mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-11-14 10:21:45 +00:00
commit
8dea519235
27
acme.sh
27
acme.sh
@ -2019,7 +2019,7 @@ _send_signed_request() {
|
|||||||
_debug code "$code"
|
_debug code "$code"
|
||||||
|
|
||||||
_debug2 original "$response"
|
_debug2 original "$response"
|
||||||
if echo "$responseHeaders" | grep -i "Content-Type: application/json" >/dev/null 2>&1; then
|
if echo "$responseHeaders" | grep -i "Content-Type: *application/json" >/dev/null 2>&1; then
|
||||||
response="$(echo "$response" | _normalizeJson)"
|
response="$(echo "$response" | _normalizeJson)"
|
||||||
fi
|
fi
|
||||||
_debug2 response "$response"
|
_debug2 response "$response"
|
||||||
@ -2040,8 +2040,10 @@ _send_signed_request() {
|
|||||||
continue
|
continue
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
break
|
return 0
|
||||||
done
|
done
|
||||||
|
_info "Giving up sending to CA server after $MAX_REQUEST_RETRY_TIMES retries."
|
||||||
|
return 1
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -3445,7 +3447,7 @@ _regAccount() {
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
_debug2 responseHeaders "$responseHeaders"
|
_debug2 responseHeaders "$responseHeaders"
|
||||||
_accUri="$(echo "$responseHeaders" | grep -i "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")"
|
_accUri="$(echo "$responseHeaders" | grep -i "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n ")"
|
||||||
_debug "_accUri" "$_accUri"
|
_debug "_accUri" "$_accUri"
|
||||||
if [ -z "$_accUri" ]; then
|
if [ -z "$_accUri" ]; then
|
||||||
_err "Can not find account id url."
|
_err "Can not find account id url."
|
||||||
@ -3819,9 +3821,11 @@ _check_dns_entries() {
|
|||||||
_sleep 10
|
_sleep 10
|
||||||
else
|
else
|
||||||
_info "All success, let's return"
|
_info "All success, let's return"
|
||||||
break
|
return 0
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
_info "Timed out waiting for DNS."
|
||||||
|
return 1
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -4002,7 +4006,7 @@ issue() {
|
|||||||
_on_issue_err "$_post_hook"
|
_on_issue_err "$_post_hook"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
|
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d ":" -f 2-)"
|
||||||
_debug Le_LinkOrder "$Le_LinkOrder"
|
_debug Le_LinkOrder "$Le_LinkOrder"
|
||||||
Le_OrderFinalize="$(echo "$response" | _egrep_o '"finalize" *: *"[^"]*"' | cut -d '"' -f 4)"
|
Le_OrderFinalize="$(echo "$response" | _egrep_o '"finalize" *: *"[^"]*"' | cut -d '"' -f 4)"
|
||||||
_debug Le_OrderFinalize "$Le_OrderFinalize"
|
_debug Le_OrderFinalize "$Le_OrderFinalize"
|
||||||
@ -4082,7 +4086,7 @@ $_authorizations_map"
|
|||||||
|
|
||||||
if [ "$ACME_VERSION" = "2" ]; then
|
if [ "$ACME_VERSION" = "2" ]; then
|
||||||
_idn_d="$(_idn "$d")"
|
_idn_d="$(_idn "$d")"
|
||||||
_candindates="$(echo "$_authorizations_map" | grep "^$_idn_d,")"
|
_candindates="$(echo "$_authorizations_map" | grep -i "^$_idn_d,")"
|
||||||
_debug2 _candindates "$_candindates"
|
_debug2 _candindates "$_candindates"
|
||||||
if [ "$(echo "$_candindates" | wc -l)" -gt 1 ]; then
|
if [ "$(echo "$_candindates" | wc -l)" -gt 1 ]; then
|
||||||
for _can in $_candindates; do
|
for _can in $_candindates; do
|
||||||
@ -4517,7 +4521,7 @@ $_authorizations_map"
|
|||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
if [ -z "$Le_LinkOrder" ]; then
|
if [ -z "$Le_LinkOrder" ]; then
|
||||||
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d " " -f 2)"
|
Le_LinkOrder="$(echo "$responseHeaders" | grep -i '^Location.*$' | _tail_n 1 | tr -d "\r\n" | cut -d ":" -f 2-)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_savedomainconf "Le_LinkOrder" "$Le_LinkOrder"
|
_savedomainconf "Le_LinkOrder" "$Le_LinkOrder"
|
||||||
@ -5568,7 +5572,7 @@ _deactivate() {
|
|||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
authzUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ' ' -f 2 | tr -d "\r\n")"
|
authzUri="$(echo "$responseHeaders" | grep "^Location:" | _head_n 1 | cut -d ':' -f 2- | tr -d "\r\n")"
|
||||||
_debug "authzUri" "$authzUri"
|
_debug "authzUri" "$authzUri"
|
||||||
if [ "$code" ] && [ ! "$code" = '201' ]; then
|
if [ "$code" ] && [ ! "$code" = '201' ]; then
|
||||||
_err "new-authz error: $response"
|
_err "new-authz error: $response"
|
||||||
@ -6299,6 +6303,7 @@ _installOnline() {
|
|||||||
chmod +x $PROJECT_ENTRY
|
chmod +x $PROJECT_ENTRY
|
||||||
if ./$PROJECT_ENTRY install "$_nocron" "" "$_noprofile"; then
|
if ./$PROJECT_ENTRY install "$_nocron" "" "$_noprofile"; then
|
||||||
_info "Install success!"
|
_info "Install success!"
|
||||||
|
_saveaccountconf "UPGRADE_HASH" "$(_getMasterHash)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cd ..
|
cd ..
|
||||||
@ -6308,9 +6313,15 @@ _installOnline() {
|
|||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_getMasterHash() {
|
||||||
|
_hash_url="https://api.github.com/repos/Neilpang/acme.sh/git/refs/heads/master"
|
||||||
|
_get $_hash_url | tr -d "\r\n" | tr '{},' '\n' | grep '"sha":' | cut -d '"' -f 4
|
||||||
|
}
|
||||||
|
|
||||||
upgrade() {
|
upgrade() {
|
||||||
if (
|
if (
|
||||||
_initpath
|
_initpath
|
||||||
|
[ -z "$FORCE" ] && [ "$(_getMasterHash)" = "$(_readaccountconf "UPGRADE_HASH")" ] && _info "Already uptodate!" && exit 0
|
||||||
export LE_WORKING_DIR
|
export LE_WORKING_DIR
|
||||||
cd "$LE_WORKING_DIR"
|
cd "$LE_WORKING_DIR"
|
||||||
_installOnline "nocron" "noprofile"
|
_installOnline "nocron" "noprofile"
|
||||||
|
@ -85,19 +85,19 @@ routeros_deploy() {
|
|||||||
scp "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key"
|
scp "$_ckey" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.key"
|
||||||
_info "Trying to push cert '$_cfullchain' to router"
|
_info "Trying to push cert '$_cfullchain' to router"
|
||||||
scp "$_cfullchain" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer"
|
scp "$_cfullchain" "$ROUTER_OS_USERNAME@$ROUTER_OS_HOST:$_cdomain.cer"
|
||||||
DEPLOY_SCRIPT_CMD="/system script add name=\"LE Cert Deploy - $_cdomain\" owner=admin policy=ftp,read,write,password,sensitive
|
DEPLOY_SCRIPT_CMD="/system script add name=\"LE Cert Deploy - $_cdomain\" owner=admin policy=ftp,read,write,password,sensitive \
|
||||||
source=\"## generated by routeros deploy script in acme.sh
|
source=\"## generated by routeros deploy script in acme.sh;\
|
||||||
\n/certificate remove [ find name=$_cdomain.cer_0 ]
|
\n/certificate remove [ find name=$_cdomain.cer_0 ];\
|
||||||
\n/certificate remove [ find name=$_cdomain.cer_1 ]
|
\n/certificate remove [ find name=$_cdomain.cer_1 ];\
|
||||||
\ndelay 1
|
\ndelay 1;\
|
||||||
\n/certificate import file-name=$_cdomain.cer passphrase=\\\"\\\"
|
\n/certificate import file-name=$_cdomain.cer passphrase=\\\"\\\";\
|
||||||
\n/certificate import file-name=$_cdomain.key passphrase=\\\"\\\"
|
\n/certificate import file-name=$_cdomain.key passphrase=\\\"\\\";\
|
||||||
\ndelay 1
|
\ndelay 1;\
|
||||||
\n/file remove $_cdomain.cer
|
\n/file remove $_cdomain.cer;\
|
||||||
\n/file remove $_cdomain.key
|
\n/file remove $_cdomain.key;\
|
||||||
\ndelay 2
|
\ndelay 2;\
|
||||||
\n/ip service set www-ssl certificate=$_cdomain.cer_0
|
\n/ip service set www-ssl certificate=$_cdomain.cer_0;\
|
||||||
\n$ROUTER_OS_ADDITIONAL_SERVICES
|
\n$ROUTER_OS_ADDITIONAL_SERVICES;\
|
||||||
\n\"
|
\n\"
|
||||||
"
|
"
|
||||||
# shellcheck disable=SC2029
|
# shellcheck disable=SC2029
|
||||||
|
172
dnsapi/dns_easydns.sh
Normal file
172
dnsapi/dns_easydns.sh
Normal file
@ -0,0 +1,172 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
#######################################################
|
||||||
|
#
|
||||||
|
# easyDNS REST API for acme.sh by Neilpang based on dns_cf.sh
|
||||||
|
#
|
||||||
|
# Please note: # API is currently beta and subject to constant change
|
||||||
|
# http://sandbox.rest.easydns.net:3000/
|
||||||
|
#
|
||||||
|
# Author: wurzelpanzer [wurzelpanzer@maximolider.net]
|
||||||
|
# Report Bugs here: https://github.com/Neilpang/acme.sh/issues/2647
|
||||||
|
#
|
||||||
|
#################### Public functions #################
|
||||||
|
|
||||||
|
#EASYDNS_Key="xxxxxxxxxxxxxxxxxxxxxxxx"
|
||||||
|
#EASYDNS_Token="xxxxxxxxxxxxxxxxxxxxxxxx"
|
||||||
|
EASYDNS_Api="https://rest.easydns.net"
|
||||||
|
|
||||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_easydns_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
EASYDNS_Token="${EASYDNS_Token:-$(_readaccountconf_mutable EASYDNS_Token)}"
|
||||||
|
EASYDNS_Key="${EASYDNS_Key:-$(_readaccountconf_mutable EASYDNS_Key)}"
|
||||||
|
|
||||||
|
if [ -z "$EASYDNS_Token" ] || [ -z "$EASYDNS_Key" ]; then
|
||||||
|
_err "You didn't specify an easydns.net token or api key. Please sign up at http://docs.sandbox.rest.easydns.net/beta_signup.php"
|
||||||
|
return 1
|
||||||
|
else
|
||||||
|
_saveaccountconf_mutable EASYDNS_Token "$EASYDNS_Token"
|
||||||
|
_saveaccountconf_mutable EASYDNS_Key "$EASYDNS_Key"
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_debug "Getting txt records"
|
||||||
|
_EASYDNS_rest GET "zones/records/all/${_domain}/search/${_sub_domain}"
|
||||||
|
|
||||||
|
if ! printf "%s" "$response" | grep \"status\":200 >/dev/null; then
|
||||||
|
_err "Error"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_info "Adding record"
|
||||||
|
if _EASYDNS_rest PUT "zones/records/add/$_domain/TXT" "{\"host\":\"$_sub_domain\",\"rdata\":\"$txtvalue\"}"; then
|
||||||
|
if _contains "$response" "\"status\":201"; then
|
||||||
|
_info "Added, OK"
|
||||||
|
return 0
|
||||||
|
elif _contains "$response" "Record already exists"; then
|
||||||
|
_info "Already exists, OK"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Add txt record error."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
_err "Add txt record error."
|
||||||
|
return 1
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
dns_easydns_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
EASYDNS_Token="${EASYDNS_Token:-$(_readaccountconf_mutable EASYDNS_Token)}"
|
||||||
|
EASYDNS_Key="${EASYDNS_Key:-$(_readaccountconf_mutable EASYDNS_Key)}"
|
||||||
|
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_debug "Getting txt records"
|
||||||
|
_EASYDNS_rest GET "zones/records/all/${_domain}/search/${_sub_domain}"
|
||||||
|
|
||||||
|
if ! printf "%s" "$response" | grep \"status\":200 >/dev/null; then
|
||||||
|
_err "Error"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
count=$(printf "%s\n" "$response" | _egrep_o "\"count\":[^,]*" | cut -d : -f 2)
|
||||||
|
_debug count "$count"
|
||||||
|
if [ "$count" = "0" ]; then
|
||||||
|
_info "Don't need to remove."
|
||||||
|
else
|
||||||
|
record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | head -n 1)
|
||||||
|
_debug "record_id" "$record_id"
|
||||||
|
if [ -z "$record_id" ]; then
|
||||||
|
_err "Can not get record id to remove."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
if ! _EASYDNS_rest DELETE "zones/records/$_domain/$record_id"; then
|
||||||
|
_err "Delete record error."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_contains "$response" "\"status\":200"
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
#_acme-challenge.www.domain.com
|
||||||
|
#returns
|
||||||
|
# _sub_domain=_acme-challenge.www
|
||||||
|
# _domain=domain.com
|
||||||
|
_get_root() {
|
||||||
|
domain=$1
|
||||||
|
i=1
|
||||||
|
p=1
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||||
|
_debug h "$h"
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if ! _EASYDNS_rest GET "zones/records/all/$h"; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if _contains "$response" "\"status\":200"; then
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
|
_domain=$h
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
p=$i
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_EASYDNS_rest() {
|
||||||
|
m=$1
|
||||||
|
ep="$2"
|
||||||
|
data="$3"
|
||||||
|
_debug "$ep"
|
||||||
|
|
||||||
|
basicauth=$(printf "%s" "$EASYDNS_Token":"$EASYDNS_Key" | _base64)
|
||||||
|
|
||||||
|
export _H1="accept: application/json"
|
||||||
|
if [ "$basicauth" ]; then
|
||||||
|
export _H2="Authorization: Basic $basicauth"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$m" != "GET" ]; then
|
||||||
|
export _H3="Content-Type: application/json"
|
||||||
|
_debug data "$data"
|
||||||
|
response="$(_post "$data" "$EASYDNS_Api/$ep" "" "$m")"
|
||||||
|
else
|
||||||
|
response="$(_get "$EASYDNS_Api/$ep")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$?" != "0" ]; then
|
||||||
|
_err "error $ep"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug2 response "$response"
|
||||||
|
return 0
|
||||||
|
}
|
@ -63,6 +63,16 @@ _lexicon_init() {
|
|||||||
_saveaccountconf_mutable "$Lx_domaintoken" "$Lx_domaintoken_v"
|
_saveaccountconf_mutable "$Lx_domaintoken" "$Lx_domaintoken_v"
|
||||||
eval export "$Lx_domaintoken"
|
eval export "$Lx_domaintoken"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# shellcheck disable=SC2018,SC2019
|
||||||
|
Lx_api_key=$(echo LEXICON_"${PROVIDER}"_API_KEY | tr 'a-z' 'A-Z')
|
||||||
|
eval "$Lx_api_key=\${$Lx_api_key:-$(_readaccountconf_mutable "$Lx_api_key")}"
|
||||||
|
Lx_api_key_v=$(eval echo \$"$Lx_api_key")
|
||||||
|
_secure_debug "$Lx_api_key" "$Lx_api_key_v"
|
||||||
|
if [ "$Lx_api_key_v" ]; then
|
||||||
|
_saveaccountconf_mutable "$Lx_api_key" "$Lx_api_key_v"
|
||||||
|
eval export "$Lx_api_key"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
######## Public functions #####################
|
######## Public functions #####################
|
||||||
|
159
dnsapi/dns_misaka.sh
Executable file
159
dnsapi/dns_misaka.sh
Executable file
@ -0,0 +1,159 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# bug reports to support+acmesh@misaka.io
|
||||||
|
# based on dns_nsone.sh by dev@1e.ca
|
||||||
|
|
||||||
|
#
|
||||||
|
#Misaka_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
|
||||||
|
#
|
||||||
|
|
||||||
|
Misaka_Api="https://dnsapi.misaka.io/dns"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_misaka_add() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
|
||||||
|
if [ -z "$Misaka_Key" ]; then
|
||||||
|
Misaka_Key=""
|
||||||
|
_err "You didn't specify misaka.io dns api key yet."
|
||||||
|
_err "Please create you key and try again."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
#save the api key and email to the account conf file.
|
||||||
|
_saveaccountconf Misaka_Key "$Misaka_Key"
|
||||||
|
|
||||||
|
_debug "checking root zone [$fulldomain]"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_debug "Getting txt records"
|
||||||
|
_misaka_rest GET "zones/${_domain}/recordsets?search=${_sub_domain}"
|
||||||
|
|
||||||
|
if ! _contains "$response" "\"results\":"; then
|
||||||
|
_err "Error"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
count=$(printf "%s\n" "$response" | _egrep_o "\"name\":\"$_sub_domain\",[^{]*\"type\":\"TXT\"" | wc -l | tr -d " ")
|
||||||
|
_debug count "$count"
|
||||||
|
if [ "$count" = "0" ]; then
|
||||||
|
_info "Adding record"
|
||||||
|
|
||||||
|
if _misaka_rest PUT "zones/${_domain}/recordsets/${_sub_domain}/TXT" "{\"records\":[{\"value\":\"\\\"$txtvalue\\\"\"}],\"filters\":[],\"ttl\":1}"; then
|
||||||
|
_debug response "$response"
|
||||||
|
if _contains "$response" "$_sub_domain"; then
|
||||||
|
_info "Added"
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
_err "Add txt record error."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
_err "Add txt record error."
|
||||||
|
else
|
||||||
|
_info "Updating record"
|
||||||
|
|
||||||
|
_misaka_rest POST "zones/${_domain}/recordsets/${_sub_domain}/TXT?append=true" "{\"records\": [{\"value\": \"\\\"$txtvalue\\\"\"}],\"ttl\":1}"
|
||||||
|
if [ "$?" = "0" ] && _contains "$response" "$_sub_domain"; then
|
||||||
|
_info "Updated!"
|
||||||
|
#todo: check if the record takes effect
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
_err "Update error"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#fulldomain
|
||||||
|
dns_misaka_rm() {
|
||||||
|
fulldomain=$1
|
||||||
|
txtvalue=$2
|
||||||
|
_debug "First detect the root zone"
|
||||||
|
if ! _get_root "$fulldomain"; then
|
||||||
|
_err "invalid domain"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug _sub_domain "$_sub_domain"
|
||||||
|
_debug _domain "$_domain"
|
||||||
|
|
||||||
|
_debug "Getting txt records"
|
||||||
|
_misaka_rest GET "zones/${_domain}/recordsets?search=${_sub_domain}"
|
||||||
|
|
||||||
|
count=$(printf "%s\n" "$response" | _egrep_o "\"name\":\"$_sub_domain\",[^{]*\"type\":\"TXT\"" | wc -l | tr -d " ")
|
||||||
|
_debug count "$count"
|
||||||
|
if [ "$count" = "0" ]; then
|
||||||
|
_info "Don't need to remove."
|
||||||
|
else
|
||||||
|
if ! _misaka_rest DELETE "zones/${_domain}/recordsets/${_sub_domain}/TXT"; then
|
||||||
|
_err "Delete record error."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_contains "$response" ""
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
#_acme-challenge.www.domain.com
|
||||||
|
#returns
|
||||||
|
# _sub_domain=_acme-challenge.www
|
||||||
|
# _domain=domain.com
|
||||||
|
# _domain_id=sdjkglgdfewsdfg
|
||||||
|
_get_root() {
|
||||||
|
domain=$1
|
||||||
|
i=2
|
||||||
|
p=1
|
||||||
|
if ! _misaka_rest GET "zones?limit=1000"; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
while true; do
|
||||||
|
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||||
|
_debug h "$h"
|
||||||
|
if [ -z "$h" ]; then
|
||||||
|
#not valid
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if _contains "$response" "\"name\":\"$h\""; then
|
||||||
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
|
_domain="$h"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
p=$i
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_misaka_rest() {
|
||||||
|
m=$1
|
||||||
|
ep="$2"
|
||||||
|
data="$3"
|
||||||
|
_debug "$ep"
|
||||||
|
|
||||||
|
export _H1="Content-Type: application/json"
|
||||||
|
export _H2="User-Agent: acme.sh/$VER misaka-dns-acmesh/20191213"
|
||||||
|
export _H3="Authorization: Token $Misaka_Key"
|
||||||
|
|
||||||
|
if [ "$m" != "GET" ]; then
|
||||||
|
_debug data "$data"
|
||||||
|
response="$(_post "$data" "$Misaka_Api/$ep" "" "$m")"
|
||||||
|
else
|
||||||
|
response="$(_get "$Misaka_Api/$ep")"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$?" != "0" ]; then
|
||||||
|
_err "error $ep"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_debug2 response "$response"
|
||||||
|
return 0
|
||||||
|
}
|
@ -1,10 +1,9 @@
|
|||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
#
|
#
|
||||||
#NIC_Token="sdfsdfsdfljlbjkljlkjsdfoiwjedfglgkdlfgkfgldfkg"
|
#NIC_ClientID='0dc0xxxxxxxxxxxxxxxxxxxxxxxxce88'
|
||||||
#
|
#NIC_ClientSecret='3LTtxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnuW8'
|
||||||
#NIC_Username="000000/NIC-D"
|
#NIC_Username="000000/NIC-D"
|
||||||
|
|
||||||
#NIC_Password="xxxxxxx"
|
#NIC_Password="xxxxxxx"
|
||||||
|
|
||||||
NIC_Api="https://api.nic.ru"
|
NIC_Api="https://api.nic.ru"
|
||||||
@ -13,22 +12,7 @@ dns_nic_add() {
|
|||||||
fulldomain="${1}"
|
fulldomain="${1}"
|
||||||
txtvalue="${2}"
|
txtvalue="${2}"
|
||||||
|
|
||||||
NIC_Token="${NIC_Token:-$(_readaccountconf_mutable NIC_Token)}"
|
if ! _nic_get_authtoken save; then
|
||||||
NIC_Username="${NIC_Username:-$(_readaccountconf_mutable NIC_Username)}"
|
|
||||||
NIC_Password="${NIC_Password:-$(_readaccountconf_mutable NIC_Password)}"
|
|
||||||
if [ -z "$NIC_Token" ] || [ -z "$NIC_Username" ] || [ -z "$NIC_Password" ]; then
|
|
||||||
NIC_Token=""
|
|
||||||
NIC_Username=""
|
|
||||||
NIC_Password=""
|
|
||||||
_err "You must export variables: NIC_Token, NIC_Username and NIC_Password"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
_saveaccountconf_mutable NIC_Customer "$NIC_Token"
|
|
||||||
_saveaccountconf_mutable NIC_Username "$NIC_Username"
|
|
||||||
_saveaccountconf_mutable NIC_Password "$NIC_Password"
|
|
||||||
|
|
||||||
if ! _nic_get_authtoken "$NIC_Username" "$NIC_Password" "$NIC_Token"; then
|
|
||||||
_err "get NIC auth token failed"
|
_err "get NIC auth token failed"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
@ -59,18 +43,7 @@ dns_nic_rm() {
|
|||||||
fulldomain="${1}"
|
fulldomain="${1}"
|
||||||
txtvalue="${2}"
|
txtvalue="${2}"
|
||||||
|
|
||||||
NIC_Token="${NIC_Token:-$(_readaccountconf_mutable NIC_Token)}"
|
if ! _nic_get_authtoken; then
|
||||||
NIC_Username="${NIC_Username:-$(_readaccountconf_mutable NIC_Username)}"
|
|
||||||
NIC_Password="${NIC_Password:-$(_readaccountconf_mutable NIC_Password)}"
|
|
||||||
if [ -z "$NIC_Token" ] || [ -z "$NIC_Username" ] || [ -z "$NIC_Password" ]; then
|
|
||||||
NIC_Token=""
|
|
||||||
NIC_Username=""
|
|
||||||
NIC_Password=""
|
|
||||||
_err "You must export variables: NIC_Token, NIC_Username and NIC_Password"
|
|
||||||
return 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if ! _nic_get_authtoken "$NIC_Username" "$NIC_Password" "$NIC_Token"; then
|
|
||||||
_err "get NIC auth token failed"
|
_err "get NIC auth token failed"
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
@ -103,17 +76,64 @@ dns_nic_rm() {
|
|||||||
|
|
||||||
#################### Private functions below ##################################
|
#################### Private functions below ##################################
|
||||||
|
|
||||||
|
#_nic_get_auth_elements [need2save]
|
||||||
|
_nic_get_auth_elements() {
|
||||||
|
_need2save=$1
|
||||||
|
|
||||||
|
NIC_ClientID="${NIC_ClientID:-$(_readaccountconf_mutable NIC_ClientID)}"
|
||||||
|
NIC_ClientSecret="${NIC_ClientSecret:-$(_readaccountconf_mutable NIC_ClientSecret)}"
|
||||||
|
NIC_Username="${NIC_Username:-$(_readaccountconf_mutable NIC_Username)}"
|
||||||
|
NIC_Password="${NIC_Password:-$(_readaccountconf_mutable NIC_Password)}"
|
||||||
|
|
||||||
|
## for backward compatibility
|
||||||
|
if [ -z "$NIC_ClientID" ] || [ -z "$NIC_ClientSecret" ]; then
|
||||||
|
NIC_Token="${NIC_Token:-$(_readaccountconf_mutable NIC_Token)}"
|
||||||
|
_debug NIC_Token "$NIC_Token"
|
||||||
|
if [ -n "$NIC_Token" ]; then
|
||||||
|
_two_values="$(echo "${NIC_Token}" | _dbase64)"
|
||||||
|
_debug _two_values "$_two_values"
|
||||||
|
NIC_ClientID=$(echo "$_two_values" | cut -d':' -f1)
|
||||||
|
NIC_ClientSecret=$(echo "$_two_values" | cut -d':' -f2-)
|
||||||
|
_debug restored_NIC_ClientID "$NIC_ClientID"
|
||||||
|
_debug restored_NIC_ClientSecret "$NIC_ClientSecret"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$NIC_ClientID" ] || [ -z "$NIC_ClientSecret" ] || [ -z "$NIC_Username" ] || [ -z "$NIC_Password" ]; then
|
||||||
|
NIC_ClientID=""
|
||||||
|
NIC_ClientSecret=""
|
||||||
|
NIC_Username=""
|
||||||
|
NIC_Password=""
|
||||||
|
_err "You must export variables: NIC_ClientID, NIC_ClientSecret, NIC_Username and NIC_Password"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$_need2save" ]; then
|
||||||
|
_saveaccountconf_mutable NIC_ClientID "$NIC_ClientID"
|
||||||
|
_saveaccountconf_mutable NIC_ClientSecret "$NIC_ClientSecret"
|
||||||
|
_saveaccountconf_mutable NIC_Username "$NIC_Username"
|
||||||
|
_saveaccountconf_mutable NIC_Password "$NIC_Password"
|
||||||
|
fi
|
||||||
|
|
||||||
|
NIC_BasicAuth=$(printf "%s:%s" "${NIC_ClientID}" "${NIC_ClientSecret}" | _base64)
|
||||||
|
_debug NIC_BasicAuth "$NIC_BasicAuth"
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
#_nic_get_authtoken [need2save]
|
||||||
_nic_get_authtoken() {
|
_nic_get_authtoken() {
|
||||||
username="$1"
|
_need2save=$1
|
||||||
password="$2"
|
|
||||||
token="$3"
|
if ! _nic_get_auth_elements "$_need2save"; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
_info "Getting NIC auth token"
|
_info "Getting NIC auth token"
|
||||||
|
|
||||||
export _H1="Authorization: Basic $token"
|
export _H1="Authorization: Basic ${NIC_BasicAuth}"
|
||||||
export _H2="Content-Type: application/x-www-form-urlencoded"
|
export _H2="Content-Type: application/x-www-form-urlencoded"
|
||||||
|
|
||||||
res=$(_post "grant_type=password&username=$username&password=$password&scope=%28GET%7CPUT%7CPOST%7CDELETE%29%3A%2Fdns-master%2F.%2B" "$NIC_Api/oauth/token" "" "POST")
|
res=$(_post "grant_type=password&username=${NIC_Username}&password=${NIC_Password}&scope=%28GET%7CPUT%7CPOST%7CDELETE%29%3A%2Fdns-master%2F.%2B" "$NIC_Api/oauth/token" "" "POST")
|
||||||
if _contains "$res" "access_token"; then
|
if _contains "$res" "access_token"; then
|
||||||
_auth_token=$(printf "%s" "$res" | cut -d , -f2 | tr -d "\"" | sed "s/access_token://")
|
_auth_token=$(printf "%s" "$res" | cut -d , -f2 | tr -d "\"" | sed "s/access_token://")
|
||||||
_info "Token received"
|
_info "Token received"
|
||||||
@ -146,7 +166,7 @@ _get_root() {
|
|||||||
if _contains "$_all_domains" "^$h$"; then
|
if _contains "$_all_domains" "^$h$"; then
|
||||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||||
_domain=$h
|
_domain=$h
|
||||||
_service=$(printf "%s" "$response" | grep "$_domain" | sed -r "s/.*service=\"(.*)\".*$/\1/")
|
_service=$(printf "%s" "$response" | grep "idn-name=\"$_domain\"" | sed -r "s/.*service=\"(.*)\".*$/\1/")
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
p="$i"
|
p="$i"
|
||||||
|
@ -52,7 +52,7 @@ dns_unoeuro_add() {
|
|||||||
fi
|
fi
|
||||||
_info "Adding record"
|
_info "Adding record"
|
||||||
|
|
||||||
if _uno_rest POST "my/products/$h/dns/records" "{\"name\":\"$fulldomain\",\"type\":\"TXT\",\"data\":\"$txtvalue\",\"ttl\":120}"; then
|
if _uno_rest POST "my/products/$h/dns/records" "{\"name\":\"$fulldomain\",\"type\":\"TXT\",\"data\":\"$txtvalue\",\"ttl\":120,\"priority\":0}"; then
|
||||||
if _contains "$response" "\"status\": 200" >/dev/null; then
|
if _contains "$response" "\"status\": 200" >/dev/null; then
|
||||||
_info "Added, OK"
|
_info "Added, OK"
|
||||||
return 0
|
return 0
|
||||||
|
@ -136,10 +136,10 @@ _get_root() {
|
|||||||
if [ -z "$h" ]; then
|
if [ -z "$h" ]; then
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
if ! _zone_rest GET "dns/$h/a"; then
|
if ! _zone_rest GET "dns/$h"; then
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
|
if _contains "$response" "\"identificator\":\"$h\"" >/dev/null; then
|
||||||
_domain=$h
|
_domain=$h
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user