]>
Commit | Line | Data |
---|---|---|
b8f4fa35 MB |
1 | #!/usr/bin/env sh |
2 | ||
68142c98 MB |
3 | ## Acmeproxy DNS provider to be used with acmeproxy (http://github.com/mdbraber/acmeproxy) |
4 | ## API integration by Maarten den Braber | |
b8f4fa35 | 5 | ## |
68142c98 | 6 | ## Report any bugs via https://github.com/mdbraber/acme.sh |
b8f4fa35 MB |
7 | |
8 | dns_acmeproxy_add() { | |
9 | fulldomain="${1}" | |
10 | txtvalue="${2}" | |
11 | action="present" | |
12 | ||
13 | _debug "Calling: _acmeproxy_request() '${fulldomain}' '${txtvalue}' '${action}'" | |
585ef998 | 14 | _acmeproxy_request "$fulldomain" "$txtvalue" "$action" |
b8f4fa35 MB |
15 | } |
16 | ||
17 | dns_acmeproxy_rm() { | |
18 | fulldomain="${1}" | |
19 | txtvalue="${2}" | |
20 | action="cleanup" | |
21 | ||
22 | _debug "Calling: _acmeproxy_request() '${fulldomain}' '${txtvalue}' '${action}'" | |
585ef998 | 23 | _acmeproxy_request "$fulldomain" "$txtvalue" "$action" |
b8f4fa35 MB |
24 | } |
25 | ||
26 | _acmeproxy_request() { | |
27 | ||
28 | ## Nothing to see here, just some housekeeping | |
29 | fulldomain=$1 | |
30 | txtvalue=$2 | |
31 | action=$3 | |
32 | ||
33 | _info "Using acmeproxy" | |
34 | _debug fulldomain "$fulldomain" | |
35 | _debug txtvalue "$txtvalue" | |
36 | ||
37 | ACMEPROXY_ENDPOINT="${ACMEPROXY_ENDPOINT:-$(_readaccountconf_mutable ACMEPROXY_ENDPOINT)}" | |
38 | ACMEPROXY_USERNAME="${ACMEPROXY_USERNAME:-$(_readaccountconf_mutable ACMEPROXY_USERNAME)}" | |
39 | ACMEPROXY_PASSWORD="${ACMEPROXY_PASSWORD:-$(_readaccountconf_mutable ACMEPROXY_PASSWORD)}" | |
40 | ||
41 | ## Check for the endpoint | |
585ef998 | 42 | if [ -z "$ACMEPROXY_ENDPOINT" ]; then |
b8f4fa35 MB |
43 | ACMEPROXY_ENDPOINT="" |
44 | _err "You didn't specify the endpoint" | |
45 | _err "Please set them via 'export ACMEPROXY_ENDPOINT=https://ip:port' and try again." | |
46 | return 1 | |
47 | fi | |
48 | ||
b8f4fa35 MB |
49 | ## Save the credentials to the account file |
50 | _saveaccountconf_mutable ACMEPROXY_ENDPOINT "$ACMEPROXY_ENDPOINT" | |
51 | _saveaccountconf_mutable ACMEPROXY_USERNAME "$ACMEPROXY_USERNAME" | |
52 | _saveaccountconf_mutable ACMEPROXY_PASSWORD "$ACMEPROXY_PASSWORD" | |
53 | ||
5e165819 MB |
54 | if [ -z "$ACMEPROXY_USERNAME" ] || [ -z "$ACMEPROXY_PASSWORD" ]; then |
55 | _info "ACMEPROXY_USERNAME and/or ACMEPROXY_PASSWORD not set - using without client authentication! Make sure you're using server authentication (e.g. IP-based)" | |
56 | export _H1="Accept: application/json" | |
57 | export _H2="Content-Type: application/json" | |
58 | else | |
59 | ## Base64 encode the credentials | |
60 | credentials=$(printf "%b" "$ACMEPROXY_USERNAME:$ACMEPROXY_PASSWORD" | _base64) | |
b8f4fa35 | 61 | |
5e165819 MB |
62 | ## Construct the HTTP Authorization header |
63 | export _H1="Authorization: Basic $credentials" | |
64 | export _H2="Accept: application/json" | |
65 | export _H3="Content-Type: application/json" | |
66 | fi | |
b8f4fa35 MB |
67 | |
68 | ## Add the challenge record to the acmeproxy grid member | |
69 | response="$(_post "{\"fqdn\": \"$fulldomain.\", \"value\": \"$txtvalue\"}" "$ACMEPROXY_ENDPOINT/$action" "" "POST")" | |
70 | ||
71 | ## Let's see if we get something intelligible back from the unit | |
585ef998 | 72 | if echo "$response" | grep "\"$txtvalue\"" >/dev/null; then |
c297aff9 | 73 | _info "Successfully updated the txt record" |
b8f4fa35 MB |
74 | return 0 |
75 | else | |
76 | _err "Error encountered during record addition" | |
77 | _err "$response" | |
78 | return 1 | |
79 | fi | |
80 | ||
81 | } | |
82 | ||
83 | #################### Private functions below ################################## |