]>
Commit | Line | Data |
---|---|---|
be39ab32 | 1 | #!/usr/bin/env sh |
2 | ||
3 | Ali_API="https://alidns.aliyuncs.com/" | |
4 | ||
5 | #Ali_Key="LTqIA87hOKdjevsf5" | |
6 | #Ali_Secret="0p5EYueFNq501xnCPzKNbx6K51qPH2" | |
7 | ||
8 | #Usage: dns_ali_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
9 | dns_ali_add() { | |
10 | fulldomain=$1 | |
11 | txtvalue=$2 | |
12 | ||
0096ef4d | 13 | Ali_Key="${Ali_Key:-$(_readaccountconf_mutable Ali_Key)}" |
14 | Ali_Secret="${Ali_Secret:-$(_readaccountconf_mutable Ali_Secret)}" | |
be39ab32 | 15 | if [ -z "$Ali_Key" ] || [ -z "$Ali_Secret" ]; then |
16 | Ali_Key="" | |
17 | Ali_Secret="" | |
18 | _err "You don't specify aliyun api key and secret yet." | |
19 | return 1 | |
20 | fi | |
21 | ||
22 | #save the api key and secret to the account conf file. | |
0096ef4d | 23 | _saveaccountconf_mutable Ali_Key "$Ali_Key" |
24 | _saveaccountconf_mutable Ali_Secret "$Ali_Secret" | |
be39ab32 | 25 | |
26 | _debug "First detect the root zone" | |
27 | if ! _get_root "$fulldomain"; then | |
28 | return 1 | |
29 | fi | |
30 | ||
dbd94d04 | 31 | _debug "Add record" |
be39ab32 | 32 | _add_record_query "$_domain" "$_sub_domain" "$txtvalue" && _ali_rest "Add record" |
33 | } | |
34 | ||
35 | dns_ali_rm() { | |
36 | fulldomain=$1 | |
0096ef4d | 37 | txtvalue=$2 |
38 | Ali_Key="${Ali_Key:-$(_readaccountconf_mutable Ali_Key)}" | |
39 | Ali_Secret="${Ali_Secret:-$(_readaccountconf_mutable Ali_Secret)}" | |
40 | ||
41 | _debug "First detect the root zone" | |
42 | if ! _get_root "$fulldomain"; then | |
43 | return 1 | |
44 | fi | |
45 | ||
be39ab32 | 46 | _clean |
47 | } | |
48 | ||
329174b6 | 49 | #################### Private functions below ################################## |
be39ab32 | 50 | |
51 | _get_root() { | |
52 | domain=$1 | |
53 | i=2 | |
54 | p=1 | |
55 | while true; do | |
56 | h=$(printf "%s" "$domain" | cut -d . -f $i-100) | |
57 | if [ -z "$h" ]; then | |
58 | #not valid | |
59 | return 1 | |
60 | fi | |
61 | ||
62 | _describe_records_query "$h" | |
63 | if ! _ali_rest "Get root" "ignore"; then | |
64 | return 1 | |
65 | fi | |
66 | ||
67 | if _contains "$response" "PageNumber"; then | |
68 | _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) | |
69 | _debug _sub_domain "$_sub_domain" | |
70 | _domain="$h" | |
71 | _debug _domain "$_domain" | |
72 | return 0 | |
73 | fi | |
74 | p="$i" | |
75 | i=$(_math "$i" + 1) | |
76 | done | |
77 | return 1 | |
78 | } | |
79 | ||
80 | _ali_rest() { | |
1c22c2f7 | 81 | signature=$(printf "%s" "GET&%2F&$(_ali_urlencode "$query")" | _hmac "sha1" "$(printf "%s" "$Ali_Secret&" | _hex_dump | tr -d " ")" | _base64) |
be39ab32 | 82 | signature=$(_ali_urlencode "$signature") |
83 | url="$Ali_API?$query&Signature=$signature" | |
84 | ||
85 | if ! response="$(_get "$url")"; then | |
86 | _err "Error <$1>" | |
87 | return 1 | |
88 | fi | |
89 | ||
0096ef4d | 90 | _debug2 response "$response" |
be39ab32 | 91 | if [ -z "$2" ]; then |
0096ef4d | 92 | message="$(echo "$response" | _egrep_o "\"Message\":\"[^\"]*\"" | cut -d : -f 2 | tr -d \")" |
93 | if [ "$message" ]; then | |
be39ab32 | 94 | _err "$message" |
95 | return 1 | |
96 | fi | |
97 | fi | |
be39ab32 | 98 | } |
99 | ||
100 | _ali_urlencode() { | |
101 | _str="$1" | |
102 | _str_len=${#_str} | |
103 | _u_i=1 | |
104 | while [ "$_u_i" -le "$_str_len" ]; do | |
105 | _str_c="$(printf "%s" "$_str" | cut -c "$_u_i")" | |
106 | case $_str_c in [a-zA-Z0-9.~_-]) | |
107 | printf "%s" "$_str_c" | |
108 | ;; | |
109 | *) | |
110 | printf "%%%02X" "'$_str_c" | |
111 | ;; | |
112 | esac | |
113 | _u_i="$(_math "$_u_i" + 1)" | |
114 | done | |
115 | } | |
116 | ||
117 | _ali_nonce() { | |
118 | #_head_n 1 </dev/urandom | _digest "sha256" hex | cut -c 1-31 | |
119 | #Not so good... | |
120 | date +"%s%N" | |
121 | } | |
122 | ||
123 | _check_exist_query() { | |
0096ef4d | 124 | _qdomain="$1" |
125 | _qsubdomain="$2" | |
be39ab32 | 126 | query='' |
127 | query=$query'AccessKeyId='$Ali_Key | |
128 | query=$query'&Action=DescribeDomainRecords' | |
0096ef4d | 129 | query=$query'&DomainName='$_qdomain |
be39ab32 | 130 | query=$query'&Format=json' |
0096ef4d | 131 | query=$query'&RRKeyWord='$_qsubdomain |
be39ab32 | 132 | query=$query'&SignatureMethod=HMAC-SHA1' |
133 | query=$query"&SignatureNonce=$(_ali_nonce)" | |
134 | query=$query'&SignatureVersion=1.0' | |
135 | query=$query'&Timestamp='$(_timestamp) | |
136 | query=$query'&TypeKeyWord=TXT' | |
137 | query=$query'&Version=2015-01-09' | |
138 | } | |
139 | ||
140 | _add_record_query() { | |
141 | query='' | |
142 | query=$query'AccessKeyId='$Ali_Key | |
143 | query=$query'&Action=AddDomainRecord' | |
144 | query=$query'&DomainName='$1 | |
145 | query=$query'&Format=json' | |
146 | query=$query'&RR='$2 | |
147 | query=$query'&SignatureMethod=HMAC-SHA1' | |
148 | query=$query"&SignatureNonce=$(_ali_nonce)" | |
149 | query=$query'&SignatureVersion=1.0' | |
150 | query=$query'&Timestamp='$(_timestamp) | |
151 | query=$query'&Type=TXT' | |
152 | query=$query'&Value='$3 | |
153 | query=$query'&Version=2015-01-09' | |
154 | } | |
155 | ||
156 | _delete_record_query() { | |
157 | query='' | |
158 | query=$query'AccessKeyId='$Ali_Key | |
159 | query=$query'&Action=DeleteDomainRecord' | |
160 | query=$query'&Format=json' | |
161 | query=$query'&RecordId='$1 | |
162 | query=$query'&SignatureMethod=HMAC-SHA1' | |
163 | query=$query"&SignatureNonce=$(_ali_nonce)" | |
164 | query=$query'&SignatureVersion=1.0' | |
165 | query=$query'&Timestamp='$(_timestamp) | |
166 | query=$query'&Version=2015-01-09' | |
167 | } | |
168 | ||
169 | _describe_records_query() { | |
170 | query='' | |
171 | query=$query'AccessKeyId='$Ali_Key | |
172 | query=$query'&Action=DescribeDomainRecords' | |
173 | query=$query'&DomainName='$1 | |
174 | query=$query'&Format=json' | |
175 | query=$query'&SignatureMethod=HMAC-SHA1' | |
176 | query=$query"&SignatureNonce=$(_ali_nonce)" | |
177 | query=$query'&SignatureVersion=1.0' | |
178 | query=$query'&Timestamp='$(_timestamp) | |
179 | query=$query'&Version=2015-01-09' | |
180 | } | |
181 | ||
182 | _clean() { | |
0096ef4d | 183 | _check_exist_query "$_domain" "$_sub_domain" |
eca57bee | 184 | # do not correct grammar here |
be39ab32 | 185 | if ! _ali_rest "Check exist records" "ignore"; then |
186 | return 1 | |
187 | fi | |
188 | ||
950d024a | 189 | record_id="$(echo "$response" | tr '{' "\n" | grep "$_sub_domain" | grep -- "$txtvalue" | tr "," "\n" | grep RecordId | cut -d '"' -f 4)" |
0096ef4d | 190 | _debug2 record_id "$record_id" |
191 | ||
192 | if [ -z "$record_id" ]; then | |
193 | _debug "record not found, skip" | |
194 | else | |
195 | _delete_record_query "$record_id" | |
196 | _ali_rest "Delete record $record_id" "ignore" | |
197 | fi | |
198 | ||
be39ab32 | 199 | } |
200 | ||
201 | _timestamp() { | |
202 | date -u +"%Y-%m-%dT%H%%3A%M%%3A%SZ" | |
203 | } |