mirror of
https://github.com/plantroon/acme.sh.git
synced 2025-01-28 06:09:51 +00:00
commit
21fd46d66b
@ -8,10 +8,6 @@
|
|||||||
acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
|
acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
|
||||||
|
|
||||||
|
|
||||||
<a href="https://tracking.gitads.io/?repo=acme.sh"> <img src="https://images.gitads.io/acme.sh" alt="GitAds"/> </a>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
- An ACME protocol client written purely in Shell (Unix shell) language.
|
- An ACME protocol client written purely in Shell (Unix shell) language.
|
||||||
- Full ACME protocol implementation.
|
- Full ACME protocol implementation.
|
||||||
- Support ACME v1 and ACME v2
|
- Support ACME v1 and ACME v2
|
||||||
|
29
acme.sh
29
acme.sh
@ -52,9 +52,6 @@ DEFAULT_DOMAIN_KEY_LENGTH=2048
|
|||||||
|
|
||||||
DEFAULT_OPENSSL_BIN="openssl"
|
DEFAULT_OPENSSL_BIN="openssl"
|
||||||
|
|
||||||
_OLD_CA_HOST="https://acme-v01.api.letsencrypt.org"
|
|
||||||
_OLD_STAGE_CA_HOST="https://acme-staging.api.letsencrypt.org"
|
|
||||||
|
|
||||||
VTYPE_HTTP="http-01"
|
VTYPE_HTTP="http-01"
|
||||||
VTYPE_DNS="dns-01"
|
VTYPE_DNS="dns-01"
|
||||||
VTYPE_ALPN="tls-alpn-01"
|
VTYPE_ALPN="tls-alpn-01"
|
||||||
@ -2595,22 +2592,17 @@ _initpath() {
|
|||||||
CA_HOME="$DEFAULT_CA_HOME"
|
CA_HOME="$DEFAULT_CA_HOME"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$ACME_VERSION" = "2" ]; then
|
|
||||||
DEFAULT_CA="$CA_LETSENCRYPT_V2"
|
|
||||||
DEFAULT_STAGING_CA="$CA_LETSENCRYPT_V2_TEST"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "$ACME_DIRECTORY" ]; then
|
if [ -z "$ACME_DIRECTORY" ]; then
|
||||||
|
if [ "$STAGE" ]; then
|
||||||
|
ACME_DIRECTORY="$DEFAULT_STAGING_CA"
|
||||||
|
_info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
|
||||||
|
else
|
||||||
default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
|
default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
|
||||||
_debug default_acme_server "$default_acme_server"
|
_debug default_acme_server "$default_acme_server"
|
||||||
if [ "$default_acme_server" ]; then
|
if [ "$default_acme_server" ]; then
|
||||||
ACME_DIRECTORY="$default_acme_server"
|
ACME_DIRECTORY="$default_acme_server"
|
||||||
else
|
else
|
||||||
if [ -z "$STAGE" ]; then
|
|
||||||
ACME_DIRECTORY="$DEFAULT_CA"
|
ACME_DIRECTORY="$DEFAULT_CA"
|
||||||
else
|
|
||||||
ACME_DIRECTORY="$DEFAULT_STAGING_CA"
|
|
||||||
_info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
|
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@ -4088,12 +4080,9 @@ issue() {
|
|||||||
_cleardomainconf "Le_ChallengeAlias"
|
_cleardomainconf "Le_ChallengeAlias"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$ACME_DIRECTORY" != "$DEFAULT_CA" ]; then
|
|
||||||
Le_API="$ACME_DIRECTORY"
|
Le_API="$ACME_DIRECTORY"
|
||||||
_savedomainconf "Le_API" "$Le_API"
|
_savedomainconf "Le_API" "$Le_API"
|
||||||
else
|
|
||||||
_cleardomainconf Le_API
|
|
||||||
fi
|
|
||||||
_info "Using CA: $ACME_DIRECTORY"
|
_info "Using CA: $ACME_DIRECTORY"
|
||||||
if [ "$_alt_domains" = "$NO_VALUE" ]; then
|
if [ "$_alt_domains" = "$NO_VALUE" ]; then
|
||||||
_alt_domains=""
|
_alt_domains=""
|
||||||
@ -4980,14 +4969,6 @@ renew() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$Le_API" ]; then
|
if [ "$Le_API" ]; then
|
||||||
if [ "$_OLD_CA_HOST" = "$Le_API" ]; then
|
|
||||||
export Le_API="$DEFAULT_CA"
|
|
||||||
_savedomainconf Le_API "$Le_API"
|
|
||||||
fi
|
|
||||||
if [ "$_OLD_STAGE_CA_HOST" = "$Le_API" ]; then
|
|
||||||
export Le_API="$DEFAULT_STAGING_CA"
|
|
||||||
_savedomainconf Le_API "$Le_API"
|
|
||||||
fi
|
|
||||||
export ACME_DIRECTORY="$Le_API"
|
export ACME_DIRECTORY="$Le_API"
|
||||||
#reload ca configs
|
#reload ca configs
|
||||||
ACCOUNT_KEY_PATH=""
|
ACCOUNT_KEY_PATH=""
|
||||||
|
150
dnsapi/dns_kappernet.sh
Normal file
150
dnsapi/dns_kappernet.sh
Normal file
@ -0,0 +1,150 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# kapper.net domain api
|
||||||
|
# for further questions please contact: support@kapper.net
|
||||||
|
# please report issues here: https://github.com/acmesh-official/acme.sh/issues/2977
|
||||||
|
|
||||||
|
#KAPPERNETDNS_Key="yourKAPPERNETapikey"
|
||||||
|
#KAPPERNETDNS_Secret="yourKAPPERNETapisecret"
|
||||||
|
|
||||||
|
KAPPERNETDNS_Api="https://dnspanel.kapper.net/API/1.2?APIKey=$KAPPERNETDNS_Key&APISecret=$KAPPERNETDNS_Secret"
|
||||||
|
|
||||||
|
###############################################################################
|
||||||
|
# called with
|
||||||
|
# fullhostname: something.example.com
|
||||||
|
# txtvalue: someacmegenerated string
|
||||||
|
dns_kappernet_add() {
|
||||||
|
fullhostname=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
|
||||||
|
KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
|
||||||
|
|
||||||
|
if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
|
||||||
|
KAPPERNETDNS_Key=""
|
||||||
|
KAPPERNETDNS_Secret=""
|
||||||
|
_err "Please specify your kapper.net api key and secret."
|
||||||
|
_err "If you have not received yours - send your mail to"
|
||||||
|
_err "support@kapper.net to get your key and secret."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#store the api key and email to the account conf file.
|
||||||
|
_saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
|
||||||
|
_saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
|
||||||
|
_debug "Checking Domain ..."
|
||||||
|
if ! _get_root "$fullhostname"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "SUBDOMAIN: $_sub_domain"
|
||||||
|
_debug _domain "DOMAIN: $_domain"
|
||||||
|
|
||||||
|
_info "Trying to add TXT DNS Record"
|
||||||
|
data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
|
||||||
|
if _kappernet_api GET "action=new&subject=$_domain&data=$data"; then
|
||||||
|
|
||||||
|
if _contains "$response" "{\"OK\":true"; then
|
||||||
|
_info "Waiting 120 seconds for DNS to spread the new record"
|
||||||
|
_sleep 120
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Error creating a TXT DNS Record: $fullhostname TXT $txtvalue"
|
||||||
|
_err "Error Message: $response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
_err "Failed creating TXT Record"
|
||||||
|
}
|
||||||
|
|
||||||
|
###############################################################################
|
||||||
|
# called with
|
||||||
|
# fullhostname: something.example.com
|
||||||
|
dns_kappernet_rm() {
|
||||||
|
fullhostname=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
KAPPERNETDNS_Key="${KAPPERNETDNS_Key:-$(_readaccountconf_mutable KAPPERNETDNS_Key)}"
|
||||||
|
KAPPERNETDNS_Secret="${KAPPERNETDNS_Secret:-$(_readaccountconf_mutable KAPPERNETDNS_Secret)}"
|
||||||
|
|
||||||
|
if [ -z "$KAPPERNETDNS_Key" ] || [ -z "$KAPPERNETDNS_Secret" ]; then
|
||||||
|
KAPPERNETDNS_Key=""
|
||||||
|
KAPPERNETDNS_Secret=""
|
||||||
|
_err "Please specify your kapper.net api key and secret."
|
||||||
|
_err "If you have not received yours - send your mail to"
|
||||||
|
_err "support@kapper.net to get your key and secret."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#store the api key and email to the account conf file.
|
||||||
|
_saveaccountconf_mutable KAPPERNETDNS_Key "$KAPPERNETDNS_Key"
|
||||||
|
_saveaccountconf_mutable KAPPERNETDNS_Secret "$KAPPERNETDNS_Secret"
|
||||||
|
|
||||||
|
_info "Trying to remove the TXT Record: $fullhostname containing $txtvalue"
|
||||||
|
data="%7B%22name%22%3A%22$fullhostname%22%2C%22type%22%3A%22TXT%22%2C%22content%22%3A%22$txtvalue%22%2C%22ttl%22%3A%223600%22%2C%22prio%22%3A%22%22%7D"
|
||||||
|
if _kappernet_api GET "action=del&subject=$fullhostname&data=$data"; then
|
||||||
|
if _contains "$response" "{\"OK\":true"; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Error deleting DNS Record: $fullhostname containing $txtvalue"
|
||||||
|
_err "Problem: $response"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
_err "Problem deleting TXT DNS record"
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
# called with hostname
|
||||||
|
# e.g._acme-challenge.www.domain.com returns
|
||||||
|
# _sub_domain=_acme-challenge.www
|
||||||
|
# _domain=domain.com
|
||||||
|
_get_root() {
|
||||||
|
domain=$1
|
||||||
|
i=2
|
||||||
|
p=1
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
if ! _kappernet_api GET "action=list&subject=$h"; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
if _contains "$response" '"OK":false'; then
|
||||||
|
_debug "$h not found"
|
||||||
|
else
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
|
_domain="$h"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
p="$i"
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
################################################################################
|
||||||
|
# calls the kapper.net DNS Panel API
|
||||||
|
# with
|
||||||
|
# method
|
||||||
|
# param
|
||||||
|
_kappernet_api() {
|
||||||
|
method=$1
|
||||||
|
param="$2"
|
||||||
|
|
||||||
|
_debug param "PARAMETER=$param"
|
||||||
|
url="$KAPPERNETDNS_Api&$param"
|
||||||
|
_debug url "URL=$url"
|
||||||
|
|
||||||
|
if [ "$method" = "GET" ]; then
|
||||||
|
response="$(_get "$url")"
|
||||||
|
else
|
||||||
|
_err "Unsupported method"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug2 response "$response"
|
||||||
|
return 0
|
||||||
|
}
|
Loading…
x
Reference in New Issue
Block a user