[mirror_acme.sh.git] / dnsapi / dns_miab.sh

#!/usr/bin/env sh

# Name: dns_miab.sh
#
# Authors:
#    Darven Dissek 2018
#    William Gertz 2019
#
#     Thanks to Neil Pang and other developers here for code reused from acme.sh from DNS-01
#     used to communicate with the MailinaBox Custom DNS API
# Report Bugs here:
#    https://github.com/billgertz/MIAB_dns_api (for dns_miab.sh)
#    https://github.com/acmesh-official/acme.sh       (for acme.sh)
#
########  Public functions #####################

#Usage: dns_miab_add  _acme-challenge.www.domain.com  "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_miab_add() {
  fulldomain=$1
  txtvalue=$2
  _info "Using miab challange add"
  _debug fulldomain "$fulldomain"
  _debug txtvalue "$txtvalue"

  #retrieve MIAB environemt vars
  if ! _retrieve_miab_env; then
    return 1
  fi

  #check domain and seperate into doamin and host
  if ! _get_root "$fulldomain"; then
    _err "Cannot find any part of ${fulldomain} is hosted on ${MIAB_Server}"
    return 1
  fi

  _debug2 _sub_domain "$_sub_domain"
  _debug2 _domain "$_domain"

  #add the challenge record
  _api_path="custom/${fulldomain}/txt"
  _miab_rest "$txtvalue" "$_api_path" "POST"

  #check if result was good
  if _contains "$response" "updated DNS"; then
    _info "Successfully created the txt record"
    return 0
  else
    _err "Error encountered during record add"
    _err "$response"
    return 1
  fi
}

#Usage: dns_miab_rm  _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_miab_rm() {
  fulldomain=$1
  txtvalue=$2

  _info "Using miab challage delete"
  _debug fulldomain "$fulldomain"
  _debug txtvalue "$txtvalue"

  #retrieve MIAB environemt vars
  if ! _retrieve_miab_env; then
    return 1
  fi

  #check domain and seperate into doamin and host
  if ! _get_root "$fulldomain"; then
    _err "Cannot find any part of ${fulldomain} is hosted on ${MIAB_Server}"
    return 1
  fi

  _debug2 _sub_domain "$_sub_domain"
  _debug2 _domain "$_domain"

  #Remove the challenge record
  _api_path="custom/${fulldomain}/txt"
  _miab_rest "$txtvalue" "$_api_path" "DELETE"

  #check if result was good
  if _contains "$response" "updated DNS"; then
    _info "Successfully removed the txt record"
    return 0
  else
    _err "Error encountered during record remove"
    _err "$response"
    return 1
  fi
}

####################  Private functions below ##################################
#
#Usage: _get_root  _acme-challenge.www.domain.com
#Returns:
# _sub_domain=_acme-challenge.www
# _domain=domain.com
_get_root() {
  _passed_domain=$1
  _debug _passed_domain "$_passed_domain"
  _i=2
  _p=1

  #get the zones hosed on MIAB server, must be a json stream
  _miab_rest "" "zones" "GET"

  if ! _is_json "$response"; then
    _err "ERROR fetching domain list"
    _err "$response"
    return 1
  fi

  #cycle through the passed domain seperating out a test domain discarding
  #   the subdomain by marching thorugh the dots
  while true; do
    _test_domain=$(printf "%s" "$_passed_domain" | cut -d . -f ${_i}-100)
    _debug _test_domain "$_test_domain"

    if [ -z "$_test_domain" ]; then
      return 1
    fi

    #report found if the test domain is in the json response and
    #   report the subdomain
    if _contains "$response" "\"$_test_domain\""; then
      _sub_domain=$(printf "%s" "$_passed_domain" | cut -d . -f 1-${_p})
      _domain=${_test_domain}
      return 0
    fi

    #cycle to the next dot in the passed domain
    _p=${_i}
    _i=$(_math "$_i" + 1)
  done

  return 1
}

#Usage: _retrieve_miab_env
#Returns (from store or environment variables):
# MIAB_Username
# MIAB_Password
# MIAB_Server
#retrieve MIAB environment variables, report errors and quit if problems
_retrieve_miab_env() {
  MIAB_Username="${MIAB_Username:-$(_readaccountconf_mutable MIAB_Username)}"
  MIAB_Password="${MIAB_Password:-$(_readaccountconf_mutable MIAB_Password)}"
  MIAB_Server="${MIAB_Server:-$(_readaccountconf_mutable MIAB_Server)}"

  #debug log the environmental variables
  _debug MIAB_Username "$MIAB_Username"
  _debug MIAB_Password "$MIAB_Password"
  _debug MIAB_Server "$MIAB_Server"

  #check if MIAB environemt vars set and quit if not
  if [ -z "$MIAB_Username" ] || [ -z "$MIAB_Password" ] || [ -z "$MIAB_Server" ]; then
    _err "You didn't specify one or more of MIAB_Username, MIAB_Password or MIAB_Server."
    _err "Please check these environment variables and try again."
    return 1
  fi

  #save the credentials to the account conf file.
  _saveaccountconf_mutable MIAB_Username "$MIAB_Username"
  _saveaccountconf_mutable MIAB_Password "$MIAB_Password"
  _saveaccountconf_mutable MIAB_Server "$MIAB_Server"
  return 0
}

#Useage: _miab_rest  "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"  "custom/_acme-challenge.www.domain.com/txt  "POST"
#Returns: "updated DNS: domain.com"
#rest interface MIAB dns
_miab_rest() {
  _data="$1"
  _api_path="$2"
  _httpmethod="$3"

  #encode username and password for basic authentication
  _credentials="$(printf "%s" "$MIAB_Username:$MIAB_Password" | _base64)"
  export _H1="Authorization: Basic $_credentials"
  _url="https://${MIAB_Server}/admin/dns/${_api_path}"

  _debug2 _data "$_data"
  _debug _api_path "$_api_path"
  _debug2 _url "$_url"
  _debug2 _credentails "$_credentials"
  _debug _httpmethod "$_httpmethod"

  if [ "$_httpmethod" = "GET" ]; then
    response="$(_get "$_url")"
  else
    response="$(_post "$_data" "$_url" "" "$_httpmethod")"
  fi

  _retcode="$?"

  if [ "$_retcode" != "0" ]; then
    _err "MIAB REST authentication failed on $_httpmethod"
    return 1
  fi

  _debug response "$response"
  return 0
}

#Usage: _is_json  "\[\n   "mydomain.com"\n]"
#Reurns "\[\n   "mydomain.com"\n]"
#returns the string if it begins and ends with square braces
_is_json() {
  _str="$(echo "$1" | _normalizeJson)"
  echo "$_str" | grep '^\[.*\]$' >/dev/null 2>&1
}
Commit	Line	Data
f500c7ab BG	1	#!/usr/bin/env sh
f500c7ab BG	2
47c33d03	3	# Name: dns_miab.sh
f500c7ab	4	#
47c33d03 BG	5	# Authors:
	6	# Darven Dissek 2018
	7	# William Gertz 2019
f500c7ab	8	#
aa611248 BG	9	# Thanks to Neil Pang and other developers here for code reused from acme.sh from DNS-01
aa611248 BG	10	# used to communicate with the MailinaBox Custom DNS API
47c33d03 BG	11	# Report Bugs here:
47c33d03 BG	12	# https://github.com/billgertz/MIAB_dns_api (for dns_miab.sh)
d795fac3	13	# https://github.com/acmesh-official/acme.sh (for acme.sh)
f500c7ab BG	14	#
	15	######## Public functions #####################
	16
aa611248	17	#Usage: dns_miab_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
f500c7ab BG	18	dns_miab_add() {
	19	fulldomain=$1
	20	txtvalue=$2
aa611248	21	_info "Using miab challange add"
f500c7ab BG	22	_debug fulldomain "$fulldomain"
	23	_debug txtvalue "$txtvalue"
	24
aa611248	25	#retrieve MIAB environemt vars
7ec52145 BG	26	if ! _retrieve_miab_env; then
	27	return 1
	28	fi
933d49b0	29
aa611248 BG	30	#check domain and seperate into doamin and host
	31	if ! _get_root "$fulldomain"; then
	32	_err "Cannot find any part of ${fulldomain} is hosted on ${MIAB_Server}"
f500c7ab BG	33	return 1
	34	fi
	35
aa611248 BG	36	_debug2 _sub_domain "$_sub_domain"
aa611248 BG	37	_debug2 _domain "$_domain"
f500c7ab	38
aa611248 BG	39	#add the challenge record
	40	_api_path="custom/${fulldomain}/txt"
	41	_miab_rest "$txtvalue" "$_api_path" "POST"
f500c7ab BG	42
f500c7ab BG	43	#check if result was good
aa611248	44	if _contains "$response" "updated DNS"; then
f500c7ab BG	45	_info "Successfully created the txt record"
	46	return 0
	47	else
aa611248 BG	48	_err "Error encountered during record add"
aa611248 BG	49	_err "$response"
f500c7ab BG	50	return 1
f500c7ab BG	51	fi
f500c7ab BG	52	}
f500c7ab BG	53
aa611248	54	#Usage: dns_miab_rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
f500c7ab BG	55	dns_miab_rm() {
	56	fulldomain=$1
	57	txtvalue=$2
aa611248 BG	58
aa611248 BG	59	_info "Using miab challage delete"
f500c7ab BG	60	_debug fulldomain "$fulldomain"
	61	_debug txtvalue "$txtvalue"
	62
aa611248	63	#retrieve MIAB environemt vars
7ec52145 BG	64	if ! _retrieve_miab_env; then
	65	return 1
	66	fi
f500c7ab	67
aa611248 BG	68	#check domain and seperate into doamin and host
	69	if ! _get_root "$fulldomain"; then
	70	_err "Cannot find any part of ${fulldomain} is hosted on ${MIAB_Server}"
f500c7ab BG	71	return 1
	72	fi
	73
aa611248 BG	74	_debug2 _sub_domain "$_sub_domain"
aa611248 BG	75	_debug2 _domain "$_domain"
f500c7ab BG	76
f500c7ab BG	77	#Remove the challenge record
aa611248	78	_api_path="custom/${fulldomain}/txt"
7ec52145	79	_miab_rest "$txtvalue" "$_api_path" "DELETE"
f500c7ab BG	80
f500c7ab BG	81	#check if result was good
aa611248 BG	82	if _contains "$response" "updated DNS"; then
aa611248 BG	83	_info "Successfully removed the txt record"
f500c7ab BG	84	return 0
f500c7ab BG	85	else
aa611248 BG	86	_err "Error encountered during record remove"
aa611248 BG	87	_err "$response"
f500c7ab BG	88	return 1
	89	fi
	90	}
	91
	92	#################### Private functions below ##################################
47c33d03	93	#
aa611248 BG	94	#Usage: _get_root _acme-challenge.www.domain.com
	95	#Returns:
	96	# _sub_domain=_acme-challenge.www
	97	# _domain=domain.com
	98	_get_root() {
	99	_passed_domain=$1
	100	_debug _passed_domain "$_passed_domain"
	101	_i=2
	102	_p=1
	103
	104	#get the zones hosed on MIAB server, must be a json stream
	105	_miab_rest "" "zones" "GET"
	106
aa611248 BG	107	if ! _is_json "$response"; then
	108	_err "ERROR fetching domain list"
	109	_err "$response"
	110	return 1
f500c7ab BG	111	fi
f500c7ab BG	112
aa611248 BG	113	#cycle through the passed domain seperating out a test domain discarding
	114	# the subdomain by marching thorugh the dots
	115	while true; do
	116	_test_domain=$(printf "%s" "$_passed_domain" \| cut -d . -f ${_i}-100)
	117	_debug _test_domain "$_test_domain"
f500c7ab	118
aa611248 BG	119	if [ -z "$_test_domain" ]; then
aa611248 BG	120	return 1
f500c7ab BG	121	fi
f500c7ab BG	122
aa611248 BG	123	#report found if the test domain is in the json response and
	124	# report the subdomain
	125	if _contains "$response" "\"$_test_domain\""; then
	126	_sub_domain=$(printf "%s" "$_passed_domain" \| cut -d . -f 1-${_p})
	127	_domain=${_test_domain}
	128	return 0
f500c7ab BG	129	fi
f500c7ab BG	130
aa611248 BG	131	#cycle to the next dot in the passed domain
	132	_p=${_i}
	133	_i=$(_math "$_i" + 1)
	134	done
f500c7ab	135
aa611248 BG	136	return 1
aa611248 BG	137	}
f500c7ab	138
aa611248 BG	139	#Usage: _retrieve_miab_env
	140	#Returns (from store or environment variables):
	141	# MIAB_Username
	142	# MIAB_Password
	143	# MIAB_Server
	144	#retrieve MIAB environment variables, report errors and quit if problems
	145	_retrieve_miab_env() {
	146	MIAB_Username="${MIAB_Username:-$(_readaccountconf_mutable MIAB_Username)}"
	147	MIAB_Password="${MIAB_Password:-$(_readaccountconf_mutable MIAB_Password)}"
	148	MIAB_Server="${MIAB_Server:-$(_readaccountconf_mutable MIAB_Server)}"
f500c7ab	149
aa611248 BG	150	#debug log the environmental variables
	151	_debug MIAB_Username "$MIAB_Username"
	152	_debug MIAB_Password "$MIAB_Password"
	153	_debug MIAB_Server "$MIAB_Server"
f323ced4	154
aa611248 BG	155	#check if MIAB environemt vars set and quit if not
	156	if [ -z "$MIAB_Username" ] \|\| [ -z "$MIAB_Password" ] \|\| [ -z "$MIAB_Server" ]; then
	157	_err "You didn't specify one or more of MIAB_Username, MIAB_Password or MIAB_Server."
	158	_err "Please check these environment variables and try again."
	159	return 1
	160	fi
f500c7ab	161
aa611248 BG	162	#save the credentials to the account conf file.
	163	_saveaccountconf_mutable MIAB_Username "$MIAB_Username"
	164	_saveaccountconf_mutable MIAB_Password "$MIAB_Password"
	165	_saveaccountconf_mutable MIAB_Server "$MIAB_Server"
f91aeea9	166	return 0
aa611248	167	}
f500c7ab	168
aa611248 BG	169	#Useage: _miab_rest "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" "custom/_acme-challenge.www.domain.com/txt "POST"
	170	#Returns: "updated DNS: domain.com"
	171	#rest interface MIAB dns
	172	_miab_rest() {
	173	_data="$1"
	174	_api_path="$2"
	175	_httpmethod="$3"
	176
9af85f5a BG	177	#encode username and password for basic authentication
	178	_credentials="$(printf "%s" "$MIAB_Username:$MIAB_Password" \| _base64)"
	179	export _H1="Authorization: Basic $_credentials"
	180	_url="https://${MIAB_Server}/admin/dns/${_api_path}"
aa611248 BG	181
	182	_debug2 _data "$_data"
	183	_debug _api_path "$_api_path"
	184	_debug2 _url "$_url"
9af85f5a	185	_debug2 _credentails "$_credentials"
aa611248 BG	186	_debug _httpmethod "$_httpmethod"
	187
	188	if [ "$_httpmethod" = "GET" ]; then
	189	response="$(_get "$_url")"
	190	else
	191	response="$(_post "$_data" "$_url" "" "$_httpmethod")"
	192	fi
f500c7ab	193
aa611248	194	_retcode="$?"
f500c7ab	195
aa611248	196	if [ "$_retcode" != "0" ]; then
9af85f5a	197	_err "MIAB REST authentication failed on $_httpmethod"
aa611248	198	return 1
f500c7ab BG	199	fi
f500c7ab BG	200
aa611248 BG	201	_debug response "$response"
	202	return 0
	203	}
	204
	205	#Usage: _is_json "\[\n "mydomain.com"\n]"
	206	#Reurns "\[\n "mydomain.com"\n]"
	207	#returns the string if it begins and ends with square braces
	208	_is_json() {
	209	_str="$(echo "$1" \| _normalizeJson)"
	210	echo "$_str" \| grep '^\[.*\]$' >/dev/null 2>&1
f500c7ab	211	}