[mirror_acme.sh.git] / dnsapi / dns_inwx.sh

#!/usr/bin/env sh

#
#INWX_User="username"
#
#INWX_Password="password"
#
# Dependencies:
# -------------
# - oathtool (When using 2 Factor Authentication)

INWX_Api="https://api.domrobot.com/xmlrpc/"

########  Public functions #####################

#Usage: add  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_inwx_add() {
  fulldomain=$1
  txtvalue=$2

  INWX_User="${INWX_User:-$(_readaccountconf_mutable INWX_User)}"
  INWX_Password="${INWX_Password:-$(_readaccountconf_mutable INWX_Password)}"
  INWX_Shared_Secret="${INWX_Shared_Secret:-$(_readaccountconf_mutable INWX_Shared_Secret)}"
  if [ -z "$INWX_User" ] || [ -z "$INWX_Password" ]; then
    INWX_User=""
    INWX_Password=""
    _err "You don't specify inwx user and password yet."
    _err "Please create you key and try again."
    return 1
  fi

  #save the api key and email to the account conf file.
  _saveaccountconf_mutable INWX_User "$INWX_User"
  _saveaccountconf_mutable INWX_Password "$INWX_Password"
  _saveaccountconf_mutable INWX_Shared_Secret "$INWX_Shared_Secret"

  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi
  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

  _info "Adding record"
  _inwx_add_record "$_domain" "$_sub_domain" "$txtvalue"

}

#fulldomain txtvalue
dns_inwx_rm() {

  fulldomain=$1
  txtvalue=$2

  INWX_User="${INWX_User:-$(_readaccountconf_mutable INWX_User)}"
  INWX_Password="${INWX_Password:-$(_readaccountconf_mutable INWX_Password)}"
  if [ -z "$INWX_User" ] || [ -z "$INWX_Password" ]; then
    INWX_User=""
    INWX_Password=""
    _err "You don't specify inwx user and password yet."
    _err "Please create you key and try again."
    return 1
  fi

  #save the api key and email to the account conf file.
  _saveaccountconf_mutable INWX_User "$INWX_User"
  _saveaccountconf_mutable INWX_Password "$INWX_Password"

  _debug "First detect the root zone"
  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi
  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

  _debug "Getting txt records"

  xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  <methodCall>
  <methodName>nameserver.info</methodName>
  <params>
   <param>
    <value>
     <struct>
      <member>
       <name>domain</name>
       <value>
        <string>%s</string>
       </value>
      </member>
      <member>
       <name>type</name>
       <value>
        <string>TXT</string>
       </value>
      </member>
      <member>
       <name>name</name>
       <value>
        <string>%s</string>
       </value>
      </member>
     </struct>
    </value>
   </param>
  </params>
  </methodCall>' "$_domain" "$_sub_domain")
  response="$(_post "$xml_content" "$INWX_Api" "" "POST")"

  if ! _contains "$response" "Command completed successfully"; then
    _err "Error could not get txt records"
    return 1
  fi

  if ! printf "%s" "$response" | grep "count" >/dev/null; then
    _info "Do not need to delete record"
  else
    _record_id=$(printf '%s' "$response" | _egrep_o '.*(<member><name>record){1}(.*)([0-9]+){1}' | _egrep_o '<name>id<\/name><value><int>[0-9]+' | _egrep_o '[0-9]+')
    _info "Deleting record"
    _inwx_delete_record "$_record_id"
  fi

}

####################  Private functions below ##################################

_inwx_login() {

  xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  <methodCall>
  <methodName>account.login</methodName>
  <params>
   <param>
    <value>
     <struct>
      <member>
       <name>user</name>
       <value>
        <string>%s</string>
       </value>
      </member>
      <member>
       <name>pass</name>
       <value>
        <string>%s</string>
       </value>
      </member>
     </struct>
    </value>
   </param>
  </params>
  </methodCall>' $INWX_User $INWX_Password)

  response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  _H1=$(printf "Cookie: %s" "$(grep "domrobot=" "$HTTP_HEADER" | grep "^Set-Cookie:" | _tail_n 1 | _egrep_o 'domrobot=[^;]*;' | tr -d ';')")
  export _H1

  #https://github.com/inwx/php-client/blob/master/INWX/Domrobot.php#L71
  if _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>" \
    && _contains "$response" "<member><name>tfa</name><value><string>GOOGLE-AUTH</string></value></member>"; then
    if [ -z "$INWX_Shared_Secret" ]; then
      _err "Mobile TAN detected."
      _err "Please define a shared secret."
      return 1
    fi

    if ! _exists oathtool; then
      _err "Please install oathtool to use 2 Factor Authentication."
      _err ""
      return 1
    fi

    tan="$(oathtool --base32 --totp "${INWX_Shared_Secret}" 2>/dev/null)"

    xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
    <methodCall>
    <methodName>account.unlock</methodName>
    <params>
     <param>
      <value>
       <struct>
        <member>
         <name>tan</name>
         <value>
          <string>%s</string>
         </value>
        </member>
       </struct>
      </value>
     </param>
    </params>
    </methodCall>' "$tan")

    response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  fi

}

_get_root() {
  domain=$1
  _debug "get root"

  domain=$1
  i=2
  p=1

  _inwx_login

  xml_content='<?xml version="1.0" encoding="UTF-8"?>
  <methodCall>
  <methodName>nameserver.list</methodName>
  </methodCall>'

  response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
    _debug h "$h"
    if [ -z "$h" ]; then
      #not valid
      return 1
    fi

    if _contains "$response" "$h"; then
      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
      _domain="$h"
      return 0
    fi
    p=$i
    i=$(_math "$i" + 1)
  done
  return 1

}

_inwx_delete_record() {
  record_id=$1
  xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  <methodCall>
  <methodName>nameserver.deleteRecord</methodName>
  <params>
   <param>
    <value>
     <struct>
      <member>
       <name>id</name>
       <value>
        <int>%s</int>
       </value>
      </member>
     </struct>
    </value>
   </param>
  </params>
  </methodCall>' "$record_id")

  response="$(_post "$xml_content" "$INWX_Api" "" "POST")"

  if ! printf "%s" "$response" | grep "Command completed successfully" >/dev/null; then
    _err "Error"
    return 1
  fi
  return 0

}

_inwx_update_record() {
  record_id=$1
  txtval=$2
  xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  <methodCall>
  <methodName>nameserver.updateRecord</methodName>
  <params>
   <param>
    <value>
     <struct>
      <member>
       <name>content</name>
       <value>
        <string>%s</string>
       </value>
      </member>
      <member>
       <name>id</name>
       <value>
        <int>%s</int>
       </value>
      </member>
     </struct>
    </value>
   </param>
  </params>
  </methodCall>' "$txtval" "$record_id")

  response="$(_post "$xml_content" "$INWX_Api" "" "POST")"

  if ! printf "%s" "$response" | grep "Command completed successfully" >/dev/null; then
    _err "Error"
    return 1
  fi
  return 0

}

_inwx_add_record() {

  domain=$1
  sub_domain=$2
  txtval=$3

  xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
  <methodCall>
  <methodName>nameserver.createRecord</methodName>
  <params>
   <param>
    <value>
     <struct>
      <member>
       <name>domain</name>
       <value>
        <string>%s</string>
       </value>
      </member>
      <member>
       <name>type</name>
       <value>
        <string>TXT</string>
       </value>
      </member>
      <member>
       <name>content</name>
       <value>
        <string>%s</string>
       </value>
      </member>
      <member>
       <name>name</name>
       <value>
        <string>%s</string>
       </value>
      </member>
     </struct>
    </value>
   </param>
  </params>
  </methodCall>' "$domain" "$txtval" "$sub_domain")

  response="$(_post "$xml_content" "$INWX_Api" "" "POST")"

  if ! printf "%s" "$response" | grep "Command completed successfully" >/dev/null; then
    _err "Error"
    return 1
  fi
  return 0
}
Commit	Line	Data
731ed695	1	#!/usr/bin/env sh
657334fb	2
	3	#
	4	#INWX_User="username"
	5	#
	6	#INWX_Password="password"
63f32835 JOK	7	#
	8	# Dependencies:
	9	# -------------
	10	# - oathtool (When using 2 Factor Authentication)
657334fb	11
	12	INWX_Api="https://api.domrobot.com/xmlrpc/"
	13
	14	######## Public functions #####################
	15
	16	#Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
	17	dns_inwx_add() {
	18	fulldomain=$1
	19	txtvalue=$2
	20
	21	INWX_User="${INWX_User:-$(_readaccountconf_mutable INWX_User)}"
	22	INWX_Password="${INWX_Password:-$(_readaccountconf_mutable INWX_Password)}"
63f32835	23	INWX_Shared_Secret="${INWX_Shared_Secret:-$(_readaccountconf_mutable INWX_Shared_Secret)}"
657334fb	24	if [ -z "$INWX_User" ] \|\| [ -z "$INWX_Password" ]; then
	25	INWX_User=""
	26	INWX_Password=""
	27	_err "You don't specify inwx user and password yet."
	28	_err "Please create you key and try again."
	29	return 1
	30	fi
	31
	32	#save the api key and email to the account conf file.
	33	_saveaccountconf_mutable INWX_User "$INWX_User"
	34	_saveaccountconf_mutable INWX_Password "$INWX_Password"
63f32835	35	_saveaccountconf_mutable INWX_Shared_Secret "$INWX_Shared_Secret"
657334fb	36
	37	_debug "First detect the root zone"
	38	if ! _get_root "$fulldomain"; then
	39	_err "invalid domain"
	40	return 1
	41	fi
	42	_debug _sub_domain "$_sub_domain"
	43	_debug _domain "$_domain"
657334fb	44
584fb290	45	_info "Adding record"
584fb290	46	_inwx_add_record "$_domain" "$_sub_domain" "$txtvalue"
657334fb	47
	48	}
	49
	50	#fulldomain txtvalue
	51	dns_inwx_rm() {
	52
	53	fulldomain=$1
	54	txtvalue=$2
	55
	56	INWX_User="${INWX_User:-$(_readaccountconf_mutable INWX_User)}"
	57	INWX_Password="${INWX_Password:-$(_readaccountconf_mutable INWX_Password)}"
	58	if [ -z "$INWX_User" ] \|\| [ -z "$INWX_Password" ]; then
	59	INWX_User=""
	60	INWX_Password=""
	61	_err "You don't specify inwx user and password yet."
	62	_err "Please create you key and try again."
	63	return 1
	64	fi
	65
	66	#save the api key and email to the account conf file.
	67	_saveaccountconf_mutable INWX_User "$INWX_User"
	68	_saveaccountconf_mutable INWX_Password "$INWX_Password"
	69
	70	_debug "First detect the root zone"
	71	if ! _get_root "$fulldomain"; then
	72	_err "invalid domain"
	73	return 1
	74	fi
	75	_debug _sub_domain "$_sub_domain"
	76	_debug _domain "$_domain"
	77
	78	_debug "Getting txt records"
	79
9a1f7698	80	xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
657334fb	81	<methodCall>
	82	<methodName>nameserver.info</methodName>
	83	<params>
	84	<param>
	85	<value>
	86	<struct>
	87	<member>
	88	<name>domain</name>
	89	<value>
	90	<string>%s</string>
	91	</value>
	92	</member>
	93	<member>
	94	<name>type</name>
	95	<value>
	96	<string>TXT</string>
	97	</value>
	98	</member>
	99	<member>
	100	<name>name</name>
	101	<value>
	102	<string>%s</string>
	103	</value>
	104	</member>
	105	</struct>
	106	</value>
	107	</param>
	108	</params>
9a1f7698	109	</methodCall>' "$_domain" "$_sub_domain")
657334fb	110	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
657334fb	111
584fb290	112	if ! _contains "$response" "Command completed successfully"; then
657334fb	113	_err "Error could not get txt records"
	114	return 1
	115	fi
	116
9a1f7698	117	if ! printf "%s" "$response" \| grep "count" >/dev/null; then
657334fb	118	_info "Do not need to delete record"
657334fb	119	else
59115949	120	_record_id=$(printf '%s' "$response" \| _egrep_o '.(<member><name>record){1}(.)([0-9]+){1}' \| _egrep_o '<name>id<\/name><value><int>[0-9]+' \| _egrep_o '[0-9]+')
657334fb	121	_info "Deleting record"
a8202d4b	122	_inwx_delete_record "$_record_id"
657334fb	123	fi
657334fb	124
657334fb	125	}
	126
	127	#################### Private functions below ##################################
	128
	129	_inwx_login() {
	130
9a1f7698	131	xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
657334fb	132	<methodCall>
	133	<methodName>account.login</methodName>
	134	<params>
	135	<param>
	136	<value>
	137	<struct>
	138	<member>
	139	<name>user</name>
	140	<value>
	141	<string>%s</string>
	142	</value>
	143	</member>
	144	<member>
	145	<name>pass</name>
	146	<value>
	147	<string>%s</string>
	148	</value>
	149	</member>
	150	</struct>
	151	</value>
	152	</param>
	153	</params>
9a1f7698	154	</methodCall>' $INWX_User $INWX_Password)
657334fb	155
657334fb	156	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
63f32835 JOK	157	_H1=$(printf "Cookie: %s" "$(grep "domrobot=" "$HTTP_HEADER" \| grep "^Set-Cookie:" \| _tail_n 1 \| _egrep_o 'domrobot=[^;]*;' \| tr -d ';')")
63f32835 JOK	158	export _H1
a8202d4b	159
63f32835	160	#https://github.com/inwx/php-client/blob/master/INWX/Domrobot.php#L71
26421684 JOK	161	if _contains "$response" "<member><name>code</name><value><int>1000</int></value></member>" \
26421684 JOK	162	&& _contains "$response" "<member><name>tfa</name><value><string>GOOGLE-AUTH</string></value></member>"; then
63f32835 JOK	163	if [ -z "$INWX_Shared_Secret" ]; then
	164	_err "Mobile TAN detected."
	165	_err "Please define a shared secret."
	166	return 1
	167	fi
	168
	169	if ! _exists oathtool; then
	170	_err "Please install oathtool to use 2 Factor Authentication."
	171	_err ""
	172	return 1
	173	fi
	174
	175	tan="$(oathtool --base32 --totp "${INWX_Shared_Secret}" 2>/dev/null)"
	176
	177	xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
	178	<methodCall>
	179	<methodName>account.unlock</methodName>
	180	<params>
	181	<param>
	182	<value>
	183	<struct>
	184	<member>
	185	<name>tan</name>
	186	<value>
	187	<string>%s</string>
	188	</value>
	189	</member>
	190	</struct>
	191	</value>
	192	</param>
	193	</params>
	194	</methodCall>' "$tan")
	195
	196	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
	197	fi
657334fb	198
	199	}
	200
	201	_get_root() {
a8202d4b	202	domain=$1
657334fb	203	_debug "get root"
	204
	205	domain=$1
	206	i=2
	207	p=1
	208
63f32835 JOK	209	_inwx_login
63f32835 JOK	210
9a1f7698	211	xml_content='<?xml version="1.0" encoding="UTF-8"?>
657334fb	212	<methodCall>
	213	<methodName>nameserver.list</methodName>
	214	</methodCall>'
a8202d4b	215
657334fb	216	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
	217	while true; do
	218	h=$(printf "%s" "$domain" \| cut -d . -f $i-100)
	219	_debug h "$h"
	220	if [ -z "$h" ]; then
	221	#not valid
	222	return 1
	223	fi
	224
	225	if _contains "$response" "$h"; then
	226	_sub_domain=$(printf "%s" "$domain" \| cut -d . -f 1-$p)
	227	_domain="$h"
	228	return 0
	229	fi
	230	p=$i
	231	i=$(_math "$i" + 1)
	232	done
	233	return 1
	234
	235	}
	236
	237	_inwx_delete_record() {
	238	record_id=$1
9a1f7698	239	xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
657334fb	240	<methodCall>
	241	<methodName>nameserver.deleteRecord</methodName>
	242	<params>
	243	<param>
	244	<value>
	245	<struct>
	246	<member>
	247	<name>id</name>
	248	<value>
	249	<int>%s</int>
	250	</value>
	251	</member>
	252	</struct>
	253	</value>
	254	</param>
	255	</params>
9a1f7698	256	</methodCall>' "$record_id")
ecba959d	257
657334fb	258	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
a8202d4b	259
657334fb	260	if ! printf "%s" "$response" \| grep "Command completed successfully" >/dev/null; then
	261	_err "Error"
	262	return 1
	263	fi
	264	return 0
ecba959d	265
657334fb	266	}
	267
	268	_inwx_update_record() {
	269	record_id=$1
	270	txtval=$2
9a1f7698	271	xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
657334fb	272	<methodCall>
	273	<methodName>nameserver.updateRecord</methodName>
	274	<params>
	275	<param>
	276	<value>
	277	<struct>
	278	<member>
	279	<name>content</name>
	280	<value>
	281	<string>%s</string>
	282	</value>
	283	</member>
	284	<member>
	285	<name>id</name>
	286	<value>
	287	<int>%s</int>
	288	</value>
	289	</member>
	290	</struct>
	291	</value>
	292	</param>
	293	</params>
9a1f7698	294	</methodCall>' "$txtval" "$record_id")
a8202d4b	295
657334fb	296	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
ecba959d	297
657334fb	298	if ! printf "%s" "$response" \| grep "Command completed successfully" >/dev/null; then
	299	_err "Error"
	300	return 1
	301	fi
	302	return 0
ecba959d	303
657334fb	304	}
	305
	306	_inwx_add_record() {
	307
	308	domain=$1
	309	sub_domain=$2
	310	txtval=$3
	311
9a1f7698	312	xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
657334fb	313	<methodCall>
	314	<methodName>nameserver.createRecord</methodName>
	315	<params>
	316	<param>
	317	<value>
	318	<struct>
	319	<member>
	320	<name>domain</name>
	321	<value>
	322	<string>%s</string>
	323	</value>
	324	</member>
	325	<member>
	326	<name>type</name>
	327	<value>
	328	<string>TXT</string>
	329	</value>
	330	</member>
	331	<member>
	332	<name>content</name>
	333	<value>
	334	<string>%s</string>
	335	</value>
	336	</member>
	337	<member>
	338	<name>name</name>
	339	<value>
	340	<string>%s</string>
	341	</value>
	342	</member>
	343	</struct>
	344	</value>
	345	</param>
	346	</params>
9a1f7698	347	</methodCall>' "$domain" "$txtval" "$sub_domain")
a8202d4b	348
657334fb	349	response="$(_post "$xml_content" "$INWX_Api" "" "POST")"
a8202d4b	350
657334fb	351	if ! printf "%s" "$response" \| grep "Command completed successfully" >/dev/null; then
	352	_err "Error"
	353	return 1
	354	fi
	355	return 0
	356	}