]>
Commit | Line | Data |
---|---|---|
b8e5c0d8 EM |
1 | #!/usr/bin/env sh |
2 | ||
3 | # HUAWEICLOUD_Username | |
4 | # HUAWEICLOUD_Password | |
5 | # HUAWEICLOUD_ProjectID | |
6 | ||
7 | iam_api="https://iam.myhuaweicloud.com" | |
8 | dns_api="https://dns.ap-southeast-1.myhuaweicloud.com" | |
9 | ||
10 | ######## Public functions ##################### | |
11 | ||
12 | # Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
13 | # Used to add txt record | |
14 | # | |
15 | # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/zh-cn_topic_0132421999.html | |
16 | # | |
17 | ||
18 | dns_huaweicloud_add() { | |
19 | fulldomain=$1 | |
20 | txtvalue=$2 | |
21 | ||
22 | HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}" | |
23 | HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}" | |
24 | HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}" | |
25 | ||
f6f6550b EM |
26 | if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ]; then |
27 | _err "Not enough info provided to dns_huaweicloud!" | |
28 | return 1 | |
29 | fi | |
30 | ||
b8e5c0d8 EM |
31 | token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")" |
32 | _debug2 "${token}" | |
33 | zoneid="$(_get_zoneid "${token}" "${fulldomain}")" | |
34 | _debug "${zoneid}" | |
35 | ||
36 | _debug "Adding Record" | |
37 | _add_record "${token}" "${fulldomain}" "${txtvalue}" | |
38 | ret="$?" | |
39 | if [ "${ret}" != "0" ]; then | |
40 | _err "dns_huaweicloud: Error adding record." | |
41 | return 1 | |
42 | fi | |
43 | ||
44 | # Do saving work if all succeeded | |
45 | _saveaccountconf_mutable HUAWEICLOUD_Username "${HUAWEICLOUD_Username}" | |
46 | _saveaccountconf_mutable HUAWEICLOUD_Password "${HUAWEICLOUD_Password}" | |
47 | _saveaccountconf_mutable HUAWEICLOUD_ProjectID "${HUAWEICLOUD_ProjectID}" | |
48 | return 0 | |
49 | } | |
50 | ||
51 | # Usage: fulldomain txtvalue | |
52 | # Used to remove the txt record after validation | |
53 | # | |
54 | # Ref: https://support.huaweicloud.com/intl/zh-cn/api-dns/dns_api_64005.html | |
55 | # | |
56 | ||
57 | dns_huaweicloud_rm() { | |
58 | fulldomain=$1 | |
59 | txtvalue=$2 | |
60 | ||
61 | HUAWEICLOUD_Username="${HUAWEICLOUD_Username:-$(_readaccountconf_mutable HUAWEICLOUD_Username)}" | |
62 | HUAWEICLOUD_Password="${HUAWEICLOUD_Password:-$(_readaccountconf_mutable HUAWEICLOUD_Password)}" | |
63 | HUAWEICLOUD_ProjectID="${HUAWEICLOUD_ProjectID:-$(_readaccountconf_mutable HUAWEICLOUD_ProjectID)}" | |
64 | ||
e01fb503 EM |
65 | if [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ] || [ -z "${HUAWEICLOUD_Username}" ]; then |
66 | _err "Please provide enough information" | |
67 | return 1 | |
68 | fi | |
69 | ||
b8e5c0d8 EM |
70 | token="$(_get_token "${HUAWEICLOUD_Username}" "${HUAWEICLOUD_Password}" "${HUAWEICLOUD_ProjectID}")" |
71 | _debug2 "${token}" | |
72 | zoneid="$(_get_zoneid "${token}" "${fulldomain}")" | |
73 | _debug "${zoneid}" | |
74 | record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")" | |
75 | _debug "Record Set ID is: ${record_id}" | |
7db592d2 EM |
76 | |
77 | # Remove all records | |
b8e5c0d8 | 78 | while [ "${record_id}" != "0" ]; do |
28ce1c12 | 79 | _debug "Removing Record" |
b8e5c0d8 EM |
80 | _rm_record "${token}" "${zoneid}" "${record_id}" |
81 | record_id="$(_get_recordset_id "${token}" "${fulldomain}" "${zoneid}")" | |
82 | done | |
83 | return 0 | |
84 | } | |
85 | ||
86 | ################### Private functions below ################################## | |
87 | ||
88 | # _get_zoneid | |
89 | # | |
90 | # _token=$1 | |
91 | # _domain_string=$2 | |
92 | # | |
93 | # printf "%s" "${_zoneid}" | |
94 | _get_zoneid() { | |
95 | _token=$1 | |
96 | _domain_string=$2 | |
97 | export _H1="X-Auth-Token: ${_token}" | |
98 | ||
99 | i=1 | |
100 | while true; do | |
101 | h=$(printf "%s" "${_domain_string}" | cut -d . -f $i-100) | |
102 | if [ -z "$h" ]; then | |
103 | #not valid | |
104 | return 1 | |
105 | fi | |
106 | _debug "$h" | |
107 | response=$(_get "${dns_api}/v2/zones?name=${h}") | |
108 | ||
109 | if _contains "${response}" "id"; then | |
110 | _debug "Get Zone ID Success." | |
111 | _zoneid=$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ") | |
112 | printf "%s" "${_zoneid}" | |
113 | return 0 | |
114 | fi | |
115 | ||
116 | i=$(_math "$i" + 1) | |
117 | done | |
118 | return 1 | |
119 | } | |
120 | ||
121 | _get_recordset_id() { | |
122 | _token=$1 | |
123 | _domain=$2 | |
124 | _zoneid=$3 | |
125 | export _H1="X-Auth-Token: ${_token}" | |
126 | ||
127 | response=$(_get "${dns_api}/v2/zones/${_zoneid}/recordsets?name=${_domain}") | |
128 | if _contains "${response}" "id"; then | |
129 | _id="$(echo "${response}" | _egrep_o "\"id\": *\"[^\"]*\"" | cut -d : -f 2 | tr -d \" | tr -d " ")" | |
130 | printf "%s" "${_id}" | |
131 | return 0 | |
132 | fi | |
133 | printf "%s" "0" | |
134 | return 1 | |
135 | } | |
136 | ||
137 | _add_record() { | |
138 | _token=$1 | |
139 | _domain=$2 | |
140 | _txtvalue=$3 | |
f6f6550b EM |
141 | |
142 | # Get Existing Records | |
143 | export _H1="X-Auth-Token: ${_token}" | |
5d0657c4 EM |
144 | response=$(_get "${dns_api}/v2/zones/${zoneid}/recordsets?name=${_domain}") |
145 | ||
146 | _debug "${response}" | |
147 | _exist_record=$(echo "${response}" | sed ':a;N;$!ba;s/\n/ /g' | grep -o '"records":[^]]*' | sed 's/\"records\"\:\[//g') | |
f6f6550b EM |
148 | _debug "${_exist_record}" |
149 | ||
150 | # Check if record exist | |
151 | # Generate body data | |
5d0657c4 | 152 | _post_body="{ |
b8e5c0d8 EM |
153 | \"name\": \"${_domain}.\", |
154 | \"description\": \"ACME Challenge\", | |
155 | \"type\": \"TXT\", | |
156 | \"ttl\": 1, | |
157 | \"records\": [ | |
f6f6550b | 158 | ${_exist_record}, |
b8e5c0d8 EM |
159 | \"\\\"${_txtvalue}\\\"\" |
160 | ] | |
161 | }" | |
f6f6550b | 162 | if [ -z "${_exist_record}" ]; then |
5d0657c4 | 163 | _post_body="{ |
f6f6550b EM |
164 | \"name\": \"${_domain}.\", |
165 | \"description\": \"ACME Challenge\", | |
166 | \"type\": \"TXT\", | |
167 | \"ttl\": 1, | |
168 | \"records\": [ | |
169 | \"\\\"${_txtvalue}\\\"\" | |
170 | ] | |
171 | }" | |
172 | fi | |
5d0657c4 EM |
173 | |
174 | _record_id="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")" | |
175 | _debug "Record Set ID is: ${_record_id}" | |
176 | ||
177 | # Remove all records | |
178 | while [ "${_record_id}" != "0" ]; do | |
179 | _debug "Removing Record" | |
180 | _rm_record "${_token}" "${zoneid}" "${_record_id}" | |
181 | _record_id="$(_get_recordset_id "${_token}" "${_domain}" "${zoneid}")" | |
182 | _debug "${_record_id}" | |
183 | done | |
184 | ||
185 | # Add brand new records with all old and new records | |
b8e5c0d8 EM |
186 | export _H2="Content-Type: application/json" |
187 | export _H1="X-Auth-Token: ${_token}" | |
188 | ||
5d0657c4 EM |
189 | _debug "${_post_body}" |
190 | sleep 2 | |
191 | _post "${_post_body}" "${dns_api}/v2/zones/${zoneid}/recordsets" >/dev/null | |
b8e5c0d8 EM |
192 | _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")" |
193 | if [ "$_code" != "202" ]; then | |
194 | _err "dns_huaweicloud: http code ${_code}" | |
5d0657c4 | 195 | sleep 60 |
b8e5c0d8 EM |
196 | return 1 |
197 | fi | |
198 | return 0 | |
199 | } | |
200 | ||
5d0657c4 EM |
201 | # _rm_record $token $zoneid $recordid |
202 | # assume ${dns_api} exist | |
203 | # no output | |
204 | # return 0 | |
b8e5c0d8 EM |
205 | _rm_record() { |
206 | _token=$1 | |
207 | _zone_id=$2 | |
208 | _record_id=$3 | |
209 | ||
210 | export _H2="Content-Type: application/json" | |
211 | export _H1="X-Auth-Token: ${_token}" | |
212 | ||
5d0657c4 EM |
213 | _post "" "${dns_api}/v2/zones/${_zone_id}/recordsets/${_record_id}" false "DELETE" >/dev/null |
214 | return $? | |
b8e5c0d8 EM |
215 | } |
216 | ||
217 | _get_token() { | |
218 | _username=$1 | |
219 | _password=$2 | |
220 | _project=$3 | |
221 | ||
222 | _debug "Getting Token" | |
223 | body="{ | |
224 | \"auth\": { | |
225 | \"identity\": { | |
226 | \"methods\": [ | |
227 | \"password\" | |
228 | ], | |
229 | \"password\": { | |
230 | \"user\": { | |
231 | \"name\": \"${_username}\", | |
232 | \"password\": \"${_password}\", | |
233 | \"domain\": { | |
234 | \"name\": \"${_username}\" | |
235 | } | |
236 | } | |
237 | } | |
238 | }, | |
239 | \"scope\": { | |
240 | \"project\": { | |
241 | \"id\": \"${_project}\" | |
242 | } | |
243 | } | |
244 | } | |
245 | }" | |
246 | export _H1="Content-Type: application/json;charset=utf8" | |
247 | _post "${body}" "${iam_api}/v3/auth/tokens" >/dev/null | |
248 | _code=$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n") | |
249 | _token=$(grep "^X-Subject-Token" "$HTTP_HEADER" | cut -d " " -f 2-) | |
250 | _debug2 "${_code}" | |
251 | printf "%s" "${_token}" | |
252 | return 0 | |
253 | } |