mirror of
https://github.com/plantroon/acme.sh.git
synced 2025-01-04 11:21:53 +00:00
Linode API v4 Redo
The Cloud and Classic Manager work with different APIs, and so require a separate module, which we introduce here. The README has also been modified to state that the two are separate and incompatible, and provides instructions on using either.
This commit is contained in:
parent
9a473640fb
commit
c8c1140f15
@ -267,16 +267,26 @@ when needed.
|
|||||||
|
|
||||||
## 14. Use Linode domain API
|
## 14. Use Linode domain API
|
||||||
|
|
||||||
First you need to login to your Linode account to get your API Key.
|
The tokens created in the classic manager and cloud manager are incompatible
|
||||||
[https://manager.linode.com/profile/api](https://manager.linode.com/profile/api)
|
with one another. While the classic manager makes an all or nothing API, the
|
||||||
|
newer cloud manager interface promises to produce API keys with a finer
|
||||||
|
permission system. However, either way works just fine.
|
||||||
|
|
||||||
Then add an API key with label *ACME* and copy the new key.
|
### Classic Manager ###
|
||||||
|
|
||||||
|
Classic Manager: https://manager.linode.com/profile/api
|
||||||
|
|
||||||
|
First you need to login to your Linode account to get your API Key.
|
||||||
|
|
||||||
|
Then add an API key with label *ACME* and copy the new key into the following
|
||||||
|
command.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
export LINODE_API_KEY="..."
|
export LINODE_API_KEY="..."
|
||||||
```
|
```
|
||||||
|
|
||||||
Due to the reload time of any changes in the DNS records, we have to use the `dnssleep` option to wait at least 15 minutes for the changes to take effect.
|
Due to the reload time of any changes in the DNS records, we have to use the
|
||||||
|
`dnssleep` option to wait at least 15 minutes for the changes to take effect.
|
||||||
|
|
||||||
Ok, let's issue a cert now:
|
Ok, let's issue a cert now:
|
||||||
|
|
||||||
@ -284,7 +294,35 @@ Ok, let's issue a cert now:
|
|||||||
acme.sh --issue --dns dns_linode --dnssleep 900 -d example.com -d www.example.com
|
acme.sh --issue --dns dns_linode --dnssleep 900 -d example.com -d www.example.com
|
||||||
```
|
```
|
||||||
|
|
||||||
The `LINODE_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
|
The `LINODE_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be
|
||||||
|
reused when needed.
|
||||||
|
|
||||||
|
### Cloud Manager ###
|
||||||
|
|
||||||
|
Cloud Manager: https://cloud.linode.com/profile/tokens
|
||||||
|
|
||||||
|
First you need to login to your Linode account to get your API Key.
|
||||||
|
|
||||||
|
1. Click on "Add a Personal Access Token".
|
||||||
|
2. Give the new key a "Label" (we recommend *ACME*)
|
||||||
|
3. Give it Read/Write access to "Domains"
|
||||||
|
4. "Submit" and copy the new key into the `LINODE_V4_API_KEY` command below.
|
||||||
|
|
||||||
|
```sh
|
||||||
|
export LINODE_V4_API_KEY="..."
|
||||||
|
```
|
||||||
|
|
||||||
|
Due to the reload time of any changes in the DNS records, we have to use the
|
||||||
|
`dnssleep` option to wait at least 15 minutes for the changes to take effect.
|
||||||
|
|
||||||
|
Ok, let's issue a cert now:
|
||||||
|
|
||||||
|
```sh
|
||||||
|
acme.sh --issue --dns dns_linode_v4 --dnssleep 900 -d example.com -d www.example.com
|
||||||
|
```
|
||||||
|
|
||||||
|
The `LINODE_V4_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be
|
||||||
|
reused when needed.
|
||||||
|
|
||||||
## 15. Use FreeDNS
|
## 15. Use FreeDNS
|
||||||
|
|
||||||
|
185
dnsapi/dns_linode_v4.sh
Executable file
185
dnsapi/dns_linode_v4.sh
Executable file
@ -0,0 +1,185 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
#Original Author: Philipp Grosswiler <philipp.grosswiler@swiss-design.net>
|
||||||
|
#v4 Update Author: Aaron W. Swenson <aaron@grandmasfridge.org>
|
||||||
|
|
||||||
|
LINODE_V4_API_URL="https://api.linode.com/v4/domains"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
#Usage: dns_linode_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_linode_add() {
|
||||||
|
fulldomain="${1}"
|
||||||
|
txtvalue="${2}"
|
||||||
|
|
||||||
|
if ! _Linode_API; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_info "Using Linode"
|
||||||
|
_debug "Calling: dns_linode_add() '${fulldomain}' '${txtvalue}'"
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "Domain does not exist."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _domain_id "$_domain_id"
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_payload="{
|
||||||
|
\"type\": \"TXT\",
|
||||||
|
\"name\": \"$_sub_domain\",
|
||||||
|
\"target\": \"$txtvalue\"
|
||||||
|
}"
|
||||||
|
|
||||||
|
if _rest POST "/$_domain_id/records" "$_payload" && [ -n "$response" ]; then
|
||||||
|
_resource_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\s*[0-9]+" | cut -d : -f 2 | tr -d " " | _head_n 1)
|
||||||
|
_debug _resource_id "$_resource_id"
|
||||||
|
|
||||||
|
if [ -z "$_resource_id" ]; then
|
||||||
|
_err "Error adding the domain resource."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_info "Domain resource successfully added."
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
#Usage: dns_linode_rm _acme-challenge.www.domain.com
|
||||||
|
dns_linode_rm() {
|
||||||
|
fulldomain="${1}"
|
||||||
|
|
||||||
|
if ! _Linode_API; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_info "Using Linode"
|
||||||
|
_debug "Calling: dns_linode_rm() '${fulldomain}'"
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "Domain does not exist."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _domain_id "$_domain_id"
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
if _rest GET "/$_domain_id/records" && [ -n "$response" ]; then
|
||||||
|
response="$(echo "$response" | tr -d "\n" | tr '{' "|" | sed 's/|/&{/g' | tr "|" "\n")"
|
||||||
|
|
||||||
|
resource="$(echo "$response" | _egrep_o "{.*\"name\":\s*\"$_sub_domain\".*}")"
|
||||||
|
if [ "$resource" ]; then
|
||||||
|
_resource_id=$(printf "%s\n" "$resource" | _egrep_o "\"id\":\s*[0-9]+" | _head_n 1 | cut -d : -f 2 | tr -d \ )
|
||||||
|
if [ "$_resource_id" ]; then
|
||||||
|
_debug _resource_id "$_resource_id"
|
||||||
|
|
||||||
|
if _rest DELETE "/$_domain_id/records/$_resource_id" && [ -n "$response" ]; then
|
||||||
|
# On 200/OK, empty set is returned. Check for error, if any.
|
||||||
|
_error_response=$(printf "%s\n" "$response" | _egrep_o "\"errors\"" | cut -d : -f 2 | tr -d " " | _head_n 1)
|
||||||
|
|
||||||
|
if [ -n "$_error_response" ]; then
|
||||||
|
_err "Error deleting the domain resource: $_error_response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_info "Domain resource successfully deleted."
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
|
||||||
|
_Linode_API() {
|
||||||
|
if [ -z "$LINODE_V4_API_KEY" ]; then
|
||||||
|
LINODE_V4_API_KEY=""
|
||||||
|
|
||||||
|
_err "You didn't specify the Linode v4 API key yet."
|
||||||
|
_err "Please create your key and try again."
|
||||||
|
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_saveaccountconf LINODE_V4_API_KEY "$LINODE_V4_API_KEY"
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
#_acme-challenge.www.domain.com
|
||||||
|
#returns
|
||||||
|
# _sub_domain=_acme-challenge.www
|
||||||
|
# _domain=domain.com
|
||||||
|
# _domain_id=12345
|
||||||
|
_get_root() {
|
||||||
|
domain=$1
|
||||||
|
i=2
|
||||||
|
p=1
|
||||||
|
|
||||||
|
if _rest GET; then
|
||||||
|
response="$(echo "$response" | tr -d "\n" | tr '{' "|" | sed 's/|/&{/g' | tr "|" "\n")"
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||||
|
_debug h "$h"
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
hostedzone="$(echo "$response" | _egrep_o "{.*\"domain\":\s*\"$h\".*}")"
|
||||||
|
if [ "$hostedzone" ]; then
|
||||||
|
_domain_id=$(printf "%s\n" "$hostedzone" | _egrep_o "\"id\":\s*[0-9]+" | _head_n 1 | cut -d : -f 2 | tr -d \ )
|
||||||
|
if [ "$_domain_id" ]; then
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
|
_domain=$h
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
p=$i
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
#method method action data
|
||||||
|
_rest() {
|
||||||
|
mtd="$1"
|
||||||
|
ep="$2"
|
||||||
|
data="$3"
|
||||||
|
|
||||||
|
_debug mtd "$mtd"
|
||||||
|
_debug ep "$ep"
|
||||||
|
|
||||||
|
export _H1="Accept: application/json"
|
||||||
|
export _H2="Content-Type: application/json"
|
||||||
|
export _H3="Authorization: Bearer $LINODE_V4_API_KEY"
|
||||||
|
|
||||||
|
if [ "$mtd" != "GET" ]; then
|
||||||
|
# both POST and DELETE.
|
||||||
|
_debug data "$data"
|
||||||
|
response="$(_post "$data" "$LINODE_V4_API_URL$ep" "" "$mtd")"
|
||||||
|
else
|
||||||
|
response="$(_get "$LINODE_V4_API_URL$ep$data")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$?" != "0" ]; then
|
||||||
|
_err "error $ep"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug2 response "$response"
|
||||||
|
return 0
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user