]>
Commit | Line | Data |
---|---|---|
f500c7ab BG |
1 | #!/usr/bin/env sh |
2 | ||
47c33d03 | 3 | # Name: dns_miab.sh |
f500c7ab | 4 | # |
47c33d03 BG |
5 | # Authors: |
6 | # Darven Dissek 2018 | |
7 | # William Gertz 2019 | |
f500c7ab | 8 | # |
aa611248 BG |
9 | # Thanks to Neil Pang and other developers here for code reused from acme.sh from DNS-01 |
10 | # used to communicate with the MailinaBox Custom DNS API | |
47c33d03 BG |
11 | # Report Bugs here: |
12 | # https://github.com/billgertz/MIAB_dns_api (for dns_miab.sh) | |
d795fac3 | 13 | # https://github.com/acmesh-official/acme.sh (for acme.sh) |
f500c7ab BG |
14 | # |
15 | ######## Public functions ##################### | |
16 | ||
aa611248 | 17 | #Usage: dns_miab_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
f500c7ab BG |
18 | dns_miab_add() { |
19 | fulldomain=$1 | |
20 | txtvalue=$2 | |
aa611248 | 21 | _info "Using miab challange add" |
f500c7ab BG |
22 | _debug fulldomain "$fulldomain" |
23 | _debug txtvalue "$txtvalue" | |
24 | ||
aa611248 | 25 | #retrieve MIAB environemt vars |
7ec52145 BG |
26 | if ! _retrieve_miab_env; then |
27 | return 1 | |
28 | fi | |
933d49b0 | 29 | |
aa611248 BG |
30 | #check domain and seperate into doamin and host |
31 | if ! _get_root "$fulldomain"; then | |
32 | _err "Cannot find any part of ${fulldomain} is hosted on ${MIAB_Server}" | |
f500c7ab BG |
33 | return 1 |
34 | fi | |
35 | ||
aa611248 BG |
36 | _debug2 _sub_domain "$_sub_domain" |
37 | _debug2 _domain "$_domain" | |
f500c7ab | 38 | |
aa611248 BG |
39 | #add the challenge record |
40 | _api_path="custom/${fulldomain}/txt" | |
41 | _miab_rest "$txtvalue" "$_api_path" "POST" | |
f500c7ab BG |
42 | |
43 | #check if result was good | |
aa611248 | 44 | if _contains "$response" "updated DNS"; then |
f500c7ab BG |
45 | _info "Successfully created the txt record" |
46 | return 0 | |
47 | else | |
aa611248 BG |
48 | _err "Error encountered during record add" |
49 | _err "$response" | |
f500c7ab BG |
50 | return 1 |
51 | fi | |
f500c7ab BG |
52 | } |
53 | ||
aa611248 | 54 | #Usage: dns_miab_rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" |
f500c7ab BG |
55 | dns_miab_rm() { |
56 | fulldomain=$1 | |
57 | txtvalue=$2 | |
aa611248 BG |
58 | |
59 | _info "Using miab challage delete" | |
f500c7ab BG |
60 | _debug fulldomain "$fulldomain" |
61 | _debug txtvalue "$txtvalue" | |
62 | ||
aa611248 | 63 | #retrieve MIAB environemt vars |
7ec52145 BG |
64 | if ! _retrieve_miab_env; then |
65 | return 1 | |
66 | fi | |
f500c7ab | 67 | |
aa611248 BG |
68 | #check domain and seperate into doamin and host |
69 | if ! _get_root "$fulldomain"; then | |
70 | _err "Cannot find any part of ${fulldomain} is hosted on ${MIAB_Server}" | |
f500c7ab BG |
71 | return 1 |
72 | fi | |
73 | ||
aa611248 BG |
74 | _debug2 _sub_domain "$_sub_domain" |
75 | _debug2 _domain "$_domain" | |
f500c7ab BG |
76 | |
77 | #Remove the challenge record | |
aa611248 | 78 | _api_path="custom/${fulldomain}/txt" |
7ec52145 | 79 | _miab_rest "$txtvalue" "$_api_path" "DELETE" |
f500c7ab BG |
80 | |
81 | #check if result was good | |
aa611248 BG |
82 | if _contains "$response" "updated DNS"; then |
83 | _info "Successfully removed the txt record" | |
f500c7ab BG |
84 | return 0 |
85 | else | |
aa611248 BG |
86 | _err "Error encountered during record remove" |
87 | _err "$response" | |
f500c7ab BG |
88 | return 1 |
89 | fi | |
90 | } | |
91 | ||
92 | #################### Private functions below ################################## | |
47c33d03 | 93 | # |
aa611248 BG |
94 | #Usage: _get_root _acme-challenge.www.domain.com |
95 | #Returns: | |
96 | # _sub_domain=_acme-challenge.www | |
97 | # _domain=domain.com | |
98 | _get_root() { | |
99 | _passed_domain=$1 | |
100 | _debug _passed_domain "$_passed_domain" | |
101 | _i=2 | |
102 | _p=1 | |
103 | ||
104 | #get the zones hosed on MIAB server, must be a json stream | |
105 | _miab_rest "" "zones" "GET" | |
106 | ||
aa611248 BG |
107 | if ! _is_json "$response"; then |
108 | _err "ERROR fetching domain list" | |
109 | _err "$response" | |
110 | return 1 | |
f500c7ab BG |
111 | fi |
112 | ||
aa611248 BG |
113 | #cycle through the passed domain seperating out a test domain discarding |
114 | # the subdomain by marching thorugh the dots | |
115 | while true; do | |
116 | _test_domain=$(printf "%s" "$_passed_domain" | cut -d . -f ${_i}-100) | |
117 | _debug _test_domain "$_test_domain" | |
f500c7ab | 118 | |
aa611248 BG |
119 | if [ -z "$_test_domain" ]; then |
120 | return 1 | |
f500c7ab BG |
121 | fi |
122 | ||
aa611248 BG |
123 | #report found if the test domain is in the json response and |
124 | # report the subdomain | |
125 | if _contains "$response" "\"$_test_domain\""; then | |
126 | _sub_domain=$(printf "%s" "$_passed_domain" | cut -d . -f 1-${_p}) | |
127 | _domain=${_test_domain} | |
128 | return 0 | |
f500c7ab BG |
129 | fi |
130 | ||
aa611248 BG |
131 | #cycle to the next dot in the passed domain |
132 | _p=${_i} | |
133 | _i=$(_math "$_i" + 1) | |
134 | done | |
f500c7ab | 135 | |
aa611248 BG |
136 | return 1 |
137 | } | |
f500c7ab | 138 | |
aa611248 BG |
139 | #Usage: _retrieve_miab_env |
140 | #Returns (from store or environment variables): | |
141 | # MIAB_Username | |
142 | # MIAB_Password | |
143 | # MIAB_Server | |
144 | #retrieve MIAB environment variables, report errors and quit if problems | |
145 | _retrieve_miab_env() { | |
146 | MIAB_Username="${MIAB_Username:-$(_readaccountconf_mutable MIAB_Username)}" | |
147 | MIAB_Password="${MIAB_Password:-$(_readaccountconf_mutable MIAB_Password)}" | |
148 | MIAB_Server="${MIAB_Server:-$(_readaccountconf_mutable MIAB_Server)}" | |
f500c7ab | 149 | |
aa611248 BG |
150 | #debug log the environmental variables |
151 | _debug MIAB_Username "$MIAB_Username" | |
152 | _debug MIAB_Password "$MIAB_Password" | |
153 | _debug MIAB_Server "$MIAB_Server" | |
f323ced4 | 154 | |
aa611248 BG |
155 | #check if MIAB environemt vars set and quit if not |
156 | if [ -z "$MIAB_Username" ] || [ -z "$MIAB_Password" ] || [ -z "$MIAB_Server" ]; then | |
157 | _err "You didn't specify one or more of MIAB_Username, MIAB_Password or MIAB_Server." | |
158 | _err "Please check these environment variables and try again." | |
159 | return 1 | |
160 | fi | |
f500c7ab | 161 | |
aa611248 BG |
162 | #save the credentials to the account conf file. |
163 | _saveaccountconf_mutable MIAB_Username "$MIAB_Username" | |
164 | _saveaccountconf_mutable MIAB_Password "$MIAB_Password" | |
165 | _saveaccountconf_mutable MIAB_Server "$MIAB_Server" | |
f91aeea9 | 166 | return 0 |
aa611248 | 167 | } |
f500c7ab | 168 | |
aa611248 BG |
169 | #Useage: _miab_rest "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" "custom/_acme-challenge.www.domain.com/txt "POST" |
170 | #Returns: "updated DNS: domain.com" | |
171 | #rest interface MIAB dns | |
172 | _miab_rest() { | |
173 | _data="$1" | |
174 | _api_path="$2" | |
175 | _httpmethod="$3" | |
176 | ||
9af85f5a BG |
177 | #encode username and password for basic authentication |
178 | _credentials="$(printf "%s" "$MIAB_Username:$MIAB_Password" | _base64)" | |
179 | export _H1="Authorization: Basic $_credentials" | |
180 | _url="https://${MIAB_Server}/admin/dns/${_api_path}" | |
aa611248 BG |
181 | |
182 | _debug2 _data "$_data" | |
183 | _debug _api_path "$_api_path" | |
184 | _debug2 _url "$_url" | |
9af85f5a | 185 | _debug2 _credentails "$_credentials" |
aa611248 BG |
186 | _debug _httpmethod "$_httpmethod" |
187 | ||
188 | if [ "$_httpmethod" = "GET" ]; then | |
189 | response="$(_get "$_url")" | |
190 | else | |
191 | response="$(_post "$_data" "$_url" "" "$_httpmethod")" | |
192 | fi | |
f500c7ab | 193 | |
aa611248 | 194 | _retcode="$?" |
f500c7ab | 195 | |
aa611248 | 196 | if [ "$_retcode" != "0" ]; then |
9af85f5a | 197 | _err "MIAB REST authentication failed on $_httpmethod" |
aa611248 | 198 | return 1 |
f500c7ab BG |
199 | fi |
200 | ||
aa611248 BG |
201 | _debug response "$response" |
202 | return 0 | |
203 | } | |
204 | ||
205 | #Usage: _is_json "\[\n "mydomain.com"\n]" | |
206 | #Reurns "\[\n "mydomain.com"\n]" | |
207 | #returns the string if it begins and ends with square braces | |
208 | _is_json() { | |
209 | _str="$(echo "$1" | _normalizeJson)" | |
210 | echo "$_str" | grep '^\[.*\]$' >/dev/null 2>&1 | |
f500c7ab | 211 | } |