From 9c88971bc14314f061f17e71b292027586d0b63e Mon Sep 17 00:00:00 2001 From: James Gibson Date: Thu, 22 Mar 2018 23:09:38 -0600 Subject: [PATCH 01/14] Use internal base64 util instead of PATH bin/ --- dnsapi/dns_namecom.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_namecom.sh b/dnsapi/dns_namecom.sh index b712fa94..254952d6 100755 --- a/dnsapi/dns_namecom.sh +++ b/dnsapi/dns_namecom.sh @@ -123,7 +123,7 @@ _namecom_login() { # Auth string # Name.com API v4 uses http basic auth to authenticate # need to convert the token for http auth - _namecom_auth=$(printf "%s:%s" "$Namecom_Username" "$Namecom_Token" | base64) + _namecom_auth=$(printf "%s:%s" "$Namecom_Username" "$Namecom_Token" | _base64) if _namecom_rest GET "hello"; then retcode=$(printf "%s\n" "$response" | _egrep_o "\"username\"\:\"$Namecom_Username\"") From 914808b867dd57c485edaab9a43358ac0716d41a Mon Sep 17 00:00:00 2001 From: Habetdin Date: Tue, 27 Mar 2018 06:16:39 +0300 Subject: [PATCH 02/14] Adding Zilore API support --- dnsapi/dns_zilore.sh | 139 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 139 insertions(+) create mode 100644 dnsapi/dns_zilore.sh diff --git a/dnsapi/dns_zilore.sh b/dnsapi/dns_zilore.sh new file mode 100644 index 00000000..4365004b --- /dev/null +++ b/dnsapi/dns_zilore.sh @@ -0,0 +1,139 @@ +#!/usr/bin/env sh + +Zilore_API="https://api.zilore.com/dns/v1" +# Zilore_Key="YOUR-ZILORE-API-KEY" + +######## Public functions ##################### + +dns_zilore_add() { + fulldomain=$1 + txtvalue=$2 + + _info "Using Zilore" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + Zilore_Key="${Zilore_Key:-$(_readaccountconf_mutable Zilore_Key)}" + if [ -z "$Zilore_Key" ]; then + Zilore_Key="" + _err "Please define Zilore API key" + return 1 + fi + _saveaccountconf_mutable Zilore_Key "$Zilore_Key" + + if ! _get_root "$fulldomain"; then + _err "Unable to determine root domain" + return 1 + else + _debug _domain "$_domain" + fi + + if _zilore_rest POST "domains/$_domain/records?record_type=TXT&record_ttl=600&record_name=$fulldomain&record_value=\"$txtvalue\""; then + if _contains "$response" '"added"' >/dev/null; then + _info "Added TXT record, waiting for validation" + return 0 + else + _debug response "$response" + _err "Error while adding DNS records" + return 1 + fi + fi + + return 1 +} + +dns_zilore_rm() { + fulldomain=$1 + txtvalue=$2 + + _info "Using Zilore" + _debug fulldomain "$fulldomain" + _debug txtvalue "$txtvalue" + + Zilore_Key="${Zilore_Key:-$(_readaccountconf_mutable Zilore_Key)}" + if [ -z "$Zilore_Key" ]; then + Zilore_Key="" + _err "Please define Zilore API key" + return 1 + fi + _saveaccountconf_mutable Zilore_Key "$Zilore_Key" + + if ! _get_root "$fulldomain"; then + _err "Unable to determine root domain" + return 1 + else + _debug _domain "$_domain" + fi + + _debug "Getting TXT records" + _zilore_rest GET "domains/${_domain}/records?search_text=$txtvalue&search_record_type=TXT" + _debug response "$response" + + if ! _contains "$response" '"ok"' >/dev/null; then + _err "Error while getting records list" + return 1 + else + _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[^\"]+\"" | cut -d : -f 2 | tr -d \" | head -n 1) + if [ -z "$_record_id" ]; then + _err "Cannot determine _record_id" + return 1 + else + _debug _record_id "$_record_id" + fi + if ! _zilore_rest DELETE "domains/${_domain}/records?record_id=$_record_id"; then + _err "Error while deleting chosen record" + return 1 + fi + _contains "$response" '"ok"' + fi +} + +#################### Private functions below ################################## + +_get_root() { + domain=$1 + i=2 + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) + _debug h "$h" + if [ -z "$h" ]; then + #not valid + return 1 + fi + + if ! _zilore_rest GET "domains?search_text=$h"; then + return 1 + fi + + if _contains "$response" "\"$h\"" >/dev/null; then + _domain=$h + return 0 + else + _debug "$h not found" + fi + i=$(_math "$i" + 1) + done + return 1 +} + +_zilore_rest() { + method=$1 + param=$2 + data=$3 + + export _H1="X-Auth-Key: $Zilore_Key" + + if [ "$method" != "GET" ]; then + response="$(_post "$data" "$Zilore_API/$param" "" "$method")" + else + response="$(_get "$Zilore_API/$param")" + fi + + if [ "$?" != "0" ]; then + _err "error $param" + return 1 + fi + + _debug2 response "$response" + return 0 +} From 6b0333e919e5d7eee10f7a0c3156b44bd81d7fcb Mon Sep 17 00:00:00 2001 From: Habetdin Date: Tue, 27 Mar 2018 06:21:10 +0300 Subject: [PATCH 03/14] Update README #1 --- dnsapi/README.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/dnsapi/README.md b/dnsapi/README.md index f3edfb6f..9df2d01a 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -787,6 +787,20 @@ acme.sh --issue --dns dns_da -d example.com -d www.example.com The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. +## 42. Use Zilore API to automatically issue cert + +First you need to login to your Zilore account to get your API key. + +``` +export Zilore_Key="5dcad3a2-36cb-50e8-cb92-000002f9" +``` + +Ok, let's issue a cert now: +``` +acme.sh --issue --dns dns_zilore -d example.com -d www.example.com +``` + +The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. # Use custom API From 882e1db1d61d129fa5354a7eeb4d70c77049fff0 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Tue, 27 Mar 2018 06:23:15 +0300 Subject: [PATCH 04/14] Update README #2 --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 6a268350..8d437291 100644 --- a/README.md +++ b/README.md @@ -315,6 +315,7 @@ You don't have to do anything manually! 1. zonomi.com DNS API 1. DreamHost.com API 1. DirectAdmin API +1. Zilore API And: From fde971fe81b5c64d724c1453a74d4023b3f13fb1 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Tue, 27 Mar 2018 06:31:25 +0300 Subject: [PATCH 05/14] Fix formatting --- dnsapi/dns_zilore.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_zilore.sh b/dnsapi/dns_zilore.sh index 4365004b..6969944c 100644 --- a/dnsapi/dns_zilore.sh +++ b/dnsapi/dns_zilore.sh @@ -106,7 +106,7 @@ _get_root() { fi if _contains "$response" "\"$h\"" >/dev/null; then - _domain=$h + _domain=$h return 0 else _debug "$h not found" From b14ef537e13096d5565d71243b9c7f7976efa76f Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:14:45 +0300 Subject: [PATCH 06/14] head => _head_n --- dnsapi/dns_zilore.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_zilore.sh b/dnsapi/dns_zilore.sh index 6969944c..42111025 100644 --- a/dnsapi/dns_zilore.sh +++ b/dnsapi/dns_zilore.sh @@ -73,7 +73,7 @@ dns_zilore_rm() { _err "Error while getting records list" return 1 else - _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[^\"]+\"" | cut -d : -f 2 | tr -d \" | head -n 1) + _record_id=$(printf "%s\n" "$response" | _egrep_o "\"record_id\":\"[^\"]+\"" | cut -d : -f 2 | tr -d \" | _head_n 1) if [ -z "$_record_id" ]; then _err "Cannot determine _record_id" return 1 From b4f4c28871debcc627d1fc5225fbb34d0a1451e1 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:17:22 +0300 Subject: [PATCH 07/14] Update README.md --- dnsapi/README.md | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 9df2d01a..10295266 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -787,7 +787,19 @@ acme.sh --issue --dns dns_da -d example.com -d www.example.com The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. -## 42. Use Zilore API to automatically issue cert +## 42. Use KingHost DNS API + +API access must be enabled at https://painel.kinghost.com.br/painel.api.php + +``` +export KINGHOST_Username="yourusername" +export KINGHOST_Password="yourpassword" +acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com +``` + +The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. + +## 43. Use Zilore DNS API First you need to login to your Zilore account to get your API key. From 2bc38b206364d6b00e72cd217ddc933f2b1dbd4e Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:22:33 +0300 Subject: [PATCH 08/14] Revert "Update README.md" This reverts commit b4f4c28871debcc627d1fc5225fbb34d0a1451e1. --- dnsapi/README.md | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 10295266..9df2d01a 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -787,19 +787,7 @@ acme.sh --issue --dns dns_da -d example.com -d www.example.com The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. -## 42. Use KingHost DNS API - -API access must be enabled at https://painel.kinghost.com.br/painel.api.php - -``` -export KINGHOST_Username="yourusername" -export KINGHOST_Password="yourpassword" -acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com -``` - -The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. - -## 43. Use Zilore DNS API +## 42. Use Zilore API to automatically issue cert First you need to login to your Zilore account to get your API key. From ce9f77afed08f5a1136d903d87a434329a1d44e5 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:22:36 +0300 Subject: [PATCH 09/14] Revert "Update README #2" This reverts commit 882e1db1d61d129fa5354a7eeb4d70c77049fff0. --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 8d437291..6a268350 100644 --- a/README.md +++ b/README.md @@ -315,7 +315,6 @@ You don't have to do anything manually! 1. zonomi.com DNS API 1. DreamHost.com API 1. DirectAdmin API -1. Zilore API And: From e32c2b84ee941fbefd74ddc735c14dd5533e5579 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:22:38 +0300 Subject: [PATCH 10/14] Revert "Update README #1" This reverts commit 6b0333e919e5d7eee10f7a0c3156b44bd81d7fcb. --- dnsapi/README.md | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 9df2d01a..f3edfb6f 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -787,20 +787,6 @@ acme.sh --issue --dns dns_da -d example.com -d www.example.com The `DA_Api` and `DA_Api_Insecure` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. -## 42. Use Zilore API to automatically issue cert - -First you need to login to your Zilore account to get your API key. - -``` -export Zilore_Key="5dcad3a2-36cb-50e8-cb92-000002f9" -``` - -Ok, let's issue a cert now: -``` -acme.sh --issue --dns dns_zilore -d example.com -d www.example.com -``` - -The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. # Use custom API From ce9c22742503efed89dfa4300c7d72739fe9aaf9 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:25:52 +0300 Subject: [PATCH 11/14] Update README.md --- dnsapi/README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/dnsapi/README.md b/dnsapi/README.md index e459094e..10295266 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -799,6 +799,21 @@ acme.sh --issue --dns dns_kinghost -d example.com -d *.example.com The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. +## 43. Use Zilore DNS API + +First you need to login to your Zilore account to get your API key. + +``` +export Zilore_Key="5dcad3a2-36cb-50e8-cb92-000002f9" +``` + +Ok, let's issue a cert now: +``` +acme.sh --issue --dns dns_zilore -d example.com -d www.example.com +``` + +The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. + # Use custom API If your API is not supported yet, you can write your own DNS API. From 8f5ee989baa03579a98c9434762bd2376263136b Mon Sep 17 00:00:00 2001 From: Habetdin Date: Wed, 28 Mar 2018 18:26:34 +0300 Subject: [PATCH 12/14] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4c46c926..b5d5aff0 100644 --- a/README.md +++ b/README.md @@ -316,6 +316,7 @@ You don't have to do anything manually! 1. DreamHost.com API 1. DirectAdmin API 1. KingHost (https://www.kinghost.com.br/) +1. Zilore (https://zilore.com) And: From 87a8dda95525eddcbac441d8944a94e63401d48d Mon Sep 17 00:00:00 2001 From: Bob Belnap Date: Wed, 28 Mar 2018 12:40:31 -0400 Subject: [PATCH 13/14] add chain cert --- deploy/vault_cli.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy/vault_cli.sh b/deploy/vault_cli.sh index 02617c5e..79c25aa2 100644 --- a/deploy/vault_cli.sh +++ b/deploy/vault_cli.sh @@ -51,6 +51,7 @@ vault_cli_deploy() { $VAULT_CMD write "${VAULT_PREFIX}/${_cdomain}/cert.pem" value=@"$_ccert" || return 1 $VAULT_CMD write "${VAULT_PREFIX}/${_cdomain}/cert.key" value=@"$_ckey" || return 1 + $VAULT_CMD write "${VAULT_PREFIX}/${_cdomain}/chain.pem" value=@"$_cca" || return 1 $VAULT_CMD write "${VAULT_PREFIX}/${_cdomain}/fullchain.pem" value=@"$_cfullchain" || return 1 } From 98e15f658ef14c68c040766e4bb8c979ae5703a7 Mon Sep 17 00:00:00 2001 From: Habetdin Date: Thu, 29 Mar 2018 04:31:46 +0300 Subject: [PATCH 14/14] Update Zilore API description --- dnsapi/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 10295266..ba1c045c 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -801,7 +801,7 @@ The `KINGHOST_username` and `KINGHOST_Password` will be saved in `~/.acme.sh/acc ## 43. Use Zilore DNS API -First you need to login to your Zilore account to get your API key. +First, get your API key at https://my.zilore.com/account/api ``` export Zilore_Key="5dcad3a2-36cb-50e8-cb92-000002f9" @@ -809,7 +809,7 @@ export Zilore_Key="5dcad3a2-36cb-50e8-cb92-000002f9" Ok, let's issue a cert now: ``` -acme.sh --issue --dns dns_zilore -d example.com -d www.example.com +acme.sh --issue --dns dns_zilore -d example.com -d *.example.com ``` The `Zilore_Key` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.