]>
Commit | Line | Data |
---|---|---|
38a19fa5 | 1 | #!/usr/bin/env sh |
2 | ||
3 | #Script to use with curanet.dk, scannet.dk, wannafind.dk, dandomain.dk DNS management. | |
4 | # | |
5 | #Author: Peter L. Hansen <peter@r12.dk> | |
6 | ||
7 | CURANET_REST_URL="https://api.curanet.dk/dns/v1/Domains" | |
8 | CURANET_AUTH_URL="https://apiauth.dk.team.blue/auth/realms/Curanet/protocol/openid-connect/token" | |
9 | CURANET_ACCESS_TOKEN="" | |
10 | ||
11 | ######## Public functions ##################### | |
12 | ||
13 | #Usage: dns_curanet_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
14 | dns_curanet_add() { | |
15 | fulldomain=$1 | |
16 | txtvalue=$2 | |
17 | _info "Using curanet" | |
18 | _debug fulldomain "$fulldomain" | |
19 | _debug txtvalue "$txtvalue" | |
20 | ||
21 | CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}" | |
22 | CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}" | |
23 | if [ -z "$CURANET_AUTHCLIENTID" ] || [ -z "$CURANET_AUTHSECRET" ]; then | |
24 | CURANET_AUTHCLIENTID="" | |
25 | CURANET_AUTHSECRET="" | |
26 | _err "You don't specify curanet api client and secret." | |
27 | _err "Please create your auth info and try again." | |
28 | return 1 | |
29 | fi | |
30 | ||
31 | #save the credentials to the account conf file. | |
32 | _saveaccountconf_mutable CURANET_AUTHCLIENTID "$CURANET_AUTHCLIENTID" | |
33 | _saveaccountconf_mutable CURANET_AUTHSECRET "$CURANET_AUTHSECRET" | |
34 | ||
35 | gettoken | |
36 | ||
37 | _get_root "$fulldomain" | |
38 | ||
39 | export _H1="Content-Type: application/json-patch+json" | |
40 | export _H2="Accept: application/json" | |
41 | export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" | |
42 | data="{\"name\": \"$fulldomain\",\"type\": \"TXT\",\"ttl\": 60,\"priority\": 0,\"data\": \"$txtvalue\"}" | |
43 | response="$(_post "$data" "$CURANET_REST_URL/${_domain}/Records" "" "")" | |
44 | ||
45 | if _contains "$response" "$txtvalue"; then | |
46 | _debug "TXT record added OK" | |
47 | else | |
48 | _err "Unable to add TXT record" | |
49 | return 1 | |
50 | fi | |
51 | ||
52 | return 0 | |
53 | } | |
54 | ||
55 | #Usage: fulldomain txtvalue | |
56 | #Remove the txt record after validation. | |
57 | dns_curanet_rm() { | |
58 | fulldomain=$1 | |
59 | txtvalue=$2 | |
60 | _info "Using curanet" | |
61 | _debug fulldomain "$fulldomain" | |
62 | _debug txtvalue "$txtvalue" | |
63 | ||
64 | CURANET_AUTHCLIENTID="${CURANET_AUTHCLIENTID:-$(_readaccountconf_mutable CURANET_AUTHCLIENTID)}" | |
65 | CURANET_AUTHSECRET="${CURANET_AUTHSECRET:-$(_readaccountconf_mutable CURANET_AUTHSECRET)}" | |
66 | ||
67 | gettoken | |
68 | ||
69 | _get_root "$fulldomain" | |
70 | ||
71 | _debug "Getting current record list to identify TXT to delete" | |
72 | ||
73 | export _H1="Content-Type: application/json" | |
74 | export _H2="Accept: application/json" | |
75 | export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" | |
76 | ||
77 | response="$(_get "$CURANET_REST_URL/${_domain}/Records" "" "")" | |
78 | ||
79 | if ! _contains "$response" "$txtvalue"; then | |
80 | _err "Unable to delete record (does not contain $txtvalue )" | |
81 | return 1 | |
82 | fi | |
83 | ||
84 | recordid=$(echo "$response" | _egrep_o "{\"id\":[0-9]+,\"name\":\"$fulldomain\"" | _egrep_o "id\":[0-9]+" | cut -c 5-) | |
85 | ||
86 | re='^[0-9]+$' | |
87 | if ! [[ $recordid =~ $re ]] ; then | |
88 | err "Unable to delete record (did not find recordID to delete)" | |
89 | return 1 | |
90 | fi | |
91 | ||
92 | _debug "Deleting recordID $recordid" | |
93 | ||
94 | response="$(_post "" "$CURANET_REST_URL/${_domain}/Records/$recordid" "" "DELETE")" | |
95 | ||
96 | return 0; | |
97 | ||
98 | } | |
99 | ||
100 | #################### Private functions below ################################## | |
101 | ||
102 | gettoken() { | |
103 | CURANET_ACCESS_TOKEN=$(curl -s $CURANET_AUTH_URL -d "grant_type=client_credentials&client_id=$CURANET_AUTHCLIENTID&client_secret=$CURANET_AUTHSECRET&scope=dns" | jq -r '.access_token') | |
104 | ||
105 | } | |
106 | ||
107 | ||
108 | #_acme-challenge.www.domain.com | |
109 | #returns | |
110 | # _sub_domain=_acme-challenge.www | |
111 | # _domain=domain.com | |
112 | # _domain_id=sdjkglgdfewsdfg | |
113 | _get_root() { | |
114 | domain=$1 | |
115 | i=1 | |
116 | p=1 | |
117 | ||
118 | while true; do | |
119 | h=$(printf "%s" "$domain" | cut -d . -f $i-100) | |
120 | _debug h "$h" | |
121 | if [ -z "$h" ]; then | |
122 | #not valid | |
123 | return 1 | |
124 | fi | |
125 | ||
126 | export _H1="Content-Type: application/json" | |
127 | export _H2="Accept: application/json" | |
128 | export _H3="Authorization: Bearer $CURANET_ACCESS_TOKEN" | |
129 | response="$(_get "$CURANET_REST_URL/$h/Records" "" "")" | |
130 | ||
131 | if [ ! "$(echo "$response" | _egrep_o "Entity not found")" ]; then | |
132 | _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) | |
133 | _domain=$h | |
134 | return 0 | |
135 | fi | |
136 | ||
137 | p=$i | |
138 | i=$(_math "$i" + 1) | |
139 | done | |
140 | return 1 | |
141 | } | |
142 |