Merge pull request #3109 from acmesh-official/dev

Support github actions
2024-11-14 02:11:45 +00:00 · 2020-08-17 23:17:03 +08:00 · 2020-08-17 23:17:03 +08:00 · 4adb525513
commit 4adb525513
parent 2f0d0e7c7a 72235a5f72
30 changed files with 1104 additions and 1079 deletions
--- a/.github/workflows/shellcheck.yml
+++ b/.github/workflows/shellcheck.yml
@ -0,0 +1,16 @@
 name: shellcheck
 on: [push, pull_request]
 jobs:
  formatCheck:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: Install Shellcheck
      run: sudo apt-get install -y shellcheck
    - name: DoShellcheck
      run: shellcheck -V  && shellcheck -e SC2181 **/*.sh && echo "shellcheck OK"
    - name: Install shfmt
      run: curl -sSL https://github.com/mvdan/sh/releases/download/v3.1.2/shfmt_v3.1.2_linux_amd64 -o ~/shfmt && chmod +x ~/shfmt
    - name: shfmt
      run: ~/shfmt -l -w -i 2 . ; git diff --exit-code && echo "shfmt OK"
--- a/README.md
+++ b/README.md
@ -1,9 +1,10 @@
 # An ACME Shell script: acme.sh [![Build Status](https://travis-ci.org/acmesh-official/acme.sh.svg?branch=master)](https://travis-ci.org/acmesh-official/acme.sh)
-<a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a> [![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+<a href="https://opencollective.com/acmesh" alt="Financial Contributors on Open Collective"><img src="https://opencollective.com/acmesh/all/badge.svg?label=financial+contributors" /></a> 
 [![Join the chat at https://gitter.im/acme-sh/Lobby](https://badges.gitter.im/acme-sh/Lobby.svg)](https://gitter.im/acme-sh/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 [![Docker stars](https://img.shields.io/docker/stars/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
 [![Docker pulls](https://img.shields.io/docker/pulls/neilpang/acme.sh.svg)](https://hub.docker.com/r/neilpang/acme.sh "Click to view the image on Docker Hub")
-
+![shellcheck](https://github.com/acmesh-official/acme.sh/workflows/shellcheck/badge.svg)
 acme.sh is being sponsored by the following tool; please help to support us by taking a look and signing up to a free trial
--- a/acme.sh
+++ b/acme.sh
@ -1077,11 +1077,11 @@ _isEccKey() {
    return 1
  fi
-  [ "$_length" != "1024" ] \
+  [ "$_length" != "1024" ] &&
-    && [ "$_length" != "2048" ] \
+    [ "$_length" != "2048" ] &&
-    && [ "$_length" != "3072" ] \
+    [ "$_length" != "3072" ] &&
-    && [ "$_length" != "4096" ] \
+    [ "$_length" != "4096" ] &&
-    && [ "$_length" != "8192" ]
+    [ "$_length" != "8192" ]
 }
 # _createkey  2048|ec-256   file
@ -1473,7 +1473,7 @@ createDomainKey() {
  _initpath "$domain" "$_cdl"
-  if [ ! -f "$CERT_KEY_PATH" ] || [ ! -s "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$IS_RENEW" ]) || [ "$Le_ForceNewDomainKey" = "1" ]; then
+  if [ ! -f "$CERT_KEY_PATH" ] || [ ! -s "$CERT_KEY_PATH" ] || ([ "$FORCE" ] && ! [ "$_ACME_IS_RENEW" ]) || [ "$Le_ForceNewDomainKey" = "1" ]; then
    if _createkey "$_cdl" "$CERT_KEY_PATH"; then
      _savedomainconf Le_Keylength "$_cdl"
      _info "The domain key is here: $(__green $CERT_KEY_PATH)"
@ -1483,7 +1483,7 @@ createDomainKey() {
      return 1
    fi
  else
-    if [ "$IS_RENEW" ]; then
+    if [ "$_ACME_IS_RENEW" ]; then
      _info "Domain key exists, skip"
      return 0
    else
@ -1509,7 +1509,7 @@ createCSR() {
  _initpath "$domain" "$_isEcc"
-  if [ -f "$CSR_PATH" ] && [ "$IS_RENEW" ] && [ -z "$FORCE" ]; then
+  if [ -f "$CSR_PATH" ] && [ "$_ACME_IS_RENEW" ] && [ -z "$FORCE" ]; then
    _info "CSR exists, skip"
    return
  fi
@ -2585,7 +2585,7 @@ _initpath() {
    . "$ACCOUNT_CONF_PATH"
  fi
-  if [ "$ACME_IN_CRON" ]; then
+  if [ "$_ACME_IN_CRON" ]; then
    if [ ! "$_USER_PATH_EXPORTED" ]; then
      _USER_PATH_EXPORTED=1
      export PATH="$USER_PATH:$PATH"
@ -2599,7 +2599,7 @@ _initpath() {
  if [ -z "$ACME_DIRECTORY" ]; then
    if [ "$STAGE" ]; then
      ACME_DIRECTORY="$DEFAULT_STAGING_CA"
-      _info "Using stage ACME_DIRECTORY: $ACME_DIRECTORY"
+      _info "Using ACME_DIRECTORY: $ACME_DIRECTORY"
    else
      default_acme_server=$(_readaccountconf "DEFAULT_ACME_SERVER")
      _debug default_acme_server "$default_acme_server"
@ -3387,7 +3387,7 @@ _on_issue_err() {
    )
  fi
-  if [ "$IS_RENEW" = "1" ] && _hasfield "$Le_Webroot" "$W_DNS"; then
+  if [ "$_ACME_IS_RENEW" = "1" ] && _hasfield "$Le_Webroot" "$W_DNS"; then
    _err "$_DNS_MANUAL_ERR"
  fi
@ -3419,7 +3419,7 @@ _on_issue_success() {
  fi
  #run renew hook
-  if [ "$IS_RENEW" ] && [ "$_chk_renew_hook" ]; then
+  if [ "$_ACME_IS_RENEW" ] && [ "$_chk_renew_hook" ]; then
    _info "Run renew hook:'$_chk_renew_hook'"
    if ! (
      export CERT_PATH
@ -3990,17 +3990,22 @@ _check_dns_entries() {
 }
 #file
-_get_cert_issuer() {
+_get_cert_issuers() {
  _cfile="$1"
-  echo $(openssl x509 -in $_cfile -text -noout | grep 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2)
+  if _contains "$(${ACME_OPENSSL_BIN:-openssl} help crl2pkcs7 2>&1)" "Usage: crl2pkcs7"; then
    ${ACME_OPENSSL_BIN:-openssl} crl2pkcs7 -nocrl -certfile $_cfile | openssl pkcs7 -print_certs -text -noout | grep 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2
  else
    ${ACME_OPENSSL_BIN:-openssl} x509 -in $_cfile -text -noout | grep 'Issuer:' | _egrep_o "CN *=[^,]*" | cut -d = -f 2
  fi
 }
 #cert  issuer
 _match_issuer() {
  _cfile="$1"
  _missuer="$2"
-  _fissuer=$(_get_cert_issuer $_cfile)
+  _fissuers="$(_get_cert_issuers $_cfile)"
-  [ "$_missuer" = "$_fissuer" ]
+  _debug2 _fissuers "$_fissuers"
  _contains "$_fissuers" "$_missuer"
 }
 #webroot, domain domainlist  keylength
@ -4037,7 +4042,7 @@ issue() {
  _challenge_alias="${14}"
  _preferred_chain="${15}"
-  if [ ! "$IS_RENEW" ]; then
+  if [ -z "$_ACME_IS_RENEW" ]; then
    _initpath "$_main_domain" "$_key_length"
    mkdir -p "$DOMAIN_PATH"
  fi
@ -4689,7 +4694,8 @@ $_authorizations_map"
  der="$(_getfile "${CSR_PATH}" "${BEGIN_CSR}" "${END_CSR}" | tr -d "\r\n" | _url_replace)"
  if [ "$ACME_VERSION" = "2" ]; then
-    _info "Lets finalize the order, Le_OrderFinalize: $Le_OrderFinalize"
+    _info "Lets finalize the order."
    _info "Le_OrderFinalize" "$Le_OrderFinalize"
    if ! _send_signed_request "${Le_OrderFinalize}" "{\"csr\": \"$der\"}"; then
      _err "Sign failed."
      _on_issue_err "$_post_hook"
@ -4760,7 +4766,8 @@ $_authorizations_map"
      _on_issue_err "$_post_hook"
      return 1
    fi
-    _info "Downloading cert, Le_LinkCert: $Le_LinkCert"
+    _info "Downloading cert."
    _info "Le_LinkCert" "$Le_LinkCert"
    if ! _send_signed_request "$Le_LinkCert"; then
      _err "Sign failed, can not download cert:$Le_LinkCert."
      _err "$response"
@ -4771,10 +4778,8 @@ $_authorizations_map"
    echo "$response" >"$CERT_PATH"
    _split_cert_chain "$CERT_PATH" "$CERT_FULLCHAIN_PATH" "$CA_CERT_PATH"
-    if [ "$_preferred_chain" ]; then
+    if [ "$_preferred_chain" ] && [ -f "$CERT_FULLCHAIN_PATH" ]; then
-      _cert_issuer=$(_get_cert_issuer "$CA_CERT_PATH")
+      if ! _match_issuer "$CERT_FULLCHAIN_PATH" "$_preferred_chain"; then
      _debug _cert_issuer "$_cert_issuer"
      if ! _match_issuer "$CA_CERT_PATH" "$_preferred_chain"; then
        rels="$(echo "$responseHeaders" | tr -d ' <>' | grep -i "^link:" | grep -i 'rel="alternate"' | cut -d : -f 2- | cut -d ';' -f 1)"
        _debug2 "rels" "$rels"
        for rel in $rels; do
@ -4789,7 +4794,7 @@ $_authorizations_map"
          _relca="$CA_CERT_PATH.alt"
          echo "$response" >"$_relcert"
          _split_cert_chain "$_relcert" "$_relfullchain" "$_relca"
-          if _match_issuer "$_relca" "$_preferred_chain"; then
+          if _match_issuer "$_relfullchain" "$_preferred_chain"; then
            _info "Matched issuer in: $rel"
            cat $_relcert >"$CERT_PATH"
            cat $_relfullchain >"$CERT_FULLCHAIN_PATH"
@ -4842,7 +4847,7 @@ $_authorizations_map"
      _info "Your cert key is in $(__green " $CERT_KEY_PATH ")"
    fi
-    if [ ! "$USER_PATH" ] || [ ! "$ACME_IN_CRON" ]; then
+    if [ ! "$USER_PATH" ] || [ ! "$_ACME_IN_CRON" ]; then
      USER_PATH="$PATH"
      _saveaccountconf "USER_PATH" "$USER_PATH"
    fi
@ -5033,12 +5038,12 @@ renew() {
    return "$RENEW_SKIP"
  fi
-  if [ "$ACME_IN_CRON" = "1" ] && [ -z "$Le_CertCreateTime" ]; then
+  if [ "$_ACME_IN_CRON" = "1" ] && [ -z "$Le_CertCreateTime" ]; then
    _info "Skip invalid cert for: $Le_Domain"
    return $RENEW_SKIP
  fi
-  IS_RENEW="1"
+  _ACME_IS_RENEW="1"
  Le_ReloadCmd="$(_readdomainconf Le_ReloadCmd)"
  Le_PreHook="$(_readdomainconf Le_PreHook)"
  Le_PostHook="$(_readdomainconf Le_PostHook)"
@ -5054,7 +5059,7 @@ renew() {
    res="$?"
  fi
-  IS_RENEW=""
+  _ACME_IS_RENEW=""
  return "$res"
 }
@ -5094,7 +5099,7 @@ renewAll() {
        _error_level="$NOTIFY_LEVEL_RENEW"
        _notify_code=0
      fi
-      if [ "$ACME_IN_CRON" ]; then
+      if [ "$_ACME_IN_CRON" ]; then
        if [ $_set_level -ge $NOTIFY_LEVEL_RENEW ]; then
          if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
            _send_notify "Renew $d success" "Good, the cert is renewed." "$NOTIFY_HOOK" 0
@ -5108,7 +5113,7 @@ renewAll() {
        _error_level="$NOTIFY_LEVEL_SKIP"
        _notify_code=$RENEW_SKIP
      fi
-      if [ "$ACME_IN_CRON" ]; then
+      if [ "$_ACME_IN_CRON" ]; then
        if [ $_set_level -ge $NOTIFY_LEVEL_SKIP ]; then
          if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
            _send_notify "Renew $d skipped" "Good, the cert is skipped." "$NOTIFY_HOOK" "$RENEW_SKIP"
@ -5123,7 +5128,7 @@ renewAll() {
        _error_level="$NOTIFY_LEVEL_ERROR"
        _notify_code=1
      fi
-      if [ "$ACME_IN_CRON" ]; then
+      if [ "$_ACME_IN_CRON" ]; then
        if [ $_set_level -ge $NOTIFY_LEVEL_ERROR ]; then
          if [ "$NOTIFY_MODE" = "$NOTIFY_MODE_CERT" ]; then
            _send_notify "Renew $d error" "There is an error." "$NOTIFY_HOOK" 1
@ -5144,7 +5149,7 @@ renewAll() {
  done
  _debug _error_level "$_error_level"
  _debug _set_level "$_set_level"
-  if [ "$ACME_IN_CRON" ] && [ $_error_level -le $_set_level ]; then
+  if [ "$_ACME_IN_CRON" ] && [ $_error_level -le $_set_level ]; then
    if [ -z "$NOTIFY_MODE" ] || [ "$NOTIFY_MODE" = "$NOTIFY_MODE_BULK" ]; then
      _msg_subject="Renew"
      if [ "$_error_msg" ]; then
@ -5442,7 +5447,7 @@ _installcert() {
  if [ "$_real_cert" ]; then
    _info "Installing cert to:$_real_cert"
-    if [ -f "$_real_cert" ] && [ ! "$IS_RENEW" ]; then
+    if [ -f "$_real_cert" ] && [ ! "$_ACME_IS_RENEW" ]; then
      cp "$_real_cert" "$_backup_path/cert.bak"
    fi
    cat "$CERT_PATH" >"$_real_cert" || return 1
@ -5454,7 +5459,7 @@ _installcert() {
      echo "" >>"$_real_ca"
      cat "$CA_CERT_PATH" >>"$_real_ca" || return 1
    else
-      if [ -f "$_real_ca" ] && [ ! "$IS_RENEW" ]; then
+      if [ -f "$_real_ca" ] && [ ! "$_ACME_IS_RENEW" ]; then
        cp "$_real_ca" "$_backup_path/ca.bak"
      fi
      cat "$CA_CERT_PATH" >"$_real_ca" || return 1
@ -5463,7 +5468,7 @@ _installcert() {
  if [ "$_real_key" ]; then
    _info "Installing key to:$_real_key"
-    if [ -f "$_real_key" ] && [ ! "$IS_RENEW" ]; then
+    if [ -f "$_real_key" ] && [ ! "$_ACME_IS_RENEW" ]; then
      cp "$_real_key" "$_backup_path/key.bak"
    fi
    if [ -f "$_real_key" ]; then
@ -5476,7 +5481,7 @@ _installcert() {
  if [ "$_real_fullchain" ]; then
    _info "Installing full chain to:$_real_fullchain"
-    if [ -f "$_real_fullchain" ] && [ ! "$IS_RENEW" ]; then
+    if [ -f "$_real_fullchain" ] && [ ! "$_ACME_IS_RENEW" ]; then
      cp "$_real_fullchain" "$_backup_path/fullchain.bak"
    fi
    cat "$CERT_FULLCHAIN_PATH" >"$_real_fullchain" || return 1
@ -6093,7 +6098,7 @@ install() {
    _debug "Skip install cron job"
  fi
-  if [ "$ACME_IN_CRON" != "1" ]; then
+  if [ "$_ACME_IN_CRON" != "1" ]; then
    if ! _precheck "$_nocron"; then
      _err "Pre-check failed, can not install."
      return 1
@ -6150,7 +6155,7 @@ install() {
  _info "Installed to $LE_WORKING_DIR/$PROJECT_ENTRY"
-  if [ "$ACME_IN_CRON" != "1" ] && [ -z "$_noprofile" ]; then
+  if [ "$_ACME_IN_CRON" != "1" ] && [ -z "$_noprofile" ]; then
    _installalias "$_c_home"
  fi
@ -6248,7 +6253,7 @@ _uninstallalias() {
 }
 cron() {
-  export ACME_IN_CRON=1
+  export _ACME_IN_CRON=1
  _initpath
  _info "$(__green "===Starting cron===")"
  if [ "$AUTO_UPGRADE" = "1" ]; then
@ -6269,7 +6274,7 @@ cron() {
  fi
  renewAll
  _ret="$?"
-  ACME_IN_CRON=""
+  _ACME_IN_CRON=""
  _info "$(__green "===End cron===")"
  exit $_ret
 }
--- a/deploy/exim4.sh
+++ b/deploy/exim4.sh
@ -69,8 +69,8 @@ exim4_deploy() {
    cp "$_exim4_conf" "$_backup_conf"
    _info "Modify exim4 conf: $_exim4_conf"
-    if _setopt "$_exim4_conf" "tls_certificate" "=" "$_real_fullchain" \
+    if _setopt "$_exim4_conf" "tls_certificate" "=" "$_real_fullchain" &&
-      && _setopt "$_exim4_conf" "tls_privatekey" "=" "$_real_key"; then
+      _setopt "$_exim4_conf" "tls_privatekey" "=" "$_real_key"; then
      _info "Set config success!"
    else
      _err "Config exim4 server error, please report bug to us."
--- a/deploy/ssh.sh
+++ b/deploy/ssh.sh
@ -195,8 +195,8 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
  fi
  if [ -n "$Le_Deploy_ssh_cafile" ]; then
    _pipe=">"
-    if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_keyfile" ] \
+    if [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_keyfile" ] ||
-      || [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_certfile" ]; then
+      [ "$Le_Deploy_ssh_cafile" = "$Le_Deploy_ssh_certfile" ]; then
      # if filename is same as previous file then append.
      _pipe=">>"
    elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
@ -222,9 +222,9 @@ then rm -rf \"\$fn\"; echo \"Backup \$fn deleted as older than 180 days\"; fi; d
  fi
  if [ -n "$Le_Deploy_ssh_fullchain" ]; then
    _pipe=">"
-    if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_keyfile" ] \
+    if [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_keyfile" ] ||
-      || [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_certfile" ] \
+      [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_certfile" ] ||
-      || [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_cafile" ]; then
+      [ "$Le_Deploy_ssh_fullchain" = "$Le_Deploy_ssh_cafile" ]; then
      # if filename is same as previous file then append.
      _pipe=">>"
    elif [ "$Le_Deploy_ssh_backup" = "yes" ]; then
--- a/deploy/vsftpd.sh
+++ b/deploy/vsftpd.sh
@ -65,9 +65,9 @@ vsftpd_deploy() {
    cp "$_vsftpd_conf" "$_backup_conf"
    _info "Modify vsftpd conf: $_vsftpd_conf"
-    if _setopt "$_vsftpd_conf" "rsa_cert_file" "=" "$_real_fullchain" \
+    if _setopt "$_vsftpd_conf" "rsa_cert_file" "=" "$_real_fullchain" &&
-      && _setopt "$_vsftpd_conf" "rsa_private_key_file" "=" "$_real_key" \
+      _setopt "$_vsftpd_conf" "rsa_private_key_file" "=" "$_real_key" &&
-      && _setopt "$_vsftpd_conf" "ssl_enable" "=" "YES"; then
+      _setopt "$_vsftpd_conf" "ssl_enable" "=" "YES"; then
      _info "Set config success!"
    else
      _err "Config vsftpd server error, please report bug to us."
--- a/dnsapi/dns_aws.sh
+++ b/dnsapi/dns_aws.sh
@ -222,10 +222,10 @@ _use_instance_role() {
 _use_metadata() {
  _aws_creds="$(
-    _get "$1" "" 1 \
+    _get "$1" "" 1 |
-      | _normalizeJson \
+      _normalizeJson |
-      | tr '{,}' '\n' \
+      tr '{,}' '\n' |
-      | while read -r _line; do
+      while read -r _line; do
        _key="$(echo "${_line%%:*}" | tr -d '"')"
        _value="${_line#*:}"
        _debug3 "_key" "$_key"
@ -235,8 +235,8 @@ _use_metadata() {
        SecretAccessKey) echo "AWS_SECRET_ACCESS_KEY=$_value" ;;
        Token) echo "AWS_SESSION_TOKEN=$_value" ;;
        esac
-      done \
+      done |
-        | paste -sd' ' -
+      paste -sd' ' -
  )"
  _secure_debug "_aws_creds" "$_aws_creds"
--- a/dnsapi/dns_conoha.sh
+++ b/dnsapi/dns_conoha.sh
@ -115,9 +115,9 @@ dns_conoha_rm() {
    return 1
  fi
-  record_id=$(printf "%s" "$response" | _egrep_o '{[^}]*}' \
+  record_id=$(printf "%s" "$response" | _egrep_o '{[^}]*}' |
-    | grep '"type":"TXT"' | grep "\"data\":\"$txtvalue\"" | _egrep_o "\"id\":\"[^\"]*\"" \
+    grep '"type":"TXT"' | grep "\"data\":\"$txtvalue\"" | _egrep_o "\"id\":\"[^\"]*\"" |
-    | _head_n 1 | cut -d : -f 2 | tr -d \")
+    _head_n 1 | cut -d : -f 2 | tr -d \")
  if [ -z "$record_id" ]; then
    _err "Can not get record id to remove."
    return 1
--- a/dnsapi/dns_cyon.sh
+++ b/dnsapi/dns_cyon.sh
@ -18,23 +18,23 @@
 ########
 dns_cyon_add() {
-  _cyon_load_credentials \
+  _cyon_load_credentials &&
-    && _cyon_load_parameters "$@" \
+    _cyon_load_parameters "$@" &&
-    && _cyon_print_header "add" \
+    _cyon_print_header "add" &&
-    && _cyon_login \
+    _cyon_login &&
-    && _cyon_change_domain_env \
+    _cyon_change_domain_env &&
-    && _cyon_add_txt \
+    _cyon_add_txt &&
-    && _cyon_logout
+    _cyon_logout
 }
 dns_cyon_rm() {
-  _cyon_load_credentials \
+  _cyon_load_credentials &&
-    && _cyon_load_parameters "$@" \
+    _cyon_load_parameters "$@" &&
-    && _cyon_print_header "delete" \
+    _cyon_print_header "delete" &&
-    && _cyon_login \
+    _cyon_login &&
-    && _cyon_change_domain_env \
+    _cyon_change_domain_env &&
-    && _cyon_delete_txt \
+    _cyon_delete_txt &&
-    && _cyon_logout
+    _cyon_logout
 }
 #########################
--- a/dnsapi/dns_do.sh
+++ b/dnsapi/dns_do.sh
@ -67,14 +67,14 @@ _dns_do_list_rrs() {
    _err "getRRList origin ${_domain} failed"
    return 1
  fi
-  _rr_list="$(echo "${response}" \
+  _rr_list="$(echo "${response}" |
-    | tr -d "\n\r\t" \
+    tr -d "\n\r\t" |
-    | sed -e 's/<item xsi:type="ns2:Map">/\n/g' \
+    sed -e 's/<item xsi:type="ns2:Map">/\n/g' |
-    | grep ">$(_regexcape "$fulldomain")</value>" \
+    grep ">$(_regexcape "$fulldomain")</value>" |
-    | sed -e 's/<\/item>/\n/g' \
+    sed -e 's/<\/item>/\n/g' |
-    | grep '>id</key><value' \
+    grep '>id</key><value' |
-    | _egrep_o '>[0-9]{1,16}<' \
+    _egrep_o '>[0-9]{1,16}<' |
-    | tr -d '><')"
+    tr -d '><')"
  [ "${_rr_list}" ]
 }
@ -120,10 +120,10 @@ _get_root() {
  i=1
  _dns_do_soap getDomainList
-  _all_domains="$(echo "${response}" \
+  _all_domains="$(echo "${response}" |
-    | tr -d "\n\r\t " \
+    tr -d "\n\r\t " |
-    | _egrep_o 'domain</key><value[^>]+>[^<]+' \
+    _egrep_o 'domain</key><value[^>]+>[^<]+' |
-    | sed -e 's/^domain<\/key><value[^>]*>//g')"
+    sed -e 's/^domain<\/key><value[^>]*>//g')"
  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
--- a/dnsapi/dns_freedns.sh
+++ b/dnsapi/dns_freedns.sh
@ -303,10 +303,10 @@ _freedns_domain_id() {
      return 1
    fi
-    domain_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' \
+    domain_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' |
-      | grep "<td>$search_domain</td>\|<td>$search_domain(.*)</td>" \
+      grep "<td>$search_domain</td>\|<td>$search_domain(.*)</td>" |
-      | sed -n 's/.*\(edit\.php?edit_domain_id=[0-9a-zA-Z]*\).*/\1/p' \
+      sed -n 's/.*\(edit\.php?edit_domain_id=[0-9a-zA-Z]*\).*/\1/p' |
-      | cut -d = -f 2)"
+      cut -d = -f 2)"
    # The above beauty extracts domain ID from the html page...
    # strip out all blank space and new lines. Then insert newlines
    # before each table row <tr>
@ -349,11 +349,11 @@ _freedns_data_id() {
      return 1
    fi
-    data_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' \
+    data_id="$(echo "$htmlpage" | tr -d " \t\r\n\v\f" | sed 's/<tr>/@<tr>/g' | tr '@' '\n' |
-      | grep "<td[a-zA-Z=#]*>$record_type</td>" \
+      grep "<td[a-zA-Z=#]*>$record_type</td>" |
-      | grep "<ahref.*>$search_domain</a>" \
+      grep "<ahref.*>$search_domain</a>" |
-      | sed -n 's/.*\(edit\.php?data_id=[0-9a-zA-Z]*\).*/\1/p' \
+      sed -n 's/.*\(edit\.php?data_id=[0-9a-zA-Z]*\).*/\1/p' |
-      | cut -d = -f 2)"
+      cut -d = -f 2)"
    # The above beauty extracts data ID from the html page...
    # strip out all blank space and new lines. Then insert newlines
    # before each table row <tr>
--- a/dnsapi/dns_gandi_livedns.sh
+++ b/dnsapi/dns_gandi_livedns.sh
@ -69,9 +69,9 @@ dns_gandi_livedns_rm() {
  _gandi_livedns_rest PUT \
    "domains/$_domain/records/$_sub_domain/TXT" \
-    "{\"rrset_ttl\": 300, \"rrset_values\": $_new_rrset_values}" \
+    "{\"rrset_ttl\": 300, \"rrset_values\": $_new_rrset_values}" &&
-    && _contains "$response" '{"message": "DNS Record Created"}' \
+    _contains "$response" '{"message": "DNS Record Created"}' &&
-    && _info "Removing record $(__green "success")"
+    _info "Removing record $(__green "success")"
 }
 ####################  Private functions below ##################################
@ -125,9 +125,9 @@ _dns_gandi_append_record() {
  fi
  _debug new_rrset_values "$_rrset_values"
  _gandi_livedns_rest PUT "domains/$_domain/records/$sub_domain/TXT" \
-    "{\"rrset_ttl\": 300, \"rrset_values\": $_rrset_values}" \
+    "{\"rrset_ttl\": 300, \"rrset_values\": $_rrset_values}" &&
-    && _contains "$response" '{"message": "DNS Record Created"}' \
+    _contains "$response" '{"message": "DNS Record Created"}' &&
-    && _info "Adding record $(__green "success")"
+    _info "Adding record $(__green "success")"
 }
 _dns_gandi_existing_rrset_values() {
@ -145,8 +145,8 @@ _dns_gandi_existing_rrset_values() {
    return 1
  fi
  _debug "Already has TXT record."
-  _rrset_values=$(echo "$response" | _egrep_o 'rrset_values.*\[.*\]' \
+  _rrset_values=$(echo "$response" | _egrep_o 'rrset_values.*\[.*\]' |
-    | _egrep_o '\[".*\"]')
+    _egrep_o '\[".*\"]')
  return 0
 }
--- a/dnsapi/dns_gcloud.sh
+++ b/dnsapi/dns_gcloud.sh
@ -78,8 +78,8 @@ _dns_gcloud_execute_tr() {
  for i in $(seq 1 120); do
    if gcloud dns record-sets changes list \
      --zone="$managedZone" \
-      --filter='status != done' \
+      --filter='status != done' |
-      | grep -q '^.*'; then
+      grep -q '^.*'; then
      _info "_dns_gcloud_execute_tr: waiting for transaction to be comitted ($i/120)..."
      sleep 5
    else
@ -137,11 +137,11 @@ _dns_gcloud_find_zone() {
  # List domains and find the zone with the deepest sub-domain (in case of some levels of delegation)
  if ! match=$(gcloud dns managed-zones list \
    --format="value(name, dnsName)" \
-    --filter="$filter" \
+    --filter="$filter" |
-    | while read -r dnsName name; do
+    while read -r dnsName name; do
      printf "%s\t%s\t%s\n" "$(echo "$name" | awk -F"." '{print NF-1}')" "$dnsName" "$name"
-    done \
+    done |
-      | sort -n -r | _head_n 1 | cut -f2,3 | grep '^.*'); then
+    sort -n -r | _head_n 1 | cut -f2,3 | grep '^.*'); then
    _err "_dns_gcloud_find_zone: Can't find a matching managed zone! Perhaps wrong project or gcloud credentials?"
    return 1
  fi
--- a/dnsapi/dns_he.sh
+++ b/dnsapi/dns_he.sh
@ -101,8 +101,8 @@ dns_he_rm() {
  body="$body&hosted_dns_editzone=1"
  body="$body&hosted_dns_delrecord=1"
  body="$body&hosted_dns_delconfirm=delete"
-  _post "$body" "https://dns.he.net/" \
+  _post "$body" "https://dns.he.net/" |
-    | grep '<div id="dns_status" onClick="hideThis(this);">Successfully removed record.</div>' \
+    grep '<div id="dns_status" onClick="hideThis(this);">Successfully removed record.</div>' \
      >/dev/null
  exit_code="$?"
  if [ "$exit_code" -eq 0 ]; then
--- a/dnsapi/dns_hetzner.sh
+++ b/dnsapi/dns_hetzner.sh
@ -123,10 +123,10 @@ _find_record() {
    return 1
  else
    _record_id=$(
-      echo "$response" \
+      echo "$response" |
-        | grep -o "{[^\{\}]*\"name\":\"$_record_name\"[^\}]*}" \
+        grep -o "{[^\{\}]*\"name\":\"$_record_name\"[^\}]*}" |
-        | grep "\"value\":\"$_record_value\"" \
+        grep "\"value\":\"$_record_value\"" |
-        | while read -r record; do
+        while read -r record; do
          # test for type and
          if [ -n "$(echo "$record" | _egrep_o '"type":"TXT"')" ]; then
            echo "$record" | _egrep_o '"id":"[^"]*"' | cut -d : -f 2 | tr -d \"
--- a/dnsapi/dns_pleskxml.sh
+++ b/dnsapi/dns_pleskxml.sh
@ -136,11 +136,12 @@ dns_pleskxml_rm() {
  # Reduce output to one line per DNS record, filtered for TXT records with a record ID only (which they should all have)
  # Also strip out spaces between tags, redundant <data> and </data> group tags and any <self-closing/> tags
-  reclist="$(_api_response_split "$pleskxml_prettyprint_result" 'result' '<status>ok</status>' \
+  reclist="$(
-    | sed 's# \{1,\}<\([a-zA-Z]\)#<\1#g;s#</\{0,1\}data>##g;s#<[a-z][^/<>]*/>##g' \
+    _api_response_split "$pleskxml_prettyprint_result" 'result' '<status>ok</status>' |
-    | grep "<site-id>${root_domain_id}</site-id>" \
+      sed 's# \{1,\}<\([a-zA-Z]\)#<\1#g;s#</\{0,1\}data>##g;s#<[a-z][^/<>]*/>##g' |
-    | grep '<id>[0-9]\{1,\}</id>' \
+      grep "<site-id>${root_domain_id}</site-id>" |
-    | grep '<type>TXT</type>'
+      grep '<id>[0-9]\{1,\}</id>' |
      grep '<type>TXT</type>'
  )"
  if [ -z "$reclist" ]; then
@ -151,10 +152,11 @@ dns_pleskxml_rm() {
  _debug "Got list of DNS TXT records for root domain '$root_domain_name':"
  _debug "$reclist"
-  recid="$(_value "$reclist" \
+  recid="$(
-    | grep "<host>${fulldomain}.</host>" \
+    _value "$reclist" |
-    | grep "<value>${txtvalue}</value>" \
+      grep "<host>${fulldomain}.</host>" |
-    | sed 's/^.*<id>\([0-9]\{1,\}\)<\/id>.*$/\1/'
+      grep "<value>${txtvalue}</value>" |
      sed 's/^.*<id>\([0-9]\{1,\}\)<\/id>.*$/\1/'
  )"
  if ! _value "$recid" | grep '^[0-9]\{1,\}$' >/dev/null; then
@ -220,11 +222,11 @@ _countdots() {
 #       Last line could change to <sed -n '/.../p'> instead, with suitable escaping of ['"/$],
 #       if future Plesk XML API changes ever require extended regex
 _api_response_split() {
-  printf '%s' "$1" \
+  printf '%s' "$1" |
-    | sed 's/^ +//;s/ +$//' \
+    sed 's/^ +//;s/ +$//' |
-    | tr -d '\n\r' \
+    tr -d '\n\r' |
-    | sed "s/<\/\{0,1\}$2>/${NEWLINE}/g" \
+    sed "s/<\/\{0,1\}$2>/${NEWLINE}/g" |
-    | grep "$3"
+    grep "$3"
 }
 ####################  Private functions below (DNS functions) ##################################
@ -265,10 +267,11 @@ _call_api() {
    #   - filter output to keep only lines like this: "SPACES<TAG>text</TAG>SPACES" (shouldn't be necessary with prettyprint but guarantees subsequent code is ok)
    #   - then edit the 3 "useful" error tokens individually and remove closing tags on all lines
    #   - then filter again to remove all lines not edited (which will be the lines not starting A-Z)
-    errtext="$(_value "$pleskxml_prettyprint_result" \
+    errtext="$(
-      | grep '^ *<[a-z]\{1,\}>[^<]*<\/[a-z]\{1,\}> *$' \
+      _value "$pleskxml_prettyprint_result" |
-      | sed 's/^ *<status>/Status:     /;s/^ *<errcode>/Error code: /;s/^ *<errtext>/Error text: /;s/<\/.*$//' \
+        grep '^ *<[a-z]\{1,\}>[^<]*<\/[a-z]\{1,\}> *$' |
-      | grep '^[A-Z]'
+        sed 's/^ *<status>/Status:     /;s/^ *<errcode>/Error code: /;s/^ *<errtext>/Error text: /;s/<\/.*$//' |
        grep '^[A-Z]'
    )"
  fi