mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-22 13:11:41 +00:00
commit
b7a3fe05a4
@ -12,6 +12,7 @@ RUN apk update -f \
|
|||||||
tzdata \
|
tzdata \
|
||||||
oath-toolkit-oathtool \
|
oath-toolkit-oathtool \
|
||||||
tar \
|
tar \
|
||||||
|
libidn \
|
||||||
&& rm -rf /var/cache/apk/*
|
&& rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
ENV LE_CONFIG_HOME /acme.sh
|
ENV LE_CONFIG_HOME /acme.sh
|
||||||
|
6
acme.sh
6
acme.sh
@ -1,6 +1,6 @@
|
|||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
VER=2.8.8
|
VER=2.8.9
|
||||||
|
|
||||||
PROJECT_NAME="acme.sh"
|
PROJECT_NAME="acme.sh"
|
||||||
|
|
||||||
@ -160,6 +160,8 @@ _SERVER_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Server"
|
|||||||
|
|
||||||
_PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
|
_PREFERRED_CHAIN_WIKI="https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain"
|
||||||
|
|
||||||
|
_DNSCHECK_WIKI="https://github.com/acmesh-official/acme.sh/wiki/dnscheck"
|
||||||
|
|
||||||
_DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead."
|
_DNS_MANUAL_ERR="The dns manual mode can not renew automatically, you must issue it again manually. You'd better use the other modes instead."
|
||||||
|
|
||||||
_DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR"
|
_DNS_MANUAL_WARN="It seems that you are using dns manual mode. please take care: $_DNS_MANUAL_ERR"
|
||||||
@ -3958,6 +3960,8 @@ _check_dns_entries() {
|
|||||||
_end_time="$(_math "$_end_time" + 1200)" #let's check no more than 20 minutes.
|
_end_time="$(_math "$_end_time" + 1200)" #let's check no more than 20 minutes.
|
||||||
|
|
||||||
while [ "$(_time)" -le "$_end_time" ]; do
|
while [ "$(_time)" -le "$_end_time" ]; do
|
||||||
|
_info "You can use '--dnssleep' to disable public dns checks."
|
||||||
|
_info "See: $_DNSCHECK_WIKI"
|
||||||
_left=""
|
_left=""
|
||||||
for entry in $dns_entries; do
|
for entry in $dns_entries; do
|
||||||
d=$(_getfield "$entry" 1)
|
d=$(_getfield "$entry" 1)
|
||||||
|
@ -275,6 +275,7 @@ _check_curl_version() {
|
|||||||
|
|
||||||
if [ "$_major$_minor" -lt "740" ]; then
|
if [ "$_major$_minor" -lt "740" ]; then
|
||||||
_err "curl v$_cversion doesn't support unit socket"
|
_err "curl v$_cversion doesn't support unit socket"
|
||||||
|
_err "Please upgrade to curl 7.40 or later."
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
if [ "$_major$_minor" -lt "750" ]; then
|
if [ "$_major$_minor" -lt "750" ]; then
|
||||||
|
@ -27,26 +27,43 @@ mailcow_deploy() {
|
|||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
#Tests if _ssl_path is the mailcow root directory.
|
||||||
|
if [ -f "${_mailcow_path}/generate_config.sh" ]; then
|
||||||
_ssl_path="${_mailcow_path}/data/assets/ssl/"
|
_ssl_path="${_mailcow_path}/data/assets/ssl/"
|
||||||
|
else
|
||||||
|
_ssl_path="${_mailcow_path}"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ ! -d "$_ssl_path" ]; then
|
if [ ! -d "$_ssl_path" ]; then
|
||||||
_err "Cannot find mailcow ssl path: $_ssl_path"
|
_err "Cannot find mailcow ssl path: $_ssl_path"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# ECC or RSA
|
||||||
|
if [ -z "${Le_Keylength}" ]; then
|
||||||
|
Le_Keylength=""
|
||||||
|
fi
|
||||||
|
if _isEccKey "${Le_Keylength}"; then
|
||||||
|
_info "ECC key type detected"
|
||||||
|
_cert_name_prefix="ecdsa-"
|
||||||
|
else
|
||||||
|
_info "RSA key type detected"
|
||||||
|
_cert_name_prefix=""
|
||||||
|
fi
|
||||||
_info "Copying key and cert"
|
_info "Copying key and cert"
|
||||||
_real_key="$_ssl_path/key.pem"
|
_real_key="$_ssl_path/${_cert_name_prefix}key.pem"
|
||||||
if ! cat "$_ckey" >"$_real_key"; then
|
if ! cat "$_ckey" >"$_real_key"; then
|
||||||
_err "Error: write key file to: $_real_key"
|
_err "Error: write key file to: $_real_key"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_real_fullchain="$_ssl_path/cert.pem"
|
_real_fullchain="$_ssl_path/${_cert_name_prefix}cert.pem"
|
||||||
if ! cat "$_cfullchain" >"$_real_fullchain"; then
|
if ! cat "$_cfullchain" >"$_real_fullchain"; then
|
||||||
_err "Error: write cert file to: $_real_fullchain"
|
_err "Error: write cert file to: $_real_fullchain"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DEFAULT_MAILCOW_RELOAD="cd ${_mailcow_path} && docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow"
|
DEFAULT_MAILCOW_RELOAD="docker restart $(docker ps -qaf name=postfix-mailcow); docker restart $(docker ps -qaf name=nginx-mailcow); docker restart $(docker ps -qaf name=dovecot-mailcow)"
|
||||||
_reload="${DEPLOY_MAILCOW_RELOAD:-$DEFAULT_MAILCOW_RELOAD}"
|
_reload="${DEPLOY_MAILCOW_RELOAD:-$DEFAULT_MAILCOW_RELOAD}"
|
||||||
|
|
||||||
_info "Run reload: $_reload"
|
_info "Run reload: $_reload"
|
||||||
|
@ -21,10 +21,6 @@
|
|||||||
|
|
||||||
######## Public functions #####################
|
######## Public functions #####################
|
||||||
|
|
||||||
_syno_get_cookie_data() {
|
|
||||||
grep -i "\W$1=" | grep -i "^Set-Cookie:" | _tail_n 1 | _egrep_o "$1=[^;]*;" | tr -d ';'
|
|
||||||
}
|
|
||||||
|
|
||||||
#domain keyfile certfile cafile fullchain
|
#domain keyfile certfile cafile fullchain
|
||||||
synology_dsm_deploy() {
|
synology_dsm_deploy() {
|
||||||
|
|
||||||
@ -73,13 +69,25 @@ synology_dsm_deploy() {
|
|||||||
_base_url="$SYNO_Scheme://$SYNO_Hostname:$SYNO_Port"
|
_base_url="$SYNO_Scheme://$SYNO_Hostname:$SYNO_Port"
|
||||||
_debug _base_url "$_base_url"
|
_debug _base_url "$_base_url"
|
||||||
|
|
||||||
|
_debug "Getting API version"
|
||||||
|
response=$(_get "$_base_url/webapi/query.cgi?api=SYNO.API.Info&version=1&method=query&query=SYNO.API.Auth")
|
||||||
|
api_version=$(echo "$response" | grep "SYNO.API.Auth" | sed -n 's/.*"maxVersion" *: *\([0-9]*\).*/\1/p')
|
||||||
|
_debug3 response "$response"
|
||||||
|
_debug3 api_version "$api_version"
|
||||||
|
|
||||||
# Login, get the token from JSON and session id from cookie
|
# Login, get the token from JSON and session id from cookie
|
||||||
_info "Logging into $SYNO_Hostname:$SYNO_Port"
|
_info "Logging into $SYNO_Hostname:$SYNO_Port"
|
||||||
encoded_username="$(printf "%s" "$SYNO_Username" | _url_encode)"
|
encoded_username="$(printf "%s" "$SYNO_Username" | _url_encode)"
|
||||||
encoded_password="$(printf "%s" "$SYNO_Password" | _url_encode)"
|
encoded_password="$(printf "%s" "$SYNO_Password" | _url_encode)"
|
||||||
encoded_did="$(printf "%s" "$SYNO_DID" | _url_encode)"
|
|
||||||
response=$(_get "$_base_url/webman/login.cgi?username=$encoded_username&passwd=$encoded_password&enable_syno_token=yes&device_id=$encoded_did" 1)
|
if [ -n "$SYNO_DID" ]; then
|
||||||
token=$(echo "$response" | grep -i "X-SYNO-TOKEN:" | sed -n 's/^X-SYNO-TOKEN: \(.*\)$/\1/pI' | tr -d "\r\n")
|
_H1="Cookie: did=$SYNO_DID"
|
||||||
|
export _H1
|
||||||
|
_debug3 H1 "${_H1}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
response=$(_post "method=login&account=$encoded_username&passwd=$encoded_password&api=SYNO.API.Auth&version=$api_version&enable_syno_token=yes" "$_base_url/webapi/auth.cgi?enable_syno_token=yes")
|
||||||
|
token=$(echo "$response" | grep "synotoken" | sed -n 's/.*"synotoken" *: *"\([^"]*\).*/\1/p')
|
||||||
_debug3 response "$response"
|
_debug3 response "$response"
|
||||||
_debug token "$token"
|
_debug token "$token"
|
||||||
|
|
||||||
@ -88,13 +96,11 @@ synology_dsm_deploy() {
|
|||||||
_err "Check your username and password."
|
_err "Check your username and password."
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
sid=$(echo "$response" | grep "sid" | sed -n 's/.*"sid" *: *"\([^"]*\).*/\1/p')
|
||||||
|
|
||||||
_H1="Cookie: $(echo "$response" | _syno_get_cookie_data "id"); $(echo "$response" | _syno_get_cookie_data "smid")"
|
_H1="X-SYNO-TOKEN: $token"
|
||||||
_H2="X-SYNO-TOKEN: $token"
|
|
||||||
export _H1
|
export _H1
|
||||||
export _H2
|
|
||||||
_debug2 H1 "${_H1}"
|
_debug2 H1 "${_H1}"
|
||||||
_debug2 H2 "${_H2}"
|
|
||||||
|
|
||||||
# Now that we know the username and password are good, save them
|
# Now that we know the username and password are good, save them
|
||||||
_savedeployconf SYNO_Username "$SYNO_Username"
|
_savedeployconf SYNO_Username "$SYNO_Username"
|
||||||
@ -102,7 +108,7 @@ synology_dsm_deploy() {
|
|||||||
_savedeployconf SYNO_DID "$SYNO_DID"
|
_savedeployconf SYNO_DID "$SYNO_DID"
|
||||||
|
|
||||||
_info "Getting certificates in Synology DSM"
|
_info "Getting certificates in Synology DSM"
|
||||||
response=$(_post "api=SYNO.Core.Certificate.CRT&method=list&version=1" "$_base_url/webapi/entry.cgi")
|
response=$(_post "api=SYNO.Core.Certificate.CRT&method=list&version=1&_sid=$sid" "$_base_url/webapi/entry.cgi")
|
||||||
_debug3 response "$response"
|
_debug3 response "$response"
|
||||||
id=$(echo "$response" | sed -n "s/.*\"desc\":\"$SYNO_Certificate\",\"id\":\"\([^\"]*\).*/\1/p")
|
id=$(echo "$response" | sed -n "s/.*\"desc\":\"$SYNO_Certificate\",\"id\":\"\([^\"]*\).*/\1/p")
|
||||||
_debug2 id "$id"
|
_debug2 id "$id"
|
||||||
@ -135,7 +141,7 @@ synology_dsm_deploy() {
|
|||||||
content="${content%_}" # protect trailing \n
|
content="${content%_}" # protect trailing \n
|
||||||
|
|
||||||
_info "Upload certificate to the Synology DSM"
|
_info "Upload certificate to the Synology DSM"
|
||||||
response=$(_post "$content" "$_base_url/webapi/entry.cgi?api=SYNO.Core.Certificate&method=import&version=1&SynoToken=$token" "" "POST" "multipart/form-data; boundary=${delim}")
|
response=$(_post "$content" "$_base_url/webapi/entry.cgi?api=SYNO.Core.Certificate&method=import&version=1&SynoToken=$token&_sid=$sid" "" "POST" "multipart/form-data; boundary=${delim}")
|
||||||
_debug3 response "$response"
|
_debug3 response "$response"
|
||||||
|
|
||||||
if ! echo "$response" | grep '"error":' >/dev/null; then
|
if ! echo "$response" | grep '"error":' >/dev/null; then
|
||||||
|
@ -96,7 +96,7 @@ dns_duckdns_rm() {
|
|||||||
_duckdns_get_domain() {
|
_duckdns_get_domain() {
|
||||||
|
|
||||||
# We'll extract the domain/username from full domain
|
# We'll extract the domain/username from full domain
|
||||||
_duckdns_domain="$(printf "%s" "$fulldomain" | _lower_case | _egrep_o '^(_acme-challenge\.)?[a-z0-9-]*\.duckdns\.org' | sed 's/^\(_acme-challenge\.\)\?\([a-z0-9-]*\)\.duckdns\.org/\2/')"
|
_duckdns_domain="$(printf "%s" "$fulldomain" | _lower_case | _egrep_o '^(_acme-challenge\.)?([a-z0-9-]+\.)+duckdns\.org' | sed -n 's/^\([^.]\{1,\}\.\)*\([a-z0-9-]\{1,\}\)\.duckdns\.org$/\2/p;')"
|
||||||
|
|
||||||
if [ -z "$_duckdns_domain" ]; then
|
if [ -z "$_duckdns_domain" ]; then
|
||||||
_err "Error extracting the domain."
|
_err "Error extracting the domain."
|
||||||
|
176
dnsapi/dns_scaleway.sh
Executable file
176
dnsapi/dns_scaleway.sh
Executable file
@ -0,0 +1,176 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# Scaleway API
|
||||||
|
# https://developers.scaleway.com/en/products/domain/dns/api/
|
||||||
|
#
|
||||||
|
# Requires Scaleway API token set in SCALEWAY_API_TOKEN
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
SCALEWAY_API="https://api.scaleway.com/domain/v2beta1"
|
||||||
|
|
||||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_scaleway_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
if ! _scaleway_check_config; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_info "Adding record"
|
||||||
|
_scaleway_create_TXT_record "$_domain" "$_sub_domain" "$txtvalue"
|
||||||
|
if _contains "$response" "records"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err error "$response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_info "Record added."
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_scaleway_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
if ! _scaleway_check_config; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_info "Deleting record"
|
||||||
|
_scaleway_delete_TXT_record "$_domain" "$_sub_domain" "$txtvalue"
|
||||||
|
if _contains "$response" "records"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err error "$response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_info "Record deleted."
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
|
||||||
|
_scaleway_check_config() {
|
||||||
|
SCALEWAY_API_TOKEN="${SCALEWAY_API_TOKEN:-$(_readaccountconf_mutable SCALEWAY_API_TOKEN)}"
|
||||||
|
if [ -z "$SCALEWAY_API_TOKEN" ]; then
|
||||||
|
_err "No API key specified for Scaleway API."
|
||||||
|
_err "Create your key and export it as SCALEWAY_API_TOKEN"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
if ! _scaleway_rest GET "dns-zones"; then
|
||||||
|
_err "Invalid API key specified for Scaleway API."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_saveaccountconf_mutable SCALEWAY_API_TOKEN "$SCALEWAY_API_TOKEN"
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#_acme-challenge.www.domain.com
|
||||||
|
#returns
|
||||||
|
# _sub_domain=_acme-challenge.www
|
||||||
|
# _domain=domain.com
|
||||||
|
_get_root() {
|
||||||
|
domain=$1
|
||||||
|
i=1
|
||||||
|
p=1
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_scaleway_rest GET "dns-zones/$h/records"
|
||||||
|
|
||||||
|
if ! _contains "$response" "subdomain not found" >/dev/null; then
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
|
_domain="$h"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
p=$i
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
_err "Unable to retrive DNS zone matching this domain"
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
# this function add a TXT record
|
||||||
|
_scaleway_create_TXT_record() {
|
||||||
|
txt_zone=$1
|
||||||
|
txt_name=$2
|
||||||
|
txt_value=$3
|
||||||
|
|
||||||
|
_scaleway_rest PATCH "dns-zones/$txt_zone/records" "{\"return_all_records\":false,\"changes\":[{\"add\":{\"records\":[{\"name\":\"$txt_name\",\"data\":\"$txt_value\",\"type\":\"TXT\",\"ttl\":60}]}}]}"
|
||||||
|
|
||||||
|
if _contains "$response" "records"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "error1 $response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# this function delete a TXT record based on name and content
|
||||||
|
_scaleway_delete_TXT_record() {
|
||||||
|
txt_zone=$1
|
||||||
|
txt_name=$2
|
||||||
|
txt_value=$3
|
||||||
|
|
||||||
|
_scaleway_rest PATCH "dns-zones/$txt_zone/records" "{\"return_all_records\":false,\"changes\":[{\"delete\":{\"id_fields\":{\"name\":\"$txt_name\",\"data\":\"$txt_value\",\"type\":\"TXT\"}}}]}"
|
||||||
|
|
||||||
|
if _contains "$response" "records"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "error2 $response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
_scaleway_rest() {
|
||||||
|
m=$1
|
||||||
|
ep="$2"
|
||||||
|
data="$3"
|
||||||
|
_debug "$ep"
|
||||||
|
_scaleway_url="$SCALEWAY_API/$ep"
|
||||||
|
_debug2 _scaleway_url "$_scaleway_url"
|
||||||
|
export _H1="x-auth-token: $SCALEWAY_API_TOKEN"
|
||||||
|
export _H2="Accept: application/json"
|
||||||
|
export _H3="Content-Type: application/json"
|
||||||
|
|
||||||
|
if [ "$data" ] || [ "$m" != "GET" ]; then
|
||||||
|
_debug data "$data"
|
||||||
|
response="$(_post "$data" "$_scaleway_url" "" "$m")"
|
||||||
|
else
|
||||||
|
response="$(_get "$_scaleway_url")"
|
||||||
|
fi
|
||||||
|
if [ "$?" != "0" ] || _contains "$response" "denied_authentication" || _contains "$response" "Method not allowed" || _contains "$response" "json parse error: unexpected EOF"; then
|
||||||
|
_err "error $response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug2 response "$response"
|
||||||
|
return 0
|
||||||
|
}
|
247
dnsapi/dns_simply.sh
Normal file
247
dnsapi/dns_simply.sh
Normal file
@ -0,0 +1,247 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
#
|
||||||
|
#SIMPLY_AccountName="accountname"
|
||||||
|
#
|
||||||
|
#SIMPLY_ApiKey="apikey"
|
||||||
|
#
|
||||||
|
#SIMPLY_Api="https://api.simply.com/1/[ACCOUNTNAME]/[APIKEY]"
|
||||||
|
|
||||||
|
SIMPLY_Api_Default="https://api.simply.com/1"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_simply_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
if ! _simply_load_config; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_simply_save_config
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_info "Adding record"
|
||||||
|
|
||||||
|
if ! _simply_add_record "$_domain" "$_sub_domain" "$txtvalue"; then
|
||||||
|
_err "Could not add DNS record"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_simply_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
if ! _simply_load_config; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_simply_save_config
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
_debug txtvalue "$txtvalue"
|
||||||
|
|
||||||
|
_info "Getting all existing records"
|
||||||
|
|
||||||
|
if ! _simply_get_all_records "$_domain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
records=$(echo "$response" | tr '{' "\n" | grep 'record_id\|type\|data\|\name' | sed 's/\"record_id/;\"record_id/' | tr "\n" ' ' | tr -d ' ' | tr ';' ' ')
|
||||||
|
|
||||||
|
nr_of_deleted_records=0
|
||||||
|
_info "Fetching txt record"
|
||||||
|
|
||||||
|
for record in $records; do
|
||||||
|
_debug record "$record"
|
||||||
|
|
||||||
|
record_data=$(echo "$record" | cut -d "," -f 3 | sed 's/"//g' | grep "data" | cut -d ":" -f 2)
|
||||||
|
record_type=$(echo "$record" | cut -d "," -f 4 | sed 's/"//g' | grep "type" | cut -d ":" -f 2)
|
||||||
|
|
||||||
|
_debug2 record_data "$record_data"
|
||||||
|
_debug2 record_type "$record_type"
|
||||||
|
|
||||||
|
if [ "$record_data" = "$txtvalue" ] && [ "$record_type" = "TXT" ]; then
|
||||||
|
|
||||||
|
record_id=$(echo "$record" | cut -d "," -f 1 | grep "record_id" | cut -d ":" -f 2)
|
||||||
|
|
||||||
|
_info "Deleting record $record"
|
||||||
|
_debug2 record_id "$record_id"
|
||||||
|
|
||||||
|
if [ "$record_id" -gt 0 ]; then
|
||||||
|
|
||||||
|
if ! _simply_delete_record "$_domain" "$_sub_domain" "$record_id"; then
|
||||||
|
_err "Record with id $record_id could not be deleted"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
nr_of_deleted_records=1
|
||||||
|
break
|
||||||
|
else
|
||||||
|
_err "Fetching record_id could not be done, this should not happen, exiting function. Failing record is $record"
|
||||||
|
break
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ "$nr_of_deleted_records" -eq 0 ]; then
|
||||||
|
_err "No record deleted, the DNS record needs to be removed manually."
|
||||||
|
else
|
||||||
|
_info "Deleted $nr_of_deleted_records record"
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
|
||||||
|
_simply_load_config() {
|
||||||
|
SIMPLY_Api="${SIMPLY_Api:-$(_readaccountconf_mutable SIMPLY_Api)}"
|
||||||
|
SIMPLY_AccountName="${SIMPLY_AccountName:-$(_readaccountconf_mutable SIMPLY_AccountName)}"
|
||||||
|
SIMPLY_ApiKey="${SIMPLY_ApiKey:-$(_readaccountconf_mutable SIMPLY_ApiKey)}"
|
||||||
|
|
||||||
|
if [ -z "$SIMPLY_Api" ]; then
|
||||||
|
SIMPLY_Api="$SIMPLY_Api_Default"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$SIMPLY_AccountName" ] || [ -z "$SIMPLY_ApiKey" ]; then
|
||||||
|
SIMPLY_AccountName=""
|
||||||
|
SIMPLY_ApiKey=""
|
||||||
|
|
||||||
|
_err "A valid Simply API account and apikey not provided."
|
||||||
|
_err "Please provide a valid API user and try again."
|
||||||
|
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
_simply_save_config() {
|
||||||
|
if [ "$SIMPLY_Api" != "$SIMPLY_Api_Default" ]; then
|
||||||
|
_saveaccountconf_mutable SIMPLY_Api "$SIMPLY_Api"
|
||||||
|
fi
|
||||||
|
_saveaccountconf_mutable SIMPLY_AccountName "$SIMPLY_AccountName"
|
||||||
|
_saveaccountconf_mutable SIMPLY_ApiKey "$SIMPLY_ApiKey"
|
||||||
|
}
|
||||||
|
|
||||||
|
_simply_get_all_records() {
|
||||||
|
domain=$1
|
||||||
|
|
||||||
|
if ! _simply_rest GET "my/products/$domain/dns/records"; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
_get_root() {
|
||||||
|
domain=$1
|
||||||
|
i=2
|
||||||
|
p=1
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! _simply_rest GET "my/products/$h/dns"; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if _contains "$response" '"code":"NOT_FOUND"'; then
|
||||||
|
_debug "$h not found"
|
||||||
|
else
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
|
_domain="$h"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
p="$i"
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_simply_add_record() {
|
||||||
|
domain=$1
|
||||||
|
sub_domain=$2
|
||||||
|
txtval=$3
|
||||||
|
|
||||||
|
data="{\"name\": \"$sub_domain\", \"type\":\"TXT\", \"data\": \"$txtval\", \"priority\":0, \"ttl\": 3600}"
|
||||||
|
|
||||||
|
if ! _simply_rest POST "my/products/$domain/dns/records" "$data"; then
|
||||||
|
_err "Adding record not successfull!"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
_simply_delete_record() {
|
||||||
|
domain=$1
|
||||||
|
sub_domain=$2
|
||||||
|
record_id=$3
|
||||||
|
|
||||||
|
_debug record_id "Delete record with id $record_id"
|
||||||
|
|
||||||
|
if ! _simply_rest DELETE "my/products/$domain/dns/records/$record_id"; then
|
||||||
|
_err "Deleting record not successfull!"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
_simply_rest() {
|
||||||
|
m=$1
|
||||||
|
ep="$2"
|
||||||
|
data="$3"
|
||||||
|
|
||||||
|
_debug2 data "$data"
|
||||||
|
_debug2 ep "$ep"
|
||||||
|
_debug2 m "$m"
|
||||||
|
|
||||||
|
export _H1="Content-Type: application/json"
|
||||||
|
|
||||||
|
if [ "$m" != "GET" ]; then
|
||||||
|
response="$(_post "$data" "$SIMPLY_Api/$SIMPLY_AccountName/$SIMPLY_ApiKey/$ep" "" "$m")"
|
||||||
|
else
|
||||||
|
response="$(_get "$SIMPLY_Api/$SIMPLY_AccountName/$SIMPLY_ApiKey/$ep")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$?" != "0" ]; then
|
||||||
|
_err "error $ep"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug2 response "$response"
|
||||||
|
|
||||||
|
if _contains "$response" "Invalid account authorization"; then
|
||||||
|
_err "It seems that your api key or accountnumber is not correct."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
@ -52,17 +52,26 @@ AddDnsRecordForm[uniqueFormIdTTL]=$formidttl&AddDnsRecordForm[_token]=$form_toke
|
|||||||
ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/dns" '' POST 'application/x-www-form-urlencoded')
|
ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/dns" '' POST 'application/x-www-form-urlencoded')
|
||||||
_resethttp
|
_resethttp
|
||||||
|
|
||||||
if grep '302' >/dev/null <"$HTTP_HEADER"; then
|
if _contains "$(_head_n 3 <"$HTTP_HEADER")" '302'; then
|
||||||
res=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
res=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
||||||
if _contains "$res" "successfully"; then
|
if _contains "$res" "successfully"; then
|
||||||
return 0
|
return 0
|
||||||
else
|
else
|
||||||
msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
|
msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
|
||||||
|
if _contains "$msg" '^<\!DOCTYPE html>'; then
|
||||||
|
msg='Unknown error'
|
||||||
|
fi
|
||||||
_err "Unable to add record: $msg"
|
_err "Unable to add record: $msg"
|
||||||
|
if _contains "$msg" '^<\!DOCTYPE html>'; then
|
||||||
|
echo "$ret" >'error-01.html'
|
||||||
|
echo "$res" >'error-02.html'
|
||||||
|
_err "View error-01.html and error-02.html for debugging"
|
||||||
|
fi
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
_err "$(_head_n 1 <"$HTTP_HEADER")"
|
_err "$(_head_n 3 <"$HTTP_HEADER")"
|
||||||
|
_err "View $HTTP_HEADER for debugging"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@ -111,17 +120,26 @@ DeleteDnsRecordForm[_token]=$form_token"
|
|||||||
ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/deleteRecord" '' POST 'application/x-www-form-urlencoded')
|
ret=$(_post "$body" "$WORLD4YOU_API/$paketnr/deleteRecord" '' POST 'application/x-www-form-urlencoded')
|
||||||
_resethttp
|
_resethttp
|
||||||
|
|
||||||
if grep '302' >/dev/null <"$HTTP_HEADER"; then
|
if _contains "$(_head_n 3 <"$HTTP_HEADER")" '302'; then
|
||||||
res=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
res=$(_get "$WORLD4YOU_API/$paketnr/dns")
|
||||||
if _contains "$res" "successfully"; then
|
if _contains "$res" "successfully"; then
|
||||||
return 0
|
return 0
|
||||||
else
|
else
|
||||||
msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
|
msg=$(echo "$res" | tr '\n' '\t' | sed 's/.*<h3 class="mb-5">[^\t]*\t *\([^\t]*\)\t.*/\1/')
|
||||||
|
if _contains "$msg" '^<\!DOCTYPE html>'; then
|
||||||
|
msg='Unknown error'
|
||||||
|
fi
|
||||||
_err "Unable to remove record: $msg"
|
_err "Unable to remove record: $msg"
|
||||||
|
if _contains "$msg" '^<\!DOCTYPE html>'; then
|
||||||
|
echo "$ret" >'error-01.html'
|
||||||
|
echo "$res" >'error-02.html'
|
||||||
|
_err "View error-01.html and error-02.html for debugging"
|
||||||
|
fi
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
_err "$(_head_n 1 <"$HTTP_HEADER")"
|
_err "$(_head_n 3 <"$HTTP_HEADER")"
|
||||||
|
_err "View $HTTP_HEADER for debugging"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
@ -175,7 +193,7 @@ _get_paketnr() {
|
|||||||
domains=$(echo "$form" | grep '^ *[A-Za-z0-9_\.-]*\.[A-Za-z0-9_-]*$' | sed 's/^\s*\(\S*\)$/\1/')
|
domains=$(echo "$form" | grep '^ *[A-Za-z0-9_\.-]*\.[A-Za-z0-9_-]*$' | sed 's/^\s*\(\S*\)$/\1/')
|
||||||
domain=''
|
domain=''
|
||||||
for domain in $domains; do
|
for domain in $domains; do
|
||||||
if echo "$fqdn" | grep "$domain\$" >/dev/null; then
|
if _contains "$fqdn" "$domain\$"; then
|
||||||
break
|
break
|
||||||
fi
|
fi
|
||||||
domain=''
|
domain=''
|
||||||
@ -185,7 +203,8 @@ _get_paketnr() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
TLD="$domain"
|
TLD="$domain"
|
||||||
|
_debug domain "$domain"
|
||||||
RECORD=$(echo "$fqdn" | cut -c"1-$((${#fqdn} - ${#TLD} - 1))")
|
RECORD=$(echo "$fqdn" | cut -c"1-$((${#fqdn} - ${#TLD} - 1))")
|
||||||
PAKETNR=$(echo "$form" | grep "data-textfilter=\" $domain " | _head_n 1 | sed 's/^.* \([0-9]*\) .*$/\1/')
|
PAKETNR=$(echo "$form" | grep "data-textfilter=\".* $domain " | _head_n 1 | sed 's/^.* \([0-9]*\) .*$/\1/')
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user