#!/usr/bin/env sh # # Dyn.com Domain API # # Author: Gerd Naschenweng # https://github.com/magicdude4eva # # Dyn Managed DNS API # https://help.dyn.com/dns-api-knowledge-base/ # # It is recommended to add a "Dyn Managed DNS" user specific for API access. # The "Zones & Records Permissions" required by this script are: # -- # RecordAdd # RecordUpdate # RecordDelete # RecordGet # ZoneGet # ZoneAddNode # ZoneRemoveNode # ZonePublish # -- # # Pass credentials before "acme.sh --issue --dns dns_dyn ..." # -- # export DYN_Customer="customer" # export DYN_Username="apiuser" # export DYN_Password="secret" # -- DYN_API="https://api.dynect.net/REST" #REST_API ######## Public functions ##################### #Usage: add _acme-challenge.www.domain.com "Challenge-code" dns_dyn_add() { fulldomain="$1" txtvalue="$2" DYN_Customer="${DYN_Customer:-$(_readaccountconf_mutable DYN_Customer)}" DYN_Username="${DYN_Username:-$(_readaccountconf_mutable DYN_Username)}" DYN_Password="${DYN_Password:-$(_readaccountconf_mutable DYN_Password)}" if [ -z "$DYN_Customer" ] || [ -z "$DYN_Username" ] || [ -z "$DYN_Password" ]; then DYN_Customer="" DYN_Username="" DYN_Password="" _err "You must export variables: DYN_Customer, DYN_Username and DYN_Password" return 1 fi #save the config variables to the account conf file. _saveaccountconf_mutable DYN_Customer "$DYN_Customer" _saveaccountconf_mutable DYN_Username "$DYN_Username" _saveaccountconf_mutable DYN_Password "$DYN_Password" if ! _dyn_get_authtoken; then return 1 fi if [ -z "$_dyn_authtoken" ]; then _dyn_end_session return 1 fi if ! _dyn_get_zone; then _dyn_end_session return 1 fi if ! _dyn_add_record; then _dyn_end_session return 1 fi if ! _dyn_publish_zone; then _dyn_end_session return 1 fi _dyn_end_session return 0 } #Usage: fulldomain txtvalue #Remove the txt record after validation. dns_dyn_rm() { fulldomain="$1" txtvalue="$2" DYN_Customer="${DYN_Customer:-$(_readaccountconf_mutable DYN_Customer)}" DYN_Username="${DYN_Username:-$(_readaccountconf_mutable DYN_Username)}" DYN_Password="${DYN_Password:-$(_readaccountconf_mutable DYN_Password)}" if [ -z "$DYN_Customer" ] || [ -z "$DYN_Username" ] || [ -z "$DYN_Password" ]; then DYN_Customer="" DYN_Username="" DYN_Password="" _err "You must export variables: DYN_Customer, DYN_Username and DYN_Password" return 1 fi if ! _dyn_get_authtoken; then return 1 fi if [ -z "$_dyn_authtoken" ]; then _dyn_end_session return 1 fi if ! _dyn_get_zone; then _dyn_end_session return 1 fi if ! _dyn_get_record_id; then _dyn_end_session return 1 fi if [ -z "$_dyn_record_id" ]; then _dyn_end_session return 1 fi if ! _dyn_rm_record; then _dyn_end_session return 1 fi if ! _dyn_publish_zone; then _dyn_end_session return 1 fi _dyn_end_session return 0 } #################### Private functions below ################################## #get Auth-Token _dyn_get_authtoken() { _info "Start Dyn API Session" data="{\"customer_name\":\"$DYN_Customer\", \"user_name\":\"$DYN_Username\", \"password\":\"$DYN_Password\"}" dyn_url="$DYN_API/Session/" method="POST" _debug data "$data" _debug dyn_url "$dyn_url" export _H1="Content-Type: application/json" response="$(_post "$data" "$dyn_url" "" "$method")" sessionstatus="$(printf "%s\n" "$response" | _egrep_o '"status" *: *"[^"]*' | _head_n 1 | sed 's#^"status" *: *"##')" _debug response "$response" _debug sessionstatus "$sessionstatus" if [ "$sessionstatus" = "success" ]; then _dyn_authtoken="$(printf "%s\n" "$response" | _egrep_o '"token" *: *"[^"]*' | _head_n 1 | sed 's#^"token" *: *"##')" _info "Token received" _debug _dyn_authtoken "$_dyn_authtoken" return 0 fi _dyn_authtoken="" _err "get token failed" return 1 } #fulldomain=_acme-challenge.www.domain.com #returns # _dyn_zone=domain.com _dyn_get_zone() { i=2 while true; do domain="$(printf "%s" "$fulldomain" | cut -d . -f "$i-100")" if [ -z "$domain" ]; then break fi dyn_url="$DYN_API/Zone/$domain/" export _H1="Auth-Token: $_dyn_authtoken" export _H2="Content-Type: application/json" response="$(_get "$dyn_url" "" "")" sessionstatus="$(printf "%s\n" "$response" | _egrep_o '"status" *: *"[^"]*' | _head_n 1 | sed 's#^"status" *: *"##')" _debug dyn_url "$dyn_url" _debug response "$response" _debug sessionstatus "$sessionstatus" if [ "$sessionstatus" = "success" ]; then _dyn_zone="$domain" return 0 fi i=$(_math "$i" + 1) done _dyn_zone="" _err "get zone failed" return 1 } #add TXT record _dyn_add_record() { _info "Adding TXT record" data="{\"rdata\":{\"txtdata\":\"$txtvalue\"},\"ttl\":\"300\"}" dyn_url="$DYN_API/TXTRecord/$_dyn_zone/$fulldomain/" method="POST" export _H1="Auth-Token: $_dyn_authtoken" export _H2="Content-Type: application/json" response="$(_post "$data" "$dyn_url" "" "$method")" sessionstatus="$(printf "%s\n" "$response" | _egrep_o '"status" *: *"[^"]*' | _head_n 1 | sed 's#^"status" *: *"##')" _debug response "$response" _debug sessionstatus "$sessionstatus" if [ "$sessionstatus" = "success" ]; then _info "TXT Record successfully added" return 0 fi _err "add TXT record failed" return 1 } #publish the zone _dyn_publish_zone() { _info "Publishing zone" data="{\"publish\":\"true\"}" dyn_url="$DYN_API/Zone/$_dyn_zone/" method="PUT" export _H1="Auth-Token: $_dyn_authtoken" export _H2="Content-Type: application/json" response="$(_post "$data" "$dyn_url" "" "$method")" sessionstatus="$(printf "%s\n" "$response" | _egrep_o '"status" *: *"[^"]*' | _head_n 1 | sed 's#^"status" *: *"##')" _debug response "$response" _debug sessionstatus "$sessionstatus" if [ "$sessionstatus" = "success" ]; then _info "Zone published" return 0 fi _err "publish zone failed" return 1 } #get record_id of TXT record so we can delete the record _dyn_get_record_id() { _info "Getting record_id of TXT record" dyn_url="$DYN_API/TXTRecord/$_dyn_zone/$fulldomain/" export _H1="Auth-Token: $_dyn_authtoken" export _H2="Content-Type: application/json" response="$(_get "$dyn_url" "" "")" sessionstatus="$(printf "%s\n" "$response" | _egrep_o '"status" *: *"[^"]*' | _head_n 1 | sed 's#^"status" *: *"##')" _debug response "$response" _debug sessionstatus "$sessionstatus" if [ "$sessionstatus" = "success" ]; then _dyn_record_id="$(printf "%s\n" "$response" | _egrep_o "\"data\" *: *\[\"/REST/TXTRecord/$_dyn_zone/$fulldomain/[^\"]*" | _head_n 1 | sed "s#^\"data\" *: *\[\"/REST/TXTRecord/$_dyn_zone/$fulldomain/##")" _debug _dyn_record_id "$_dyn_record_id" return 0 fi _dyn_record_id="" _err "getting record_id failed" return 1 } #delete TXT record _dyn_rm_record() { _info "Deleting TXT record" dyn_url="$DYN_API/TXTRecord/$_dyn_zone/$fulldomain/$_dyn_record_id/" method="DELETE" _debug dyn_url "$dyn_url" export _H1="Auth-Token: $_dyn_authtoken" export _H2="Content-Type: application/json" response="$(_post "" "$dyn_url" "" "$method")" sessionstatus="$(printf "%s\n" "$response" | _egrep_o '"status" *: *"[^"]*' | _head_n 1 | sed 's#^"status" *: *"##')" _debug response "$response" _debug sessionstatus "$sessionstatus" if [ "$sessionstatus" = "success" ]; then _info "TXT record successfully deleted" return 0 fi _err "delete TXT record failed" return 1 } #logout _dyn_end_session() { _info "End Dyn API Session" dyn_url="$DYN_API/Session/" method="DELETE" _debug dyn_url "$dyn_url" export _H1="Auth-Token: $_dyn_authtoken" export _H2="Content-Type: application/json" response="$(_post "" "$dyn_url" "" "$method")" _debug response "$response" _dyn_authtoken="" return 0 }