From 38f2334360301396cd2baa6dd3eb899fd01cb00a Mon Sep 17 00:00:00 2001 From: Philipp Grosswiler Date: Mon, 16 Jan 2017 15:42:17 +0700 Subject: [PATCH 1/5] Added support for Linode DNS API. --- README.md | 1 + dnsapi/README.md | 19 ++++++++++++++ dnsapi/dns_linode.sh | 60 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 80 insertions(+) create mode 100755 dnsapi/dns_linode.sh diff --git a/README.md b/README.md index 9b5891c9..ea0e0de7 100644 --- a/README.md +++ b/README.md @@ -266,6 +266,7 @@ You don't have to do anything manually! 1. aliyun.com(阿里云) API 1. ISPConfig 3.1 API 1. Alwaysdata.com API +1. Linode.com API **More APIs coming soon...** diff --git a/dnsapi/README.md b/dnsapi/README.md index e32b4655..1895d376 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -257,6 +257,25 @@ acme.sh --issue --dns dns_ad -d example.com -d www.example.com The `AD_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. +## 14. Use Linode domain API + +You will need to install the Linode CLI and set it up accordingly. + +[https://www.linode.com/docs/platform/linode-cli](https://www.linode.com/docs/platform/linode-cli) + +Follow the installation instructions appropriate for your platform and then run the configuration. + +```linode configure +``` + +Make sure Linode CLI is working correctly before proceeding. + +Due to the reload time of any changes in the DNS records, we have to use the `dnssleep` option to wait at least 15 minutes for the changes to take effect. + +```sh +acme.sh --issue --dns dns_linode --dnssleep 900 -d example.com -d www.example.com +``` + # Use custom API If your API is not supported yet, you can write your own DNS API. diff --git a/dnsapi/dns_linode.sh b/dnsapi/dns_linode.sh new file mode 100755 index 00000000..0af1ad7c --- /dev/null +++ b/dnsapi/dns_linode.sh @@ -0,0 +1,60 @@ +#!/usr/bin/env bash + +linode_cmd="/usr/bin/linode" + +######## Public functions ##################### + +#Usage: dns_linode_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" +dns_linode_add() { + fulldomain="${1}" + txtvalue="${2}" + + _info "Using Linode" + _debug "Calling: dns_linode_add() '${fulldomain}' '${txtvalue}'" + + domain=$(printf "%s" "${fulldomain}" | cut -d . -f 3-999) + name=$(printf "%s" "${fulldomain}" | cut -d . -f 1-2) + _debug name "${name}" + _debug domain "${domain}" + + _Linode_CLI && _Linode_addTXT +} + +#Usage: dns_linode_rm _acme-challenge.www.domain.com +dns_linode_rm() { + fulldomain="${1}" + + _info "Using Linode" + _debug "Calling: dns_linode_rm() '${fulldomain}'" + + domain=$(printf "%s" "${fulldomain}" | cut -d . -f 3-999) + name=$(printf "%s" "${fulldomain}" | cut -d . -f 1-2) + _debug name "${name}" + _debug domain "${domain}" + + _Linode_CLI && _Linode_rmTXT +} + +#################### Private functions below ################################## + +_Linode_CLI() { + if [ ! -f "${linode_cmd}" ]; then + _err "Please install the Linode CLI package and set it up accordingly before using this DNS API." + return 1 + fi +} + +_Linode_addTXT() { + _debug "$linode_cmd domain record-update ${domain} TXT ${name} --target ${txtvalue}" + $linode_cmd domain record-update ${domain} TXT ${name} --target ${txtvalue} + + if [ $? -ne 0 ]; then + _debug "$linode_cmd domain record-create ${domain} TXT ${name} ${txtvalue}" + $linode_cmd domain record-create ${domain} TXT ${name} ${txtvalue} + fi +} + +_Linode_rmTXT() { + _debug "$linode_cmd domain record-delete ${domain} TXT ${name}" + $linode_cmd domain record-delete ${domain} TXT ${name} +} From 59182dbc97dbbf017441a46c53f6dcac837431e6 Mon Sep 17 00:00:00 2001 From: Philipp Grosswiler Date: Tue, 31 Jan 2017 10:43:30 +0700 Subject: [PATCH 2/5] Removed Linode CLI dependency. --- dnsapi/dns_linode.sh | 176 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 152 insertions(+), 24 deletions(-) diff --git a/dnsapi/dns_linode.sh b/dnsapi/dns_linode.sh index 0af1ad7c..e1c32204 100755 --- a/dnsapi/dns_linode.sh +++ b/dnsapi/dns_linode.sh @@ -1,6 +1,13 @@ #!/usr/bin/env bash -linode_cmd="/usr/bin/linode" +#Author: Philipp Grosswiler + +#How to create the Linode API key: +#Sign into your Linode account and go to this page: https://manager.linode.com/profile/api +#Then add an API key with label ACME and copy the new key. +#export LINODE_API_KEY="..." + +LINODE_API_URL="https://api.linode.com/?api_key=$LINODE_API_KEY&api_action=" ######## Public functions ##################### @@ -9,52 +16,173 @@ dns_linode_add() { fulldomain="${1}" txtvalue="${2}" + if ! _Linode_API; then + return 1 + fi + _info "Using Linode" _debug "Calling: dns_linode_add() '${fulldomain}' '${txtvalue}'" - domain=$(printf "%s" "${fulldomain}" | cut -d . -f 3-999) - name=$(printf "%s" "${fulldomain}" | cut -d . -f 1-2) - _debug name "${name}" - _debug domain "${domain}" + _debug "First detect the root zone" + if ! _get_root "$fulldomain"; then + _err "Domain does not exist." + return 1 + fi + _debug _domain_id "$_domain_id" + _debug _sub_domain "$_sub_domain" + _debug _domain "$_domain" - _Linode_CLI && _Linode_addTXT + _parameters="&DomainID=$_domain_id&Type=TXT&Name=$_sub_domain&Target=$txtvalue" + + if _rest GET "domain.resource.create" "$_parameters" && [ -n "$response" ]; then + _resource_id=$(printf "%s\n" "$response" | _egrep_o "\"ResourceID\":\s*[0-9]+" | cut -d : -f 2 | tr -d " " | _head_n 1) + _debug _resource_id "$_resource_id" + + if [ -z "$_resource_id" ]; then + _err "Error adding the domain resource." + return 1 + fi + + _info "Domain resource successfully added." + return 0 + fi + + return 1 } #Usage: dns_linode_rm _acme-challenge.www.domain.com dns_linode_rm() { fulldomain="${1}" + if ! _Linode_API; then + return 1 + fi + _info "Using Linode" _debug "Calling: dns_linode_rm() '${fulldomain}'" - domain=$(printf "%s" "${fulldomain}" | cut -d . -f 3-999) - name=$(printf "%s" "${fulldomain}" | cut -d . -f 1-2) - _debug name "${name}" - _debug domain "${domain}" + _debug "First detect the root zone" + if ! _get_root "$fulldomain"; then + _err "Domain does not exist." + return 1 + fi + _debug _domain_id "$_domain_id" + _debug _sub_domain "$_sub_domain" + _debug _domain "$_domain" - _Linode_CLI && _Linode_rmTXT + _parameters="&DomainID=$_domain_id" + + if _rest GET "domain.resource.list" "$_parameters" && [ -n "$response" ]; then + response="$(echo "$response" | tr -d "\n" | sed 's/{/\n&/g')" + + resource="$(echo "$response" | _egrep_o "{.*\"NAME\":\s*\"$_sub_domain\".*}")" + if [ "$resource" ]; then + _resource_id=$(printf "%s\n" "$resource" | _egrep_o "\"RESOURCEID\":\s*[0-9]+" | _head_n 1 | cut -d : -f 2 | tr -d \ ) + if [ "$_resource_id" ]; then + _debug _resource_id "$_resource_id" + + _parameters="&DomainID=$_domain_id&ResourceID=$_resource_id" + + if _rest GET "domain.resource.delete" "$_parameters" && [ -n "$response" ]; then + _resource_id=$(printf "%s\n" "$response" | _egrep_o "\"ResourceID\":\s*[0-9]+" | cut -d : -f 2 | tr -d " " | _head_n 1) + _debug _resource_id "$_resource_id" + + if [ -z "$_resource_id" ]; then + _err "Error deleting the domain resource." + return 1 + fi + + _info "Domain resource successfully deleted." + return 0 + fi + fi + + return 1 + fi + + return 0 + fi + + return 1 } #################### Private functions below ################################## -_Linode_CLI() { - if [ ! -f "${linode_cmd}" ]; then - _err "Please install the Linode CLI package and set it up accordingly before using this DNS API." +_Linode_API() { + if [ -z "$LINODE_API_KEY" ]; then + LINODE_API_KEY="" + + _err "You didn't specify the Linode API key yet." + _err "Please create your key and try again." + return 1 fi + + _saveaccountconf LINODE_API_KEY "$LINODE_API_KEY" } -_Linode_addTXT() { - _debug "$linode_cmd domain record-update ${domain} TXT ${name} --target ${txtvalue}" - $linode_cmd domain record-update ${domain} TXT ${name} --target ${txtvalue} +#################### Private functions below ################################## +#_acme-challenge.www.domain.com +#returns +# _sub_domain=_acme-challenge.www +# _domain=domain.com +# _domain_id=12345 +_get_root() { + domain=$1 + i=2 + p=1 - if [ $? -ne 0 ]; then - _debug "$linode_cmd domain record-create ${domain} TXT ${name} ${txtvalue}" - $linode_cmd domain record-create ${domain} TXT ${name} ${txtvalue} + if _rest GET "domain.list"; then + response="$(echo "$response" | tr -d "\n" | sed 's/{/\n&/g')" + while true; do + h=$(printf "%s" "$domain" | cut -d . -f $i-100) + _debug h "$h" + if [ -z "$h" ]; then + #not valid + return 1 + fi + + hostedzone="$(echo "$response" | _egrep_o "{.*\"DOMAIN\":\s*\"$h\".*}")" + if [ "$hostedzone" ]; then + _domain_id=$(printf "%s\n" "$hostedzone" | _egrep_o "\"DOMAINID\":\s*[0-9]+" | _head_n 1 | cut -d : -f 2 | tr -d \ ) + if [ "$_domain_id" ]; then + _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) + _domain=$h + return 0 + fi + return 1 + fi + p=$i + i=$(_math "$i" + 1) + done fi + return 1 } -_Linode_rmTXT() { - _debug "$linode_cmd domain record-delete ${domain} TXT ${name}" - $linode_cmd domain record-delete ${domain} TXT ${name} -} +#method method action data +_rest() { + mtd="$1" + ep="$2" + data="$3" + + _debug mtd "$mtd" + _debug ep "$ep" + + export _H1="Accept: application/json" + export _H2="Content-Type: application/json" + + if [ "$mtd" != "GET" ]; then + # both POST and DELETE. + _debug data "$data" + response="$(_post "$data" "$LINODE_API_URL$ep" "" "$mtd")" + else + response="$(_get "$LINODE_API_URL$ep$data")" + fi + + if [ "$?" != "0" ]; then + _err "error $ep" + return 1 + fi + _debug2 response "$response" + return 0 +} \ No newline at end of file From dd17ac5045a8dc7832d90644271937f4550e793e Mon Sep 17 00:00:00 2001 From: Philipp Grosswiler Date: Tue, 31 Jan 2017 10:56:34 +0700 Subject: [PATCH 3/5] Added instructions on how to get the Linode API key. --- dnsapi/README.md | 16 +++++++++------- dnsapi/dns_linode.sh | 7 +------ 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/dnsapi/README.md b/dnsapi/README.md index 1895d376..df728acc 100644 --- a/dnsapi/README.md +++ b/dnsapi/README.md @@ -259,23 +259,25 @@ when needed. ## 14. Use Linode domain API -You will need to install the Linode CLI and set it up accordingly. +First you need to login to your Linode account to get your API Key. +[https://manager.linode.com/profile/api](https://manager.linode.com/profile/api) -[https://www.linode.com/docs/platform/linode-cli](https://www.linode.com/docs/platform/linode-cli) +Then add an API key with label *ACME* and copy the new key. -Follow the installation instructions appropriate for your platform and then run the configuration. - -```linode configure +```sh +export LINODE_API_KEY="..." ``` -Make sure Linode CLI is working correctly before proceeding. - Due to the reload time of any changes in the DNS records, we have to use the `dnssleep` option to wait at least 15 minutes for the changes to take effect. +Ok, let's issue a cert now: + ```sh acme.sh --issue --dns dns_linode --dnssleep 900 -d example.com -d www.example.com ``` +The `LINODE_API_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed. + # Use custom API If your API is not supported yet, you can write your own DNS API. diff --git a/dnsapi/dns_linode.sh b/dnsapi/dns_linode.sh index e1c32204..501a51af 100755 --- a/dnsapi/dns_linode.sh +++ b/dnsapi/dns_linode.sh @@ -1,12 +1,7 @@ -#!/usr/bin/env bash +#!/usr/bin/env sh #Author: Philipp Grosswiler -#How to create the Linode API key: -#Sign into your Linode account and go to this page: https://manager.linode.com/profile/api -#Then add an API key with label ACME and copy the new key. -#export LINODE_API_KEY="..." - LINODE_API_URL="https://api.linode.com/?api_key=$LINODE_API_KEY&api_action=" ######## Public functions ##################### From c070407ab2dfd784f57188a2a34322aed020fc1b Mon Sep 17 00:00:00 2001 From: Philipp Grosswiler Date: Tue, 31 Jan 2017 13:38:16 +0700 Subject: [PATCH 4/5] Fixed Travis CI complaining about missing newline at end of file. --- dnsapi/dns_linode.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnsapi/dns_linode.sh b/dnsapi/dns_linode.sh index 501a51af..6d54e6c1 100755 --- a/dnsapi/dns_linode.sh +++ b/dnsapi/dns_linode.sh @@ -180,4 +180,4 @@ _rest() { fi _debug2 response "$response" return 0 -} \ No newline at end of file +} From 5f8daeeb6d987687ac896c128c327c2096b02009 Mon Sep 17 00:00:00 2001 From: neilpang Date: Tue, 31 Jan 2017 20:03:41 +0800 Subject: [PATCH 5/5] minor, a better hex_dump --- acme.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/acme.sh b/acme.sh index cf82153a..e5728b3c 100755 --- a/acme.sh +++ b/acme.sh @@ -344,11 +344,7 @@ _is_solaris() { #input:"abc" #output: " 61 62 63" _hex_dump() { - if _is_solaris; then - od -A n -v -t x1 | tr -d "\r\n\t" | tr -s " " | tr -d "\n" - else - od -A n -v -t x1 | tr -d "\r\n\t" | tr -s " " | sed "s/ $//" | tr -d "\n" - fi + od -A n -v -t x1 | tr -d "\r\t" | tr -s " " | sed "s/ $//" | tr -d "\n" } #url encode, no-preserved chars