mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-25 06:31:42 +00:00
Merge remote-tracking branch 'upstream/dev' into dev
This commit is contained in:
commit
e4e60ed654
@ -309,6 +309,7 @@ You don't have to do anything manually!
|
|||||||
1. Gandi LiveDNS API
|
1. Gandi LiveDNS API
|
||||||
1. Knot DNS API
|
1. Knot DNS API
|
||||||
1. DigitalOcean API (native)
|
1. DigitalOcean API (native)
|
||||||
|
1. ClouDNS.net API
|
||||||
|
|
||||||
**More APIs coming soon...**
|
**More APIs coming soon...**
|
||||||
|
|
||||||
|
5
acme.sh
5
acme.sh
@ -3477,7 +3477,10 @@ issue() {
|
|||||||
if [ ! "$usingApache" ]; then
|
if [ ! "$usingApache" ]; then
|
||||||
if webroot_owner=$(_stat "$_currentRoot"); then
|
if webroot_owner=$(_stat "$_currentRoot"); then
|
||||||
_debug "Changing owner/group of .well-known to $webroot_owner"
|
_debug "Changing owner/group of .well-known to $webroot_owner"
|
||||||
chown -R "$webroot_owner" "$_currentRoot/.well-known"
|
if ! _exec "chown -R \"$webroot_owner\" \"$_currentRoot/.well-known\""; then
|
||||||
|
_debug "$(cat "$_EXEC_TEMP_ERR")"
|
||||||
|
_exec_err >/dev/null 2>&1
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
_debug "not chaning owner/group of webroot"
|
_debug "not chaning owner/group of webroot"
|
||||||
fi
|
fi
|
||||||
|
@ -407,6 +407,20 @@ Ok, let's issue a cert now:
|
|||||||
acme.sh --issue --dns dns_dgon -d example.com -d www.example.com
|
acme.sh --issue --dns dns_dgon -d example.com -d www.example.com
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## 21. Use ClouDNS.net API
|
||||||
|
|
||||||
|
You need to set the HTTP API user ID and password credentials. See: https://www.cloudns.net/wiki/article/42/
|
||||||
|
|
||||||
|
```
|
||||||
|
export CLOUDNS_AUTH_ID=XXXXX
|
||||||
|
export CLOUDNS_AUTH_PASSWORD="YYYYYYYYY"
|
||||||
|
```
|
||||||
|
|
||||||
|
Ok, let's issue a cert now:
|
||||||
|
```
|
||||||
|
acme.sh --issue --dns dns_cloudns -d example.com -d www.example.com
|
||||||
|
```
|
||||||
|
|
||||||
# Use custom API
|
# Use custom API
|
||||||
|
|
||||||
If your API is not supported yet, you can write your own DNS API.
|
If your API is not supported yet, you can write your own DNS API.
|
||||||
|
@ -143,7 +143,7 @@ aws_rest() {
|
|||||||
CanonicalHeaders="host:$aws_host\nx-amz-date:$RequestDate\n"
|
CanonicalHeaders="host:$aws_host\nx-amz-date:$RequestDate\n"
|
||||||
SignedHeaders="host;x-amz-date"
|
SignedHeaders="host;x-amz-date"
|
||||||
if [ -n "$AWS_SESSION_TOKEN" ]; then
|
if [ -n "$AWS_SESSION_TOKEN" ]; then
|
||||||
export _H2="x-amz-security-token: $AWS_SESSION_TOKEN"
|
export _H3="x-amz-security-token: $AWS_SESSION_TOKEN"
|
||||||
CanonicalHeaders="${CanonicalHeaders}x-amz-security-token:$AWS_SESSION_TOKEN\n"
|
CanonicalHeaders="${CanonicalHeaders}x-amz-security-token:$AWS_SESSION_TOKEN\n"
|
||||||
SignedHeaders="${SignedHeaders};x-amz-security-token"
|
SignedHeaders="${SignedHeaders};x-amz-security-token"
|
||||||
fi
|
fi
|
||||||
@ -204,8 +204,8 @@ aws_rest() {
|
|||||||
Authorization="$Algorithm Credential=$AWS_ACCESS_KEY_ID/$CredentialScope, SignedHeaders=$SignedHeaders, Signature=$signature"
|
Authorization="$Algorithm Credential=$AWS_ACCESS_KEY_ID/$CredentialScope, SignedHeaders=$SignedHeaders, Signature=$signature"
|
||||||
_debug2 Authorization "$Authorization"
|
_debug2 Authorization "$Authorization"
|
||||||
|
|
||||||
_H3="Authorization: $Authorization"
|
_H2="Authorization: $Authorization"
|
||||||
_debug _H3 "$_H3"
|
_debug _H2 "$_H2"
|
||||||
|
|
||||||
url="$AWS_URL/$ep"
|
url="$AWS_URL/$ep"
|
||||||
|
|
||||||
|
170
dnsapi/dns_cloudns.sh
Executable file
170
dnsapi/dns_cloudns.sh
Executable file
@ -0,0 +1,170 @@
|
|||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
# Author: Boyan Peychev <boyan at cloudns dot net>
|
||||||
|
# Repository: https://github.com/ClouDNS/acme.sh/
|
||||||
|
|
||||||
|
#CLOUDNS_AUTH_ID=XXXXX
|
||||||
|
#CLOUDNS_AUTH_PASSWORD="YYYYYYYYY"
|
||||||
|
CLOUDNS_API="https://api.cloudns.net"
|
||||||
|
|
||||||
|
######## Public functions #####################
|
||||||
|
|
||||||
|
#Usage: dns_cloudns_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_cloudns_add() {
|
||||||
|
_info "Using cloudns"
|
||||||
|
|
||||||
|
if ! _dns_cloudns_init_check; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
zone="$(_dns_cloudns_get_zone_name "$1")"
|
||||||
|
if [ -z "$zone" ]; then
|
||||||
|
_err "Missing DNS zone at ClouDNS. Please log into your control panel and create the required DNS zone for the initial setup."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
host="$(echo "$1" | sed "s/\.$zone\$//")"
|
||||||
|
record=$2
|
||||||
|
record_id=$(_dns_cloudns_get_record_id "$zone" "$host")
|
||||||
|
|
||||||
|
_debug zone "$zone"
|
||||||
|
_debug host "$host"
|
||||||
|
_debug record "$record"
|
||||||
|
_debug record_id "$record_id"
|
||||||
|
|
||||||
|
if [ -z "$record_id" ]; then
|
||||||
|
_info "Adding the TXT record for $1"
|
||||||
|
_dns_cloudns_http_api_call "dns/add-record.json" "domain-name=$zone&record-type=TXT&host=$host&record=$record&ttl=60"
|
||||||
|
if ! _contains "$response" "\"status\":\"Success\""; then
|
||||||
|
_err "Record cannot be added."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_info "Added."
|
||||||
|
else
|
||||||
|
_info "Updating the TXT record for $1"
|
||||||
|
_dns_cloudns_http_api_call "dns/mod-record.json" "domain-name=$zone&record-id=$record_id&record-type=TXT&host=$host&record=$record&ttl=60"
|
||||||
|
if ! _contains "$response" "\"status\":\"Success\""; then
|
||||||
|
_err "The TXT record for $1 cannot be updated."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_info "Updated."
|
||||||
|
fi
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#Usage: dns_cloudns_rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||||
|
dns_cloudns_rm() {
|
||||||
|
_info "Using cloudns"
|
||||||
|
|
||||||
|
if ! _dns_cloudns_init_check; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$zone" ]; then
|
||||||
|
zone="$(_dns_cloudns_get_zone_name "$1")"
|
||||||
|
if [ -z "$zone" ]; then
|
||||||
|
_err "Missing DNS zone at ClouDNS. Please log into your control panel and create the required DNS zone for the initial setup."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
host="$(echo "$1" | sed "s/\.$zone\$//")"
|
||||||
|
record=$2
|
||||||
|
record_id=$(_dns_cloudns_get_record_id "$zone" "$host")
|
||||||
|
|
||||||
|
_debug zone "$zone"
|
||||||
|
_debug host "$host"
|
||||||
|
_debug record "$record"
|
||||||
|
_debug record_id "$record_id"
|
||||||
|
|
||||||
|
if [ ! -z "$record_id" ]; then
|
||||||
|
_info "Deleting the TXT record for $1"
|
||||||
|
_dns_cloudns_http_api_call "dns/delete-record.json" "domain-name=$zone&record-id=$record_id"
|
||||||
|
if ! _contains "$response" "\"status\":\"Success\""; then
|
||||||
|
_err "The TXT record for $1 cannot be deleted."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
_info "Deleted."
|
||||||
|
fi
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
#################### Private functions below ##################################
|
||||||
|
_dns_cloudns_init_check() {
|
||||||
|
if [ ! -z "$CLOUDNS_INIT_CHECK_COMPLETED" ]; then
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$CLOUDNS_AUTH_ID" ]; then
|
||||||
|
_err "CLOUDNS_AUTH_ID is not configured"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "$CLOUDNS_AUTH_PASSWORD" ]; then
|
||||||
|
_err "CLOUDNS_AUTH_PASSWORD is not configured"
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_dns_cloudns_http_api_call "dns/login.json" ""
|
||||||
|
|
||||||
|
if ! _contains "$response" "\"status\":\"Success\""; then
|
||||||
|
_err "Invalid CLOUDNS_AUTH_ID or CLOUDNS_AUTH_PASSWORD. Please check your login credentials."
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
CLOUDNS_INIT_CHECK_COMPLETED=1
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
_dns_cloudns_get_zone_name() {
|
||||||
|
i=2
|
||||||
|
while true; do
|
||||||
|
zoneForCheck=$(printf "%s" "$1" | cut -d . -f $i-100)
|
||||||
|
|
||||||
|
if [ -z "$zoneForCheck" ]; then
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
_debug zoneForCheck "$zoneForCheck"
|
||||||
|
|
||||||
|
_dns_cloudns_http_api_call "dns/get-zone-info.json" "domain-name=$zoneForCheck"
|
||||||
|
|
||||||
|
if ! _contains "$response" "\"status\":\"Failed\""; then
|
||||||
|
echo "$zoneForCheck"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
i=$(_math "$i" + 1)
|
||||||
|
done
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_dns_cloudns_get_record_id() {
|
||||||
|
_dns_cloudns_http_api_call "dns/records.json" "domain-name=$1&host=$2&type=TXT"
|
||||||
|
if _contains "$response" "\"id\":"; then
|
||||||
|
echo "$response" | cut -d '"' -f 2
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
return 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_dns_cloudns_http_api_call() {
|
||||||
|
method=$1
|
||||||
|
|
||||||
|
_debug CLOUDNS_AUTH_ID "$CLOUDNS_AUTH_ID"
|
||||||
|
_debug CLOUDNS_AUTH_PASSWORD "$CLOUDNS_AUTH_PASSWORD"
|
||||||
|
|
||||||
|
if [ -z "$2" ]; then
|
||||||
|
data="auth-id=$CLOUDNS_AUTH_ID&auth-password=$CLOUDNS_AUTH_PASSWORD"
|
||||||
|
else
|
||||||
|
data="auth-id=$CLOUDNS_AUTH_ID&auth-password=$CLOUDNS_AUTH_PASSWORD&$2"
|
||||||
|
fi
|
||||||
|
|
||||||
|
response="$(_get "$CLOUDNS_API/$method?$data")"
|
||||||
|
|
||||||
|
_debug2 response "$response"
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user