]>
Commit | Line | Data |
---|---|---|
38a19fa5 | 1 | #!/usr/bin/env sh |
2 | ||
3 | #Script to use with curanet.dk, scannet.dk, wannafind.dk, dandomain.dk DNS management. | |
dc61c9e2 | 4 | #Requires api credentials with scope: dns |
38a19fa5 | 5 | #Author: Peter L. Hansen <peter@r12.dk> |
2c0cc87b | 6 | #Version 1.0 |
38a19fa5 | 7 | |
8 | CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains" | |
9 | CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token" | |
10 | CURANET_ACCESS_TOKEN="" | |
11 | ||
12 | ######## Public functions ##################### | |
13 | ||
14 | #Usage: dns_curanet_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
15 | dns_curanet_add() { | |
16 | fulldomain=$1 | |
17 | txtvalue=$2 | |
18 | _info "Using curanet" | |
19 | _debug fulldomain "$fulldomain" | |
20 | _debug txtvalue "$txtvalue" | |
21 | ||
22 | CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}" | |
23 | CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}" | |
24 | if [ -z "$CURANET_AUTHCLIENTID" ] || [ -z "$CURANET_AUTHSECRET" ]; then | |
25 | CURANET_AUTHCLIENTID="" | |
26 | CURANET_AUTHSECRET="" | |
27 | _err "You don't specify curanet api client and secret." | |
28 | _err "Please create your auth info and try again." | |
29 | return 1 | |
30 | fi | |
31 | ||
32 | #save the credentials to the account conf file. | |
33 | _saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID" | |
34 | _saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET" | |
35 | ||
aaae83ef | 36 | if ! _get_token; then |
37 | _err "Unable to get token" | |
38 | return 1 | |
39 | fi | |
38a19fa5 | 40 | |
aaae83ef | 41 | if ! _get_root "$fulldomain"; then |
42 | _err "Invalid domain" | |
43 | return 1 | |
44 | fi | |
af5c36e4 | 45 | |
38a19fa5 | 46 | export _H1="Content-Type: application/json-patch+json" |
47 | export _H2="Accept: application/json" | |
48 | export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" | |
49 | data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}" | |
50 | response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")" | |
51 | ||
52 | if _contains "$response" "$txtvalue"; then | |
af5c36e4 | 53 | _debug "TXT record added OK" |
38a19fa5 | 54 | else |
55 | _err "Unable to add TXT record" | |
56 | return 1 | |
57 | fi | |
58 | ||
59 | return 0 | |
60 | } | |
61 | ||
62 | #Usage: fulldomain txtvalue | |
63 | #Remove the txt record after validation. | |
64 | dns_curanet_rm() { | |
65 | fulldomain=$1 | |
66 | txtvalue=$2 | |
67 | _info "Using curanet" | |
68 | _debug fulldomain "$fulldomain" | |
69 | _debug txtvalue "$txtvalue" | |
af5c36e4 | 70 | |
38a19fa5 | 71 | CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}" |
72 | CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}" | |
73 | ||
aaae83ef | 74 | if ! _get_token; then |
75 | _err "Unable to get token" | |
76 | return 1 | |
77 | fi | |
38a19fa5 | 78 | |
aaae83ef | 79 | if ! _get_root "$fulldomain"; then |
80 | _err "Invalid domain" | |
81 | return 1 | |
82 | fi | |
af5c36e4 | 83 | |
38a19fa5 | 84 | _debug "Getting current record list to identify TXT to delete" |
85 | ||
86 | export _H1="Content-Type: application/json" | |
87 | export _H2="Accept: application/json" | |
88 | export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" | |
89 | ||
90 | response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")" | |
91 | ||
92 | if ! _contains "$response" "$txtvalue"; then | |
93 | _err "Unable to delete record (does not contain $txtvalue )" | |
94 | return 1 | |
95 | fi | |
96 | ||
0c9a6da6 | 97 | recordid=$(echo "$response" | _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" | _egrep_o "id\":[0-9]+" | cut -c 5-) |
9a677534 | 98 | |
99 | if [ -z "$recordid" ]; then | |
100 | _err "Unable to get recordid" | |
101 | _debug "regex {\"id\":[0-9]+,\"name\":\"$fulldomain\",\"type\":\"TXT\",\"ttl\":60,\"priority\":0,\"data\":\"..$txtvalue" | |
102 | _debug "response $response" | |
103 | return 1 | |
104 | fi | |
105 | ||
38a19fa5 | 106 | _debug "Deleting recordID $recordid" |
38a19fa5 | 107 | response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")" |
ee0fadf2 | 108 | return 0 |
38a19fa5 | 109 | } |
110 | ||
111 | #################### Private functions below ################################## | |
112 | ||
aaae83ef | 113 | _get_token() { |
a2bb6a4f | 114 | response="$(_post "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" "$CURANET_AUTH_URL" "" "")" |
a2bb6a4f | 115 | if ! _contains "$response" "access_token"; then |
116 | _err "Unable get access token" | |
117 | return 1 | |
118 | fi | |
fac4e151 | 119 | CURANET_ACCESS_TOKEN=$(echo "$response" | _egrep_o "\"access_token\":\"[^\"]+" | cut -c 17-) |
aaae83ef | 120 | |
121 | if [ -z "$CURANET_ACCESS_TOKEN" ]; then | |
122 | _err "Unable to get token" | |
123 | return 1 | |
124 | fi | |
125 | ||
af08d67f | 126 | return 0 |
a2901d61 | 127 | |
38a19fa5 | 128 | } |
129 | ||
38a19fa5 | 130 | #_acme-challenge.www.domain.com |
131 | #returns | |
38a19fa5 | 132 | # _domain=domain.com |
133 | # _domain_id=sdjkglgdfewsdfg | |
134 | _get_root() { | |
135 | domain=$1 | |
136 | i=1 | |
38a19fa5 | 137 | |
138 | while true; do | |
139 | h=$(printf "%s" "$domain" | cut -d . -f $i-100) | |
140 | _debug h "$h" | |
141 | if [ -z "$h" ]; then | |
142 | #not valid | |
143 | return 1 | |
144 | fi | |
145 | ||
146 | export _H1="Content-Type: application/json" | |
147 | export _H2="Accept: application/json" | |
148 | export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" | |
149 | response="$(_get "$CURANET_REST_URL/$h/Records" "" "")" | |
150 | ||
151 | if [ ! "$(echo "$response" | _egrep_o "Entity not found")" ]; then | |
38a19fa5 | 152 | _domain=$h |
153 | return 0 | |
154 | fi | |
af5c36e4 | 155 | |
38a19fa5 | 156 | i=$(_math "$i" + 1) |
157 | done | |
158 | return 1 | |
ee0fadf2 | 159 | } |