[mirror_acme.sh.git] / dnsapi / dns_nsupdate.sh

#!/usr/bin/env sh

########  Public functions #####################

#Usage: dns_nsupdate_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
dns_nsupdate_add() {
  fulldomain=$1
  txtvalue=$2
  NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
  NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
  NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
  NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"

  _checkKeyFile || return 1

  # save the dns server and key to the account conf file.
  _saveaccountconf_mutable NSUPDATE_SERVER "${NSUPDATE_SERVER}"
  _saveaccountconf_mutable NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}"
  _saveaccountconf_mutable NSUPDATE_KEY "${NSUPDATE_KEY}"
  _saveaccountconf_mutable NSUPDATE_ZONE "${NSUPDATE_ZONE}"

  [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
  [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53

  _info "adding ${fulldomain}. 60 in txt \"${txtvalue}\""
  [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
  [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
  if [ -z "${NSUPDATE_ZONE}" ]; then
    nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER}  ${NSUPDATE_SERVER_PORT}
update add ${fulldomain}. 60 in txt "${txtvalue}"
send
EOF
  else
    nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER}  ${NSUPDATE_SERVER_PORT}
zone ${NSUPDATE_ZONE}.
update add ${fulldomain}. 60 in txt "${txtvalue}"
send
EOF
  fi
  if [ $? -ne 0 ]; then
    _err "error updating domain"
    return 1
  fi

  return 0
}

#Usage: dns_nsupdate_rm   _acme-challenge.www.domain.com
dns_nsupdate_rm() {
  fulldomain=$1

  NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
  NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
  NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
  NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"

  _checkKeyFile || return 1
  [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost"
  [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53
  _info "removing ${fulldomain}. txt"
  [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
  [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
  if [ -z "${NSUPDATE_ZONE}" ]; then
    nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER}  ${NSUPDATE_SERVER_PORT}
update delete ${fulldomain}. txt
send
EOF
  else
    nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
server ${NSUPDATE_SERVER}  ${NSUPDATE_SERVER_PORT}
zone ${NSUPDATE_ZONE}.
update delete ${fulldomain}. txt
send
EOF
  fi
  if [ $? -ne 0 ]; then
    _err "error updating domain"
    return 1
  fi

  return 0
}

####################  Private functions below ##################################

_checkKeyFile() {
  if [ -z "${NSUPDATE_KEY}" ]; then
    _err "you must specify a path to the nsupdate key file"
    return 1
  fi
  if [ ! -r "${NSUPDATE_KEY}" ]; then
    _err "key ${NSUPDATE_KEY} is unreadable"
    return 1
  fi
}
Commit	Line	Data
54d61bdc	1	#!/usr/bin/env sh
0fb206fe	2
0fb206fe PK	3	######## Public functions #####################
	4
	5	#Usage: dns_nsupdate_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
	6	dns_nsupdate_add() {
	7	fulldomain=$1
	8	txtvalue=$2
9c9fed74	9	NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
	10	NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
	11	NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
	12	NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
	13
0fb206fe	14	_checkKeyFile \|\| return 1
9c9fed74	15
	16	# save the dns server and key to the account conf file.
	17	_saveaccountconf_mutable NSUPDATE_SERVER "${NSUPDATE_SERVER}"
	18	_saveaccountconf_mutable NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}"
	19	_saveaccountconf_mutable NSUPDATE_KEY "${NSUPDATE_KEY}"
	20	_saveaccountconf_mutable NSUPDATE_ZONE "${NSUPDATE_ZONE}"
	21
54d61bdc	22	[ -n "${NSUPDATE_SERVER}" ] \|\| NSUPDATE_SERVER="localhost"
ed817c81	23	[ -n "${NSUPDATE_SERVER_PORT}" ] \|\| NSUPDATE_SERVER_PORT=53
9c9fed74	24
54d61bdc	25	_info "adding ${fulldomain}. 60 in txt \"${txtvalue}\""
5431d051 DD	26	[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
5431d051 DD	27	[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
1a774909 DD	28	if [ -z "${NSUPDATE_ZONE}" ]; then
1a774909 DD	29	nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
ac9f6e3a	30	server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
0fb206fe PK	31	update add ${fulldomain}. 60 in txt "${txtvalue}"
	32	send
	33	EOF
1a774909 DD	34	else
	35	nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
	36	server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
	37	zone ${NSUPDATE_ZONE}.
	38	update add ${fulldomain}. 60 in txt "${txtvalue}"
	39	send
	40	EOF
	41	fi
0fb206fe	42	if [ $? -ne 0 ]; then
243593cd	43	_err "error updating domain"
0fb206fe PK	44	return 1
0fb206fe PK	45	fi
fa574fe8	46
0fb206fe PK	47	return 0
	48	}
	49
	50	#Usage: dns_nsupdate_rm _acme-challenge.www.domain.com
	51	dns_nsupdate_rm() {
	52	fulldomain=$1
9c9fed74	53
	54	NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}"
	55	NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}"
	56	NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}"
	57	NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}"
	58
0fb206fe	59	_checkKeyFile \|\| return 1
54d61bdc	60	[ -n "${NSUPDATE_SERVER}" ] \|\| NSUPDATE_SERVER="localhost"
ed817c81	61	[ -n "${NSUPDATE_SERVER_PORT}" ] \|\| NSUPDATE_SERVER_PORT=53
54d61bdc	62	_info "removing ${fulldomain}. txt"
5431d051 DD	63	[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d"
5431d051 DD	64	[ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D"
1a774909 DD	65	if [ -z "${NSUPDATE_ZONE}" ]; then
1a774909 DD	66	nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
ac9f6e3a	67	server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
0fb206fe PK	68	update delete ${fulldomain}. txt
	69	send
	70	EOF
1a774909 DD	71	else
	72	nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF
	73	server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT}
	74	zone ${NSUPDATE_ZONE}.
	75	update delete ${fulldomain}. txt
	76	send
	77	EOF
	78	fi
0fb206fe	79	if [ $? -ne 0 ]; then
243593cd	80	_err "error updating domain"
0fb206fe PK	81	return 1
0fb206fe PK	82	fi
0fb206fe PK	83
	84	return 0
	85	}
	86
329174b6	87	#################### Private functions below ##################################
0fb206fe PK	88
	89	_checkKeyFile() {
	90	if [ -z "${NSUPDATE_KEY}" ]; then
	91	_err "you must specify a path to the nsupdate key file"
	92	return 1
	93	fi
	94	if [ ! -r "${NSUPDATE_KEY}" ]; then
	95	_err "key ${NSUPDATE_KEY} is unreadable"
	96	return 1
	97	fi
	98	}