != "202" ]; then
|
||||||
|
_err "dns_huaweicloud: http code ${_code}"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
# _rm_record $token $zoneid $recordid
|
||||||
|
# assume ${dns_api} exist
|
||||||
|
# no output
|
||||||
|
# return 0
|
||||||
|
_rm_record() {
|
||||||
|
_token=$1
|
||||||
|
_zone_id=$2
|
||||||
|
_record_id=$3
|
||||||
|
|
||||||
|
export _H2="Content-Type: application/json"
|
||||||
|
export _H1="X-Auth-Token: ${_token}"
|
||||||
|
|
||||||
|
_post "" "${dns_api}/v2/zones/${_zone_id}/recordsets/${_record_id}" false "DELETE" >/dev/null
|
||||||
|
return $?
|
||||||
|
}
|
||||||
|
|
||||||
|
_get_token() {
|
||||||
|
_username=$1
|
||||||
|
_password=$2
|
||||||
|
_project=$3
|
||||||
|
|
||||||
|
_debug "Getting Token"
|
||||||
|
body="{
|
||||||
|
\"auth\": {
|
||||||
|
\"identity\": {
|
||||||
|
\"methods\": [
|
||||||
|
\"password\"
|
||||||
|
],
|
||||||
|
\"password\": {
|
||||||
|
\"user\": {
|
||||||
|
\"name\": \"${_username}\",
|
||||||
|
\"password\": \"${_password}\",
|
||||||
|
\"domain\": {
|
||||||
|
\"name\": \"${_username}\"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
\"scope\": {
|
||||||
|
\"project\": {
|
||||||
|
\"id\": \"${_project}\"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}"
|
||||||
|
export _H1="Content-Type: application/json;charset=utf8"
|
||||||
|
_post "${body}" "${iam_api}/v3/auth/tokens" >/dev/null
|
||||||
|
_code=$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")
|
||||||
|
_token=$(grep "^X-Subject-Token" "$HTTP_HEADER" | cut -d " " -f 2-)
|
||||||
|
_debug2 "${_code}"
|
||||||
|
printf "%s" "${_token}"
|
||||||
|
return 0
|
||||||
|
}
|
191
dnsapi/dns_world4you.sh
Normal file
191
dnsapi/dns_world4you.sh
Normal file
@ -0,0 +1,191 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# World4You - www.world4you.com
|
||||||
|
# Lorenz Stechauner, 2020 - https://www.github.com/NerLOR
|
||||||
|
|
||||||
|
WORLD4YOU_API="https://my.world4you.com/en"
|
||||||
|
PAKETNR=''
|
||||||
|
TLD=''
|
||||||
|
RECORD=''
|
||||||
|
|
||||||
|
################ Public functions ################
|
||||||
|
|
||||||
|
# Usage: dns_world4you_add <fqdn> <value>
|
||||||
|
dns_world4you_add() {
|
||||||
|
fqdn="$1"
|
||||||
|
value="$2"
|
||||||
|
_info "Using world4you to add record"
|
||||||
|
_debug fulldomain "$fqdn"
|
||||||
|
_debug txtvalue "$value"
|
||||||
|
|
||||||
|
_login
|
||||||
|
if [ "$?" != 0 ]; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
export _H1="Cookie: W4YSESSID=$sessid"
|
||||||
|
form=$(_get "$WORLD4YOU_API/dashboard/paketuebersicht")
|
||||||
|
_get_paketnr "$fqdn" "$form"
|
||||||
|
paketnr="$PAKETNR"
|
||||||
|
if [ -z "$paketnr" ]; then
|
||||||
|
_err "Unable to parse paketnr"
|
||||||
|
return 3
|
||||||
|
fi
|
||||||
|
_debug paketnr "$paketnr"
|
||||||
|
|
||||||
|
export _H1="Cookie: W4YSESSID=$sessid"
|
||||||
|
form=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
||||||
|
formiddp=$(echo "$form" | grep 'AddDnsRecordForm\[uniqueFormIdDP\]' | sed 's/^.*name="AddDnsRecordForm\[uniqueFormIdDP\]" value="\([^"]*\)".*$/\1/')
|
||||||
|
formidttl=$(echo "$form" | grep 'AddDnsRecordForm\[uniqueFormIdTTL\]' | sed 's/^.*name="AddDnsRecordForm\[uniqueFormIdTTL\]" value="\([^"]*\)".*$/\1/')
|
||||||
|
form_token=$(echo "$form" | grep 'AddDnsRecordForm\[_token\]' | sed 's/^.*name="AddDnsRecordForm\[_token\]" value="\([^"]*\)".*$/\1/')
|
||||||
|
if [ -z "$formiddp" ]; then
|
||||||
|
_err "Unable to parse form"
|
||||||
|
return 3
|
||||||
|
fi
|
||||||
|
|
||||||
|
_resethttp
|
||||||
|
export ACME_HTTP_NO_REDIRECTS=1
|
||||||
|
body="AddDnsRecordForm[name]=$RECORD&AddDnsRecordForm[dnsType][type]=TXT&\
|
||||||
|
AddDnsRecordForm[value]=$value&AddDnsRecordForm[aktivPaket]=$paketnr&AddDnsRecordForm[uniqueFormIdDP]=$formiddp&\
|
||||||
|
AddDnsRecordForm[uniqueFormIdTTL]=$formidttl&AddDnsRecordForm[_token]=$form_token"
|
||||||
|
_info "Adding record..."
|
||||||
|
ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/dns" '' POST 'application/x-www-form-urlencoded')
|
||||||
|
_resethttp
|
||||||
|
|
||||||
|
if grep '302' >/dev/null <"$HTTP_HEADER"; then
|
||||||
|
res=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
||||||
|
if _contains "$res" "successfully"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
|
||||||
|
_err "Unable to add record: $msg"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
_err "$(_head_n 1 <"$HTTP_HEADER")"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Usage: dns_world4you_rm <fqdn> <value>
|
||||||
|
dns_world4you_rm() {
|
||||||
|
fqdn="$1"
|
||||||
|
value="$2"
|
||||||
|
_info "Using world4you to remove record"
|
||||||
|
_debug fulldomain "$fqdn"
|
||||||
|
_debug txtvalue "$value"
|
||||||
|
|
||||||
|
_login
|
||||||
|
if [ "$?" != 0 ]; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
export _H1="Cookie: W4YSESSID=$sessid"
|
||||||
|
form=$(_get "$WORLD4YOU_API/dashboard/paketuebersicht")
|
||||||
|
_get_paketnr "$fqdn" "$form"
|
||||||
|
paketnr="$PAKETNR"
|
||||||
|
if [ -z "$paketnr" ]; then
|
||||||
|
_err "Unable to parse paketnr"
|
||||||
|
return 3
|
||||||
|
fi
|
||||||
|
_debug paketnr "$paketnr"
|
||||||
|
|
||||||
|
form=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
||||||
|
formiddp=$(echo "$form" | grep 'DeleteDnsRecordForm\[uniqueFormIdDP\]' | sed 's/^.*name="DeleteDnsRecordForm\[uniqueFormIdDP\]" value="\([^"]*\)".*$/\1/')
|
||||||
|
formidttl=$(echo "$form" | grep 'DeleteDnsRecordForm\[uniqueFormIdTTL\]' | sed 's/^.*name="DeleteDnsRecordForm\[uniqueFormIdTTL\]" value="\([^"]*\)".*$/\1/')
|
||||||
|
form_token=$(echo "$form" | grep 'DeleteDnsRecordForm\[_token\]' | sed 's/^.*name="DeleteDnsRecordForm\[_token\]" value="\([^"]*\)".*$/\1/')
|
||||||
|
if [ -z "$formiddp" ]; then
|
||||||
|
_err "Unable to parse form"
|
||||||
|
return 3
|
||||||
|
fi
|
||||||
|
|
||||||
|
recordid=$(printf "TXT:%s.:\"%s\"" "$fqdn" "$value" | _base64)
|
||||||
|
_debug recordid "$recordid"
|
||||||
|
|
||||||
|
_resethttp
|
||||||
|
export ACME_HTTP_NO_REDIRECTS=1
|
||||||
|
body="DeleteDnsRecordForm[recordId]=$recordid&DeleteDnsRecordForm[aktivPaket]=$paketnr&\
|
||||||
|
DeleteDnsRecordForm[uniqueFormIdDP]=$formiddp&DeleteDnsRecordForm[uniqueFormIdTTL]=$formidttl&\
|
||||||
|
DeleteDnsRecordForm[_token]=$form_token"
|
||||||
|
_info "Removing record..."
|
||||||
|
ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/deleteRecord" '' POST 'application/x-www-form-urlencoded')
|
||||||
|
_resethttp
|
||||||
|
|
||||||
|
if grep '302' >/dev/null <"$HTTP_HEADER"; then
|
||||||
|
res=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
||||||
|
if _contains "$res" "successfully"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
|
||||||
|
_err "Unable to remove record: $msg"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
_err "$(_head_n 1 <"$HTTP_HEADER")"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
################ Private functions ################
|
||||||
|
|
||||||
|
# Usage: _login
|
||||||
|
_login() {
|
||||||
|
WORLD4YOU_USERNAME="${WORLD4YOU_USERNAME:-$(_readaccountconf_mutable WORLD4YOU_USERNAME)}"
|
||||||
|
WORLD4YOU_PASSWORD="${WORLD4YOU_PASSWORD:-$(_readaccountconf_mutable WORLD4YOU_PASSWORD)}"
|
||||||
|
|
||||||
|
if [ -z "$WORLD4YOU_USERNAME" ] || [ -z "$WORLD4YOU_PASSWORD" ]; then
|
||||||
|
WORLD4YOU_USERNAME=""
|
||||||
|
WORLD4YOU_PASSWORD=""
|
||||||
|
_err "You didn't specify world4you username and password yet."
|
||||||
|
_err "Usage: export WORLD4YOU_USERNAME=<name>"
|
||||||
|
_err "Usage: export WORLD4YOU_PASSWORD=<password>"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_saveaccountconf_mutable WORLD4YOU_USERNAME "$WORLD4YOU_USERNAME"
|
||||||
|
_saveaccountconf_mutable WORLD4YOU_PASSWORD "$WORLD4YOU_PASSWORD"
|
||||||
|
|
||||||
|
_info "Logging in..."
|
||||||
|
|
||||||
|
username="$WORLD4YOU_USERNAME"
|
||||||
|
password="$WORLD4YOU_PASSWORD"
|
||||||
|
csrf_token=$(_get "$WORLD4YOU_API/login" | grep '_csrf_token' | sed 's/^.*<input[^>]*value=\"\([^"]*\)\".*$/\1/')
|
||||||
|
sessid=$(grep 'W4YSESSID' <"$HTTP_HEADER" | sed 's/^.*W4YSESSID=\([^;]*\);.*$/\1/')
|
||||||
|
|
||||||
|
export _H1="Cookie: W4YSESSID=$sessid"
|
||||||
|
export _H2="X-Requested-With: XMLHttpRequest"
|
||||||
|
body="_username=$username&_password=$password&_csrf_token=$csrf_token"
|
||||||
|
ret=$(_post "$body" "$WORLD4YOU_API/login" '' POST 'application/x-www-form-urlencoded')
|
||||||
|
unset _H2
|
||||||
|
_debug ret "$ret"
|
||||||
|
if _contains "$ret" "\"success\":true"; then
|
||||||
|
_info "Successfully logged in"
|
||||||
|
sessid=$(grep 'W4YSESSID' <"$HTTP_HEADER" | sed 's/^.*W4YSESSID=\([^;]*\);.*$/\1/')
|
||||||
|
else
|
||||||
|
_err "Unable to log in: $(echo "$ret" | sed 's/^.*"message":"\([^\"]*\)".*$/\1/')"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Usage _get_paketnr <fqdn> <form>
|
||||||
|
_get_paketnr() {
|
||||||
|
fqdn="$1"
|
||||||
|
form="$2"
|
||||||
|
|
||||||
|
domains=$(echo "$form" | grep '^ *[A-Za-z0-9_\.-]*\.[A-Za-z0-9_-]*$' | sed 's/^\s*\(\S*\)$/\1/')
|
||||||
|
domain=''
|
||||||
|
for domain in $domains; do
|
||||||
|
if echo "$fqdn" | grep "$domain\$" >/dev/null; then
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
domain=''
|
||||||
|
done
|
||||||
|
if [ -z "$domain" ]; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
TLD="$domain"
|
||||||
|
RECORD=$(echo "$fqdn" | cut -c"1-$((${#fqdn} - ${#TLD} - 1))")
|
||||||
|
PAKETNR=$(echo "$form" | grep "data-textfilter=\" $domain " | _head_n 1 | sed 's/^.* \([0-9]*\) .*$/\1/')
|
||||||
|
return 0
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user