]>
Commit | Line | Data |
---|---|---|
dc5c220e | 1 | #!/usr/bin/env sh |
2 | ||
3 | # | |
c822870c SZ |
4 | #NIC_ClientID='0dc0xxxxxxxxxxxxxxxxxxxxxxxxce88' |
5 | #NIC_ClientSecret='3LTtxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnuW8' | |
dc5c220e | 6 | #NIC_Username="000000/NIC-D" |
dc5c220e | 7 | #NIC_Password="xxxxxxx" |
8 | ||
9 | NIC_Api="https://api.nic.ru" | |
10 | ||
11 | dns_nic_add() { | |
12 | fulldomain="${1}" | |
13 | txtvalue="${2}" | |
14 | ||
a88622c1 | 15 | if ! _nic_get_authtoken save; then |
dc5c220e | 16 | _err "get NIC auth token failed" |
17 | return 1 | |
18 | fi | |
19 | ||
20 | _debug "First detect the root zone" | |
21 | if ! _get_root "$fulldomain"; then | |
22 | _err "Invalid domain" | |
23 | return 1 | |
24 | fi | |
25 | ||
26 | _debug _sub_domain "$_sub_domain" | |
27 | _debug _domain "$_domain" | |
28 | _debug _service "$_service" | |
29 | ||
30 | _info "Adding record" | |
31 | if ! _nic_rest PUT "services/$_service/zones/$_domain/records" "<?xml version=\"1.0\" encoding=\"UTF-8\" ?><request><rr-list><rr><name>$_sub_domain</name><type>TXT</type><txt><string>$txtvalue</string></txt></rr></rr-list></request>"; then | |
32 | _err "Add TXT record error" | |
33 | return 1 | |
34 | fi | |
35 | ||
36 | if ! _nic_rest POST "services/$_service/zones/$_domain/commit" ""; then | |
37 | return 1 | |
38 | fi | |
39 | _info "Added, OK" | |
40 | } | |
41 | ||
42 | dns_nic_rm() { | |
43 | fulldomain="${1}" | |
44 | txtvalue="${2}" | |
45 | ||
a88622c1 | 46 | if ! _nic_get_authtoken; then |
dc5c220e | 47 | _err "get NIC auth token failed" |
48 | return 1 | |
49 | fi | |
50 | ||
51 | if ! _get_root "$fulldomain"; then | |
52 | _err "Invalid domain" | |
53 | return 1 | |
54 | fi | |
ffa5472b | 55 | |
dc5c220e | 56 | _debug _sub_domain "$_sub_domain" |
57 | _debug _domain "$_domain" | |
58 | _debug _service "$_service" | |
59 | ||
60 | if ! _nic_rest GET "services/$_service/zones/$_domain/records"; then | |
61 | _err "Get records error" | |
62 | return 1 | |
63 | fi | |
64 | ||
c282dd08 | 65 | _domain_id=$(printf "%s" "$response" | grep "$_sub_domain" | grep -- "$txtvalue" | sed -r "s/.*<rr id=\"(.*)\".*/\1/g") |
dc5c220e | 66 | |
67 | if ! _nic_rest DELETE "services/$_service/zones/$_domain/records/$_domain_id"; then | |
68 | _err "Delete record error" | |
69 | return 1 | |
70 | fi | |
71 | ||
72 | if ! _nic_rest POST "services/$_service/zones/$_domain/commit" ""; then | |
73 | return 1 | |
74 | fi | |
75 | } | |
76 | ||
77 | #################### Private functions below ################################## | |
78 | ||
a88622c1 SZ |
79 | #_nic_get_auth_elements [need2save] |
80 | _nic_get_auth_elements() { | |
81 | _need2save=$1 | |
82 | ||
83 | NIC_ClientID="${NIC_ClientID:-$(_readaccountconf_mutable NIC_ClientID)}" | |
84 | NIC_ClientSecret="${NIC_ClientSecret:-$(_readaccountconf_mutable NIC_ClientSecret)}" | |
85 | NIC_Username="${NIC_Username:-$(_readaccountconf_mutable NIC_Username)}" | |
86 | NIC_Password="${NIC_Password:-$(_readaccountconf_mutable NIC_Password)}" | |
87 | ||
88 | ## for backward compatibility | |
89 | if [ -z "$NIC_ClientID" ] || [ -z "$NIC_ClientSecret" ]; then | |
90 | NIC_Token="${NIC_Token:-$(_readaccountconf_mutable NIC_Token)}" | |
91 | _debug NIC_Token "$NIC_Token" | |
92 | if [ -n "$NIC_Token" ]; then | |
93 | _two_values="$(echo "${NIC_Token}" | _dbase64)" | |
94 | _debug _two_values "$_two_values" | |
be7688a4 SZ |
95 | NIC_ClientID=$(echo "$_two_values" | cut -d':' -f1) |
96 | NIC_ClientSecret=$(echo "$_two_values" | cut -d':' -f2-) | |
a88622c1 SZ |
97 | _debug restored_NIC_ClientID "$NIC_ClientID" |
98 | _debug restored_NIC_ClientSecret "$NIC_ClientSecret" | |
99 | fi | |
100 | fi | |
101 | ||
a88622c1 SZ |
102 | if [ -z "$NIC_ClientID" ] || [ -z "$NIC_ClientSecret" ] || [ -z "$NIC_Username" ] || [ -z "$NIC_Password" ]; then |
103 | NIC_ClientID="" | |
104 | NIC_ClientSecret="" | |
105 | NIC_Username="" | |
106 | NIC_Password="" | |
107 | _err "You must export variables: NIC_ClientID, NIC_ClientSecret, NIC_Username and NIC_Password" | |
108 | return 1 | |
109 | fi | |
110 | ||
111 | if [ "$_need2save" ]; then | |
112 | _saveaccountconf_mutable NIC_ClientID "$NIC_ClientID" | |
113 | _saveaccountconf_mutable NIC_ClientSecret "$NIC_ClientSecret" | |
114 | _saveaccountconf_mutable NIC_Username "$NIC_Username" | |
115 | _saveaccountconf_mutable NIC_Password "$NIC_Password" | |
116 | fi | |
117 | ||
118 | NIC_BasicAuth=$(printf "%s:%s" "${NIC_ClientID}" "${NIC_ClientSecret}" | _base64) | |
346454c2 | 119 | _debug NIC_BasicAuth "$NIC_BasicAuth" |
a88622c1 SZ |
120 | |
121 | } | |
122 | ||
123 | #_nic_get_authtoken [need2save] | |
dc5c220e | 124 | _nic_get_authtoken() { |
a88622c1 SZ |
125 | _need2save=$1 |
126 | ||
346454c2 | 127 | if ! _nic_get_auth_elements "$_need2save"; then |
a88622c1 SZ |
128 | return 1 |
129 | fi | |
dc5c220e | 130 | |
131 | _info "Getting NIC auth token" | |
132 | ||
a88622c1 | 133 | export _H1="Authorization: Basic ${NIC_BasicAuth}" |
dc5c220e | 134 | export _H2="Content-Type: application/x-www-form-urlencoded" |
135 | ||
a88622c1 | 136 | res=$(_post "grant_type=password&username=${NIC_Username}&password=${NIC_Password}&scope=%28GET%7CPUT%7CPOST%7CDELETE%29%3A%2Fdns-master%2F.%2B" "$NIC_Api/oauth/token" "" "POST") |
dc5c220e | 137 | if _contains "$res" "access_token"; then |
138 | _auth_token=$(printf "%s" "$res" | cut -d , -f2 | tr -d "\"" | sed "s/access_token://") | |
139 | _info "Token received" | |
140 | _debug _auth_token "$_auth_token" | |
141 | return 0 | |
142 | fi | |
143 | return 1 | |
144 | } | |
145 | ||
146 | _get_root() { | |
147 | domain="$1" | |
148 | i=1 | |
149 | p=1 | |
150 | ||
151 | if ! _nic_rest GET "zones"; then | |
ffa5472b | 152 | return 1 |
dc5c220e | 153 | fi |
154 | ||
155 | _all_domains=$(printf "%s" "$response" | grep "idn-name" | sed -r "s/.*idn-name=\"(.*)\" name=.*/\1/g") | |
156 | _debug2 _all_domains "$_all_domains" | |
157 | ||
158 | while true; do | |
ffa5472b | 159 | h=$(printf "%s" "$domain" | cut -d . -f "$i"-100) |
160 | _debug h "$h" | |
161 | ||
162 | if [ -z "$h" ]; then | |
163 | return 1 | |
164 | fi | |
165 | ||
166 | if _contains "$_all_domains" "^$h$"; then | |
167 | _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) | |
168 | _domain=$h | |
4e0de223 | 169 | _service=$(printf "%s" "$response" | grep -m 1 "idn-name=\"$_domain\"" | sed -r "s/.*service=\"(.*)\".*$/\1/") |
ffa5472b | 170 | return 0 |
171 | fi | |
172 | p="$i" | |
173 | i=$(_math "$i" + 1) | |
dc5c220e | 174 | done |
175 | return 1 | |
176 | } | |
177 | ||
178 | _nic_rest() { | |
179 | m="$1" | |
180 | ep="$2" | |
181 | data="$3" | |
182 | _debug "$ep" | |
183 | ||
184 | export _H1="Content-Type: application/xml" | |
185 | export _H2="Authorization: Bearer $_auth_token" | |
186 | ||
187 | if [ "$m" != "GET" ]; then | |
ffa5472b | 188 | _debug data "$data" |
189 | response=$(_post "$data" "$NIC_Api/dns-master/$ep" "" "$m") | |
dc5c220e | 190 | else |
ffa5472b | 191 | response=$(_get "$NIC_Api/dns-master/$ep") |
dc5c220e | 192 | fi |
193 | ||
194 | if _contains "$response" "<errors>"; then | |
ffa5472b | 195 | error=$(printf "%s" "$response" | grep "error code" | sed -r "s/.*<error code=.*>(.*)<\/error>/\1/g") |
196 | _err "Error: $error" | |
197 | return 1 | |
dc5c220e | 198 | fi |
199 | ||
200 | if ! _contains "$response" "<status>success</status>"; then | |
ffa5472b | 201 | return 1 |
dc5c220e | 202 | fi |
203 | _debug2 response "$response" | |
204 | return 0 | |
205 | } |