[mirror_acme.sh.git] / dnsapi / dns_netlify.sh

#!/usr/bin/env sh

#NETLIFY_ACCESS_TOKEN="xxxx"

NETLIFY_HOST="api.netlify.com/api/v1/"
NETLIFY_URL="https://$NETLIFY_HOST"

########  Public functions #####################

#Usage: dns_myapi_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_netlify_add() {
  fulldomain=$1
  txtvalue=$2

  NETLIFY_ACCESS_TOKEN="${NETLIFY_ACCESS_TOKEN:-$(_readaccountconf_mutable NETLIFY_ACCESS_TOKEN)}"

  if [ -z "$NETLIFY_ACCESS_TOKEN" ]; then
    NETLIFY_ACCESS_TOKEN=""
    _err "Please specify your Netlify Access Token and try again."
    return 1
  else
    _saveaccountconf_mutable NETLIFY_ACCESS_TOKEN "$NETLIFY_ACCESS_TOKEN"
  fi

  _info "Using Netlify"
  _debug fulldomain "$fulldomain"
  _debug txtvalue "$txtvalue"

  if ! _get_root "$fulldomain"; then
    _err "invalid domain"
    return 1
  fi

  _debug _domain_id "$_domain_id"
  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

  dnsRecordURI="dns_zones/$_domain_id/dns_records"

  body="{\"type\":\"TXT\", \"hostname\":\"$_sub_domain\", \"value\":\"$txtvalue\", \"ttl\":\"10\"}"

  _netlify_rest POST "$dnsRecordURI" "$body" "$NETLIFY_ACCESS_TOKEN"
  _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")"
  if [ "$_code" = "200" ] || [ "$_code" = '201' ]; then
    _info "validation value added"
    return 0
  else
    _err "error adding validation value ($_code)"
    return 1
  fi

  _err "Not fully implemented!"
  return 1
}

#Usage: dns_myapi_rm   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
#Remove the txt record after validation.
dns_netlify_rm() {
  _info "Using Netlify"
  txtdomain="$1"
  txt="$2"
  _debug txtdomain "$txtdomain"
  _debug txt "$txt"

  NETLIFY_ACCESS_TOKEN="${NETLIFY_ACCESS_TOKEN:-$(_readaccountconf_mutable NETLIFY_ACCESS_TOKEN)}"

  if ! _get_root "$txtdomain"; then
    _err "invalid domain"
    return 1
  fi

  _debug _domain_id "$_domain_id"
  _debug _sub_domain "$_sub_domain"
  _debug _domain "$_domain"

  dnsRecordURI="dns_zones/$_domain_id/dns_records"

  _netlify_rest GET "$dnsRecordURI" "" "$NETLIFY_ACCESS_TOKEN"

  _record_id=$(echo "$response" | _egrep_o "\"type\":\"TXT\",[^\}]*\"value\":\"$txt\"" | head -n 1 | _egrep_o "\"id\":\"[^\"\}]*\"" | cut -d : -f 2 | tr -d \")
  _debug _record_id "$_record_id"
  if [ "$_record_id" ]; then
    _netlify_rest DELETE "$dnsRecordURI/$_record_id" "" "$NETLIFY_ACCESS_TOKEN"
    _code="$(grep "^HTTP" "$HTTP_HEADER" | _tail_n 1 | cut -d " " -f 2 | tr -d "\\r\\n")"
    if [ "$_code" = "200" ] || [ "$_code" = '204' ]; then
      _info "validation value removed"
      return 0
    else
      _err "error removing validation value ($_code)"
      return 1
    fi
    return 0
  fi
  return 1
}

####################  Private functions below ##################################

_get_root() {
  domain=$1
  accesstoken=$2
  i=1
  p=1

  _netlify_rest GET "dns_zones" "" "$accesstoken"

  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)
    _debug2 "Checking domain: $h"
    if [ -z "$h" ]; then
      #not valid
      _err "Invalid domain"
      return 1
    fi

    if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
      _domain_id=$(echo "$response" | _egrep_o "\"[^\"]*\",\"name\":\"$h\"" | cut -d , -f 1 | tr -d \")
      if [ "$_domain_id" ]; then
        if [ "$i" = 1 ]; then
          #create the record at the domain apex (@) if only the domain name was provided as --domain-alias
          _sub_domain="@"
        else
          _sub_domain=$(echo "$domain" | cut -d . -f 1-$p)
        fi
        _domain=$h
        return 0
      fi
      return 1
    fi
    p=$i
    i=$(_math "$i" + 1)
  done
  return 1
}

_netlify_rest() {
  m=$1
  ep="$2"
  data="$3"
  _debug "$ep"

  token_trimmed=$(echo "$NETLIFY_ACCESS_TOKEN" | tr -d '"')

  export _H1="Content-Type: application/json"
  export _H2="Authorization: Bearer $token_trimmed"

  : >"$HTTP_HEADER"

  if [ "$m" != "GET" ]; then
    _debug data "$data"
    response="$(_post "$data" "$NETLIFY_URL$ep" "" "$m")"
  else
    response="$(_get "$NETLIFY_URL$ep")"
  fi

  if [ "$?" != "0" ]; then
    _err "error $ep"
    return 1
  fi
  _debug2 response "$response"
  return 0
}
Commit	Line	Data
e8bcde31 DL	1	#!/usr/bin/env sh
	2
	3	#NETLIFY_ACCESS_TOKEN="xxxx"
	4
	5	NETLIFY_HOST="api.netlify.com/api/v1/"
	6	NETLIFY_URL="https://$NETLIFY_HOST"
	7
	8	######## Public functions #####################
	9
	10	#Usage: dns_myapi_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
	11	dns_netlify_add() {
	12	fulldomain=$1
	13	txtvalue=$2
	14
	15	NETLIFY_ACCESS_TOKEN="${NETLIFY_ACCESS_TOKEN:-$(_readaccountconf_mutable NETLIFY_ACCESS_TOKEN)}"
	16
	17	if [ -z "$NETLIFY_ACCESS_TOKEN" ]; then
	18	NETLIFY_ACCESS_TOKEN=""
	19	_err "Please specify your Netlify Access Token and try again."
	20	return 1
4e9749f6 M	21	else
4e9749f6 M	22	_saveaccountconf_mutable NETLIFY_ACCESS_TOKEN "$NETLIFY_ACCESS_TOKEN"
e8bcde31 DL	23	fi
	24
	25	_info "Using Netlify"
	26	_debug fulldomain "$fulldomain"
	27	_debug txtvalue "$txtvalue"
	28
4e9749f6	29	if ! _get_root "$fulldomain"; then
e8bcde31 DL	30	_err "invalid domain"
	31	return 1
	32	fi
	33
	34	_debug _domain_id "$_domain_id"
	35	_debug _sub_domain "$_sub_domain"
	36	_debug _domain "$_domain"
	37
	38	dnsRecordURI="dns_zones/$_domain_id/dns_records"
	39
	40	body="{\"type\":\"TXT\", \"hostname\":\"$_sub_domain\", \"value\":\"$txtvalue\", \"ttl\":\"10\"}"
	41
	42	_netlify_rest POST "$dnsRecordURI" "$body" "$NETLIFY_ACCESS_TOKEN"
	43	_code="$(grep "^HTTP" "$HTTP_HEADER" \| _tail_n 1 \| cut -d " " -f 2 \| tr -d "\\r\\n")"
	44	if [ "$_code" = "200" ] \|\| [ "$_code" = '201' ]; then
	45	_info "validation value added"
	46	return 0
	47	else
	48	_err "error adding validation value ($_code)"
	49	return 1
	50	fi
	51
	52	_err "Not fully implemented!"
	53	return 1
	54	}
	55
	56	#Usage: dns_myapi_rm _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
	57	#Remove the txt record after validation.
	58	dns_netlify_rm() {
	59	_info "Using Netlify"
70b49980	60	txtdomain="$1"
70b49980	61	txt="$2"
e8bcde31 DL	62	_debug txtdomain "$txtdomain"
	63	_debug txt "$txt"
	64
4e9749f6	65	NETLIFY_ACCESS_TOKEN="${NETLIFY_ACCESS_TOKEN:-$(_readaccountconf_mutable NETLIFY_ACCESS_TOKEN)}"
e8bcde31	66
4e9749f6	67	if ! _get_root "$txtdomain"; then
e8bcde31 DL	68	_err "invalid domain"
	69	return 1
	70	fi
	71
	72	_debug _domain_id "$_domain_id"
	73	_debug _sub_domain "$_sub_domain"
	74	_debug _domain "$_domain"
70b49980	75
e8bcde31 DL	76	dnsRecordURI="dns_zones/$_domain_id/dns_records"
	77
	78	_netlify_rest GET "$dnsRecordURI" "" "$NETLIFY_ACCESS_TOKEN"
	79
70b49980	80	_record_id=$(echo "$response" \| _egrep_o "\"type\":\"TXT\",[^\}]\"value\":\"$txt\"" \| head -n 1 \| _egrep_o "\"id\":\"[^\"\}]\"" \| cut -d : -f 2 \| tr -d \")
e8bcde31 DL	81	_debug _record_id "$_record_id"
	82	if [ "$_record_id" ]; then
	83	_netlify_rest DELETE "$dnsRecordURI/$_record_id" "" "$NETLIFY_ACCESS_TOKEN"
	84	_code="$(grep "^HTTP" "$HTTP_HEADER" \| _tail_n 1 \| cut -d " " -f 2 \| tr -d "\\r\\n")"
	85	if [ "$_code" = "200" ] \|\| [ "$_code" = '204' ]; then
	86	_info "validation value removed"
	87	return 0
	88	else
	89	_err "error removing validation value ($_code)"
	90	return 1
	91	fi
	92	return 0
	93	fi
	94	return 1
	95	}
	96
	97	#################### Private functions below ##################################
	98
	99	_get_root() {
	100	domain=$1
	101	accesstoken=$2
	102	i=1
	103	p=1
	104
	105	_netlify_rest GET "dns_zones" "" "$accesstoken"
70b49980	106
e8bcde31 DL	107	while true; do
	108	h=$(printf "%s" "$domain" \| cut -d . -f $i-100)
	109	_debug2 "Checking domain: $h"
	110	if [ -z "$h" ]; then
	111	#not valid
	112	_err "Invalid domain"
	113	return 1
	114	fi
	115
	116	if _contains "$response" "\"name\":\"$h\"" >/dev/null; then
481f02de	117	_domain_id=$(echo "$response" \| _egrep_o "\"[^\"]*\",\"name\":\"$h\"" \| cut -d , -f 1 \| tr -d \")
e8bcde31 DL	118	if [ "$_domain_id" ]; then
	119	if [ "$i" = 1 ]; then
	120	#create the record at the domain apex (@) if only the domain name was provided as --domain-alias
	121	_sub_domain="@"
	122	else
	123	_sub_domain=$(echo "$domain" \| cut -d . -f 1-$p)
	124	fi
	125	_domain=$h
	126	return 0
	127	fi
	128	return 1
	129	fi
	130	p=$i
	131	i=$(_math "$i" + 1)
	132	done
	133	return 1
	134	}
	135
	136	_netlify_rest() {
	137	m=$1
	138	ep="$2"
	139	data="$3"
	140	_debug "$ep"
	141
	142	token_trimmed=$(echo "$NETLIFY_ACCESS_TOKEN" \| tr -d '"')
	143
	144	export _H1="Content-Type: application/json"
	145	export _H2="Authorization: Bearer $token_trimmed"
	146
19c43451	147	: >"$HTTP_HEADER"
e8bcde31 DL	148
	149	if [ "$m" != "GET" ]; then
	150	_debug data "$data"
	151	response="$(_post "$data" "$NETLIFY_URL$ep" "" "$m")"
	152	else
	153	response="$(_get "$NETLIFY_URL$ep")"
	154	fi
	155
	156	if [ "$?" != "0" ]; then
	157	_err "error $ep"
	158	return 1
	159	fi
	160	_debug2 response "$response"
	161	return 0
70b49980	162	}