Updated to use suggested export _H1 env var to supply Authorization Basic credentials. This undocumented support for Basic Authorization, ContentType, etc. needs to be documented in DNSAPI Dev Guide. Removed two stray debugging lines.
Created _get_root() that tests the requested host is a subdomain to the domains hosted on MailinaBox (MIAB) DNS Server. Created common _miab_rest() used with dns_miab_add(), dns_miab_rm() and _get_root(). Also created barbaric _is_json() to test the response given by the MIAB Custom DNS API at least looks like a JSON file. We should add a hint to use _normalizeJson with JSON responses so _startswith, _endswith won't perplexingly fail.
Ok, should have noticed earlier that the calls to the private function _miab_post() never used the _needbase64_ or the __postContentType parameters. Parameters and code to handle them has been factored out.
Know I'm new to contorting to this project. I i've broke conventions please let me know what I've screwed up and I'll set it right as quickly as possible.
Propose this as a new DNS-01 validation script to dynamically add challenge DNS records to MailinaBox (MIAB) DNS. MIAB uses a custom DNS API to manage external DNS records.
The script was originally written by Darven Dissek and can be found in his repository: https://framagit.org/DarvenDissek/acme.sh-MIAB-DNS-API/). This has been forked and some slight cleanup applied and change shebang to UNIx shell. The forked repository can be found here: https://github.com/billgertz/MIAB_dns_api.
Wrote to Darven but received no reply. Support for this script has been submitted to the OPNsense project via this pull request: https://github.com/opnsense/plugins/pull/1531
* first version dns_rcode0.sh
* fixed URLs for ACME calls
* fixed challenge remove
* read & write Token/URL at rm too
* make info messages debug
* typos fixed
* update rrset only if existing challenge is found
* polish error messages and make "detect root zone" scaleable
* fixed formating issues
* code cleanup, remove some unneeded functions
* removed empty lines
* save rcode0 url only if not default
_egrep_o() function accepts extended regex and on systems that do not have egrep uses sed to emulate egrep.
This is failing on the specific regex I was using before my last commit... ae66c6f0b4
The problem is that I fixed it by passing in non-extended regex which then fails on systems that do have egrep. So I am no longer using _egrep_o.
We have a few domains that ends the same. For example :
iperfony.com
perfony.com
The problem was in the _get_root functions, when getting the domain_id :
only the first result "iperfony.com" was returned, because "perfony.com"
is contained in the "iperfony.com" string.
The correction consist of being strict in the regex, adding a slash (/)
so that it will only match on ".*/(perfony.com).*" and not
".*(perfony.com).*".
The --no-run-if-empty option is a GNU extension and the long version isn't supported by *BSD variants.
Instead use the short version (-r) which is present, but ignored as it is the default behavior, in at least FreeBSD: https://www.freebsd.org/cgi/man.cgi?xargs
MaraDNS is a lightweight self-hosting DNS server. This patch adds
support for adding records to zone files stored on the server in the
format expected by MaraDNS. Path to the file should be exported in
MARA_ZONE_FILE environment variable. To reload the configuration
automatically, the user must provide path to the pid file of duende (the
daemonization tool that ships with MaraDNS) in MARA_DUENDE_PID_PATH
(--pid argument to duende).
