mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-11-09 16:01:46 +00:00
commit
ad2a3d603e
@ -348,6 +348,7 @@ You don't have to do anything manually!
|
||||
1. hosting.de (https://www.hosting.de)
|
||||
1. Neodigit.net API (https://www.neodigit.net)
|
||||
1. Exoscale.com API (https://www.exoscale.com/)
|
||||
1. PointDNS API (https://pointhq.com/)
|
||||
|
||||
And:
|
||||
|
||||
|
11
acme.sh
11
acme.sh
@ -2921,7 +2921,10 @@ _clearup() {
|
||||
|
||||
_clearupdns() {
|
||||
_debug "_clearupdns"
|
||||
if [ "$dnsadded" != 1 ] || [ -z "$vlist" ]; then
|
||||
_debug "dnsadded" "$dnsadded"
|
||||
_debug "vlist" "$vlist"
|
||||
#dnsadded is "0" or "1" means dns-01 method was used for at least one domain
|
||||
if [ -z "$dnsadded" ] || [ -z "$vlist" ]; then
|
||||
_debug "skip dns."
|
||||
return
|
||||
fi
|
||||
@ -3854,8 +3857,8 @@ $_authorizations_map"
|
||||
)
|
||||
|
||||
if [ "$?" != "0" ]; then
|
||||
_clearup
|
||||
_on_issue_err "$_post_hook" "$vlist"
|
||||
_clearup
|
||||
return 1
|
||||
fi
|
||||
dnsadded='1'
|
||||
@ -3866,8 +3869,8 @@ $_authorizations_map"
|
||||
_savedomainconf "Le_Vlist" "$vlist"
|
||||
_debug "Dns record not added yet, so, save to $DOMAIN_CONF and exit."
|
||||
_err "Please add the TXT records to the domains, and re-run with --renew."
|
||||
_clearup
|
||||
_on_issue_err "$_post_hook"
|
||||
_clearup
|
||||
return 1
|
||||
fi
|
||||
|
||||
@ -3901,7 +3904,7 @@ $_authorizations_map"
|
||||
continue
|
||||
fi
|
||||
|
||||
_info "Verifying:$d"
|
||||
_info "Verifying: $d"
|
||||
_debug "d" "$d"
|
||||
_debug "keyauthorization" "$keyauthorization"
|
||||
_debug "uri" "$uri"
|
||||
|
@ -1127,6 +1127,18 @@ acme.sh --issue --dns dns_exoscale -d example.com -d www.example.com
|
||||
|
||||
The `EXOSCALE_API_KEY` and `EXOSCALE_SECRET_KEY` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
|
||||
|
||||
## 58. Using PointHQ API to issue certs
|
||||
|
||||
Log into [PointHQ account management](https://app.pointhq.com/profile) and copy the API key from the page there.
|
||||
|
||||
```export PointHQ_Key="apikeystringgoeshere"
|
||||
exportPointHQ_Email="accountemail@yourdomain.com"
|
||||
```
|
||||
|
||||
You can then issue certs by using:
|
||||
```acme.sh --issue --dns dns_pointhq -d example.com -d www.example.com
|
||||
```
|
||||
|
||||
# Use custom API
|
||||
|
||||
If your API is not supported yet, you can write your own DNS API.
|
||||
|
@ -158,7 +158,8 @@ _inwx_login() {
|
||||
export _H1
|
||||
|
||||
#https://github.com/inwx/php-client/blob/master/INWX/Domrobot.php#L71
|
||||
if _contains "$response" "tfa"; then
|
||||
if _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>" \
|
||||
&& _contains "$response" "<member><name>tfa</name><value><string>GOOGLE-AUTH</string></value></member>"; then
|
||||
if [ -z "$INWX_Shared_Secret" ]; then
|
||||
_err "Mobile TAN detected."
|
||||
_err "Please define a shared secret."
|
||||
|
@ -161,12 +161,12 @@ _namecheap_parse_host() {
|
||||
_host=$1
|
||||
_debug _host "$_host"
|
||||
|
||||
_hostid=$(echo "$_host" | _egrep_o '\sHostId="[^"]*' | cut -d '"' -f 2)
|
||||
_hostname=$(echo "$_host" | _egrep_o '\sName="[^"]*' | cut -d '"' -f 2)
|
||||
_hosttype=$(echo "$_host" | _egrep_o '\sType="[^"]*' | cut -d '"' -f 2)
|
||||
_hostaddress=$(echo "$_host" | _egrep_o '\sAddress="[^"]*' | cut -d '"' -f 2)
|
||||
_hostmxpref=$(echo "$_host" | _egrep_o '\sMXPref="[^"]*' | cut -d '"' -f 2)
|
||||
_hostttl=$(echo "$_host" | _egrep_o '\sTTL="[^"]*' | cut -d '"' -f 2)
|
||||
_hostid=$(echo "$_host" | _egrep_o ' HostId="[^"]*' | cut -d '"' -f 2)
|
||||
_hostname=$(echo "$_host" | _egrep_o ' Name="[^"]*' | cut -d '"' -f 2)
|
||||
_hosttype=$(echo "$_host" | _egrep_o ' Type="[^"]*' | cut -d '"' -f 2)
|
||||
_hostaddress=$(echo "$_host" | _egrep_o ' Address="[^"]*' | cut -d '"' -f 2)
|
||||
_hostmxpref=$(echo "$_host" | _egrep_o ' MXPref="[^"]*' | cut -d '"' -f 2)
|
||||
_hostttl=$(echo "$_host" | _egrep_o ' TTL="[^"]*' | cut -d '"' -f 2)
|
||||
|
||||
_debug hostid "$_hostid"
|
||||
_debug hostname "$_hostname"
|
||||
|
164
dnsapi/dns_pointhq.sh
Normal file
164
dnsapi/dns_pointhq.sh
Normal file
@ -0,0 +1,164 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
#
|
||||
#PointHQ_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
|
||||
#
|
||||
#PointHQ_Email="xxxx@sss.com"
|
||||
|
||||
PointHQ_Api="https://api.pointhq.com"
|
||||
|
||||
######## Public functions #####################
|
||||
|
||||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
dns_pointhq_add() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}"
|
||||
PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}"
|
||||
if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then
|
||||
PointHQ_Key=""
|
||||
PointHQ_Email=""
|
||||
_err "You didn't specify a PointHQ API key and email yet."
|
||||
_err "Please create the key and try again."
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _contains "$PointHQ_Email" "@"; then
|
||||
_err "It seems that the PointHQ_Email=$PointHQ_Email is not a valid email address."
|
||||
_err "Please check and retry."
|
||||
return 1
|
||||
fi
|
||||
|
||||
#save the api key and email to the account conf file.
|
||||
_saveaccountconf_mutable PointHQ_Key "$PointHQ_Key"
|
||||
_saveaccountconf_mutable PointHQ_Email "$PointHQ_Email"
|
||||
|
||||
_debug "First detect the root zone"
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "invalid domain"
|
||||
return 1
|
||||
fi
|
||||
_debug _sub_domain "$_sub_domain"
|
||||
_debug _domain "$_domain"
|
||||
|
||||
_info "Adding record"
|
||||
if _pointhq_rest POST "zones/$_domain/records" "{\"zone_record\": {\"name\":\"$_sub_domain\",\"record_type\":\"TXT\",\"data\":\"$txtvalue\",\"ttl\":3600}}"; then
|
||||
if printf -- "%s" "$response" | grep "$fulldomain" >/dev/null; then
|
||||
_info "Added, OK"
|
||||
return 0
|
||||
else
|
||||
_err "Add txt record error."
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
_err "Add txt record error."
|
||||
return 1
|
||||
}
|
||||
|
||||
#fulldomain txtvalue
|
||||
dns_pointhq_rm() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
PointHQ_Key="${PointHQ_Key:-$(_readaccountconf_mutable PointHQ_Key)}"
|
||||
PointHQ_Email="${PointHQ_Email:-$(_readaccountconf_mutable PointHQ_Email)}"
|
||||
if [ -z "$PointHQ_Key" ] || [ -z "$PointHQ_Email" ]; then
|
||||
PointHQ_Key=""
|
||||
PointHQ_Email=""
|
||||
_err "You didn't specify a PointHQ API key and email yet."
|
||||
_err "Please create the key and try again."
|
||||
return 1
|
||||
fi
|
||||
|
||||
_debug "First detect the root zone"
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "invalid domain"
|
||||
return 1
|
||||
fi
|
||||
_debug _sub_domain "$_sub_domain"
|
||||
_debug _domain "$_domain"
|
||||
|
||||
_debug "Getting txt records"
|
||||
_pointhq_rest GET "zones/${_domain}/records?record_type=TXT&name=$_sub_domain"
|
||||
|
||||
if ! printf "%s" "$response" | grep "^\[" >/dev/null; then
|
||||
_err "Error"
|
||||
return 1
|
||||
fi
|
||||
|
||||
if [ "$response" = "[]" ]; then
|
||||
_info "No records to remove."
|
||||
else
|
||||
record_id=$(printf "%s\n" "$response" | _egrep_o "\"id\":[^,]*" | cut -d : -f 2 | tr -d \" | head -n 1)
|
||||
_debug "record_id" "$record_id"
|
||||
if [ -z "$record_id" ]; then
|
||||
_err "Can not get record id to remove."
|
||||
return 1
|
||||
fi
|
||||
if ! _pointhq_rest DELETE "zones/$_domain/records/$record_id"; then
|
||||
_err "Delete record error."
|
||||
return 1
|
||||
fi
|
||||
_contains "$response" '"status":"OK"'
|
||||
fi
|
||||
}
|
||||
|
||||
#################### Private functions below ##################################
|
||||
#_acme-challenge.www.domain.com
|
||||
#returns
|
||||
# _sub_domain=_acme-challenge.www
|
||||
# _domain=domain.com
|
||||
_get_root() {
|
||||
domain=$1
|
||||
i=2
|
||||
p=1
|
||||
while true; do
|
||||
h=$(printf "%s" "$domain" | cut -d . -f $i-100)
|
||||
_debug h "$h"
|
||||
if [ -z "$h" ]; then
|
||||
#not valid
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _pointhq_rest GET "zones"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
|
||||
_sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
|
||||
_domain=$h
|
||||
return 0
|
||||
fi
|
||||
p=$i
|
||||
i=$(_math "$i" + 1)
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
_pointhq_rest() {
|
||||
m=$1
|
||||
ep="$2"
|
||||
data="$3"
|
||||
_debug "$ep"
|
||||
|
||||
_pointhq_auth=$(printf "%s:%s" "$PointHQ_Email" "$PointHQ_Key" | _base64)
|
||||
|
||||
export _H1="Authorization: Basic $_pointhq_auth"
|
||||
export _H2="Content-Type: application/json"
|
||||
export _H3="Accept: application/json"
|
||||
|
||||
if [ "$m" != "GET" ]; then
|
||||
_debug data "$data"
|
||||
response="$(_post "$data" "$PointHQ_Api/$ep" "" "$m")"
|
||||
else
|
||||
response="$(_get "$PointHQ_Api/$ep")"
|
||||
fi
|
||||
|
||||
if [ "$?" != "0" ]; then
|
||||
_err "error $ep"
|
||||
return 1
|
||||
fi
|
||||
_debug2 response "$response"
|
||||
return 0
|
||||
}
|
Loading…
Reference in New Issue
Block a user