mirror of
https://github.com/plantroon/acme.sh.git
synced 2024-12-25 06:31:42 +00:00
commit
7e2af8364f
17
acme.sh
17
acme.sh
@ -166,7 +166,14 @@ _syslog() {
|
||||
fi
|
||||
_logclass="$1"
|
||||
shift
|
||||
logger -i -t "$PROJECT_NAME" -p "$_logclass" "$(_printargs "$@")" >/dev/null 2>&1
|
||||
if [ -z "$__logger_i" ]; then
|
||||
if _contains "$(logger --help 2>&1)" "-i"; then
|
||||
__logger_i="logger -i"
|
||||
else
|
||||
__logger_i="logger"
|
||||
fi
|
||||
fi
|
||||
$__logger_i -t "$PROJECT_NAME" -p "$_logclass" "$(_printargs "$@")" >/dev/null 2>&1
|
||||
}
|
||||
|
||||
_log() {
|
||||
@ -2617,10 +2624,10 @@ _checkConf() {
|
||||
_isRealNginxConf() {
|
||||
_debug "_isRealNginxConf $1 $2"
|
||||
if [ -f "$2" ]; then
|
||||
for _fln in $(grep -n "^ *server_name.* $1" "$2" | cut -d : -f 1); do
|
||||
for _fln in $(tr "\t" ' ' <"$2" | grep -n "^ *server_name.* $1" | cut -d : -f 1); do
|
||||
_debug _fln "$_fln"
|
||||
if [ "$_fln" ]; then
|
||||
_start=$(cat "$2" | _head_n "$_fln" | grep -n "^ *server *{" | _tail_n 1)
|
||||
_start=$(tr "\t" ' ' <"$2" | _head_n "$_fln" | grep -n "^ *server *{" | _tail_n 1)
|
||||
_debug "_start" "$_start"
|
||||
_start_n=$(echo "$_start" | cut -d : -f 1)
|
||||
_start_nn=$(_math $_start_n + 1)
|
||||
@ -2629,8 +2636,8 @@ _isRealNginxConf() {
|
||||
|
||||
_left="$(sed -n "${_start_nn},99999p" "$2")"
|
||||
_debug2 _left "$_left"
|
||||
if echo "$_left" | grep -n "^ *server *{" >/dev/null; then
|
||||
_end=$(echo "$_left" | grep -n "^ *server *{" | _head_n 1)
|
||||
if echo "$_left" | tr "\t" ' ' | grep -n "^ *server *{" >/dev/null; then
|
||||
_end=$(echo "$_left" | tr "\t" ' ' | grep -n "^ *server *{" | _head_n 1)
|
||||
_debug "_end" "$_end"
|
||||
_end_n=$(echo "$_end" | cut -d : -f 1)
|
||||
_debug "_end_n" "$_end_n"
|
||||
|
@ -452,6 +452,22 @@ Ok, let's issue a cert now:
|
||||
acme.sh --issue --dns dns_vscale -d example.com -d www.example.com
|
||||
```
|
||||
|
||||
## 24. Use Dynu API
|
||||
|
||||
First you need to create/obtain API credentials from your Dynu account. See: https://www.dynu.com/resources/api/documentation
|
||||
|
||||
```
|
||||
export Dynu_ClientId="xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
|
||||
export Dynu_Secret="yyyyyyyyyyyyyyyyyyyyyyyyy"
|
||||
```
|
||||
|
||||
Ok, let's issue a cert now:
|
||||
```
|
||||
acme.sh --issue --dns dns_dynu -d example.com -d www.example.com
|
||||
```
|
||||
|
||||
The `Dynu_ClientId` and `Dynu_Secret` will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
|
||||
|
||||
|
||||
# Use custom API
|
||||
|
||||
|
216
dnsapi/dns_dynu.sh
Normal file
216
dnsapi/dns_dynu.sh
Normal file
@ -0,0 +1,216 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
#Client ID
|
||||
#Dynu_ClientId="0b71cae7-a099-4f6b-8ddf-94571cdb760d"
|
||||
#
|
||||
#Secret
|
||||
#Dynu_Secret="aCUEY4BDCV45KI8CSIC3sp2LKQ9"
|
||||
#
|
||||
#Token
|
||||
Dynu_Token=""
|
||||
#
|
||||
#Endpoint
|
||||
Dynu_EndPoint="https://api.dynu.com/v1"
|
||||
#
|
||||
#Author: Dynu Systems, Inc.
|
||||
#Report Bugs here: https://github.com/shar0119/acme.sh
|
||||
#
|
||||
######## Public functions #####################
|
||||
|
||||
#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
dns_dynu_add() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
if [ -z "$Dynu_ClientId" ] || [ -z "$Dynu_Secret" ]; then
|
||||
Dynu_ClientId=""
|
||||
Dynu_Secret=""
|
||||
_err "Dynu client id and secret is not specified."
|
||||
_err "Please create you API client id and secret and try again."
|
||||
return 1
|
||||
fi
|
||||
|
||||
#save the client id and secret to the account conf file.
|
||||
_saveaccountconf Dynu_ClientId "$Dynu_ClientId"
|
||||
_saveaccountconf Dynu_Secret "$Dynu_Secret"
|
||||
|
||||
if [ -z "$Dynu_Token" ]; then
|
||||
_info "Getting Dynu token."
|
||||
if ! _dynu_authentication; then
|
||||
_err "Can not get token."
|
||||
fi
|
||||
fi
|
||||
|
||||
_debug "Detect root zone"
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "Invalid domain."
|
||||
return 1
|
||||
fi
|
||||
|
||||
_debug _node "$_node"
|
||||
_debug _domain_name "$_domain_name"
|
||||
|
||||
_info "Creating TXT record."
|
||||
if ! _dynu_rest POST "dns/record/add" "{\"domain_name\":\"$_domain_name\",\"node_name\":\"$_node\",\"record_type\":\"TXT\",\"text_data\":\"$txtvalue\",\"state\":true,\"ttl\":90}"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _contains "$response" "text_data"; then
|
||||
_err "Could not add TXT record."
|
||||
return 1
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
#Usage: rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
|
||||
dns_dynu_rm() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
if [ -z "$Dynu_ClientId" ] || [ -z "$Dynu_Secret" ]; then
|
||||
Dynu_ClientId=""
|
||||
Dynu_Secret=""
|
||||
_err "Dynu client id and secret is not specified."
|
||||
_err "Please create you API client id and secret and try again."
|
||||
return 1
|
||||
fi
|
||||
|
||||
#save the client id and secret to the account conf file.
|
||||
_saveaccountconf Dynu_ClientId "$Dynu_ClientId"
|
||||
_saveaccountconf Dynu_Secret "$Dynu_Secret"
|
||||
|
||||
if [ -z "$Dynu_Token" ]; then
|
||||
_info "Getting Dynu token."
|
||||
if ! _dynu_authentication; then
|
||||
_err "Can not get token."
|
||||
fi
|
||||
fi
|
||||
|
||||
_debug "Detect root zone."
|
||||
if ! _get_root "$fulldomain"; then
|
||||
_err "Invalid domain."
|
||||
return 1
|
||||
fi
|
||||
|
||||
_debug _node "$_node"
|
||||
_debug _domain_name "$_domain_name"
|
||||
|
||||
_info "Checking for TXT record."
|
||||
if ! _get_recordid "$fulldomain" "$txtvalue"; then
|
||||
_err "Could not get TXT record id."
|
||||
return 1
|
||||
fi
|
||||
|
||||
if [ "$_dns_record_id" = "" ]; then
|
||||
_err "TXT record not found."
|
||||
return 1
|
||||
fi
|
||||
|
||||
_info "Removing TXT record."
|
||||
if ! _delete_txt_record "$_dns_record_id"; then
|
||||
_err "Could not remove TXT record $_dns_record_id."
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
######## Private functions below ##################################
|
||||
#_acme-challenge.www.domain.com
|
||||
#returns
|
||||
# _node=_acme-challenge.www
|
||||
# _domain_name=domain.com
|
||||
_get_root() {
|
||||
domain=$1
|
||||
if ! _dynu_rest GET "dns/getroot/$domain"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _contains "$response" "domain_name"; then
|
||||
_debug "Domain name not found."
|
||||
return 1
|
||||
fi
|
||||
|
||||
_domain_name=$(printf "%s" "$response" | tr -d "{}" | cut -d , -f 1 | cut -d : -f 2 | cut -d '"' -f 2)
|
||||
_node=$(printf "%s" "$response" | tr -d "{}" | cut -d , -f 3 | cut -d : -f 2 | cut -d '"' -f 2)
|
||||
return 0
|
||||
}
|
||||
|
||||
_get_recordid() {
|
||||
fulldomain=$1
|
||||
txtvalue=$2
|
||||
|
||||
if ! _dynu_rest GET "dns/record/get?hostname=$fulldomain&rrtype=TXT"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _contains "$response" "$txtvalue"; then
|
||||
_dns_record_id=0
|
||||
return 0
|
||||
fi
|
||||
|
||||
_dns_record_id=$(printf "%s" "$response" | _egrep_o "{[^}]*}" | grep "\"text_data\":\"$txtvalue\"" | _egrep_o ",[^,]*," | grep ',"id":' | tr -d ",," | cut -d : -f 2)
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
_delete_txt_record() {
|
||||
_dns_record_id=$1
|
||||
|
||||
if ! _dynu_rest GET "dns/record/delete/$_dns_record_id"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if ! _contains "$response" "true"; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
_dynu_rest() {
|
||||
m=$1
|
||||
ep="$2"
|
||||
data="$3"
|
||||
_debug "$ep"
|
||||
|
||||
export _H1="Authorization: Bearer $Dynu_Token"
|
||||
export _H2="Content-Type: application/json"
|
||||
|
||||
if [ "$data" ]; then
|
||||
_debug data "$data"
|
||||
response="$(_post "$data" "$Dynu_EndPoint/$ep" "" "$m")"
|
||||
else
|
||||
_info "Getting $Dynu_EndPoint/$ep"
|
||||
response="$(_get "$Dynu_EndPoint/$ep")"
|
||||
fi
|
||||
|
||||
if [ "$?" != "0" ]; then
|
||||
_err "error $ep"
|
||||
return 1
|
||||
fi
|
||||
_debug2 response "$response"
|
||||
return 0
|
||||
}
|
||||
|
||||
_dynu_authentication() {
|
||||
realm="$(printf "%s" "$Dynu_ClientId:$Dynu_Secret" | _base64)"
|
||||
|
||||
export _H1="Authorization: Basic $realm"
|
||||
export _H2="Content-Type: application/json"
|
||||
|
||||
response="$(_get "$Dynu_EndPoint/oauth2/token")"
|
||||
if [ "$?" != "0" ]; then
|
||||
_err "Authentication failed."
|
||||
return 1
|
||||
fi
|
||||
if _contains "$response" "accessToken"; then
|
||||
Dynu_Token=$(printf "%s" "$response" | tr -d "[]" | cut -d , -f 2 | cut -d : -f 2 | cut -d '"' -f 2)
|
||||
fi
|
||||
if _contains "$Dynu_Token" "null"; then
|
||||
Dynu_Token=""
|
||||
fi
|
||||
|
||||
_debug2 response "$response"
|
||||
return 0
|
||||
}
|
Loading…
Reference in New Issue
Block a user