]>
Commit | Line | Data |
---|---|---|
54d61bdc | 1 | #!/usr/bin/env sh |
0fb206fe | 2 | |
0fb206fe PK |
3 | ######## Public functions ##################### |
4 | ||
5 | #Usage: dns_nsupdate_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
6 | dns_nsupdate_add() { | |
7 | fulldomain=$1 | |
8 | txtvalue=$2 | |
9c9fed74 | 9 | NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}" |
10 | NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}" | |
11 | NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}" | |
12 | NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}" | |
13 | ||
0fb206fe | 14 | _checkKeyFile || return 1 |
9c9fed74 | 15 | |
16 | # save the dns server and key to the account conf file. | |
17 | _saveaccountconf_mutable NSUPDATE_SERVER "${NSUPDATE_SERVER}" | |
18 | _saveaccountconf_mutable NSUPDATE_SERVER_PORT "${NSUPDATE_SERVER_PORT}" | |
19 | _saveaccountconf_mutable NSUPDATE_KEY "${NSUPDATE_KEY}" | |
20 | _saveaccountconf_mutable NSUPDATE_ZONE "${NSUPDATE_ZONE}" | |
21 | ||
54d61bdc | 22 | [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost" |
ed817c81 | 23 | [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53 |
9c9fed74 | 24 | |
54d61bdc | 25 | _info "adding ${fulldomain}. 60 in txt \"${txtvalue}\"" |
5431d051 DD |
26 | [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d" |
27 | [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D" | |
1a774909 DD |
28 | if [ -z "${NSUPDATE_ZONE}" ]; then |
29 | nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF | |
5957a106 | 30 | server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT} |
0fb206fe PK |
31 | update add ${fulldomain}. 60 in txt "${txtvalue}" |
32 | send | |
33 | EOF | |
1a774909 DD |
34 | else |
35 | nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF | |
36 | server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT} | |
37 | zone ${NSUPDATE_ZONE}. | |
38 | update add ${fulldomain}. 60 in txt "${txtvalue}" | |
39 | send | |
40 | EOF | |
41 | fi | |
0fb206fe | 42 | if [ $? -ne 0 ]; then |
243593cd | 43 | _err "error updating domain" |
0fb206fe PK |
44 | return 1 |
45 | fi | |
fa574fe8 | 46 | |
0fb206fe PK |
47 | return 0 |
48 | } | |
49 | ||
50 | #Usage: dns_nsupdate_rm _acme-challenge.www.domain.com | |
51 | dns_nsupdate_rm() { | |
52 | fulldomain=$1 | |
9c9fed74 | 53 | |
54 | NSUPDATE_SERVER="${NSUPDATE_SERVER:-$(_readaccountconf_mutable NSUPDATE_SERVER)}" | |
55 | NSUPDATE_SERVER_PORT="${NSUPDATE_SERVER_PORT:-$(_readaccountconf_mutable NSUPDATE_SERVER_PORT)}" | |
56 | NSUPDATE_KEY="${NSUPDATE_KEY:-$(_readaccountconf_mutable NSUPDATE_KEY)}" | |
57 | NSUPDATE_ZONE="${NSUPDATE_ZONE:-$(_readaccountconf_mutable NSUPDATE_ZONE)}" | |
58 | ||
0fb206fe | 59 | _checkKeyFile || return 1 |
54d61bdc | 60 | [ -n "${NSUPDATE_SERVER}" ] || NSUPDATE_SERVER="localhost" |
ed817c81 | 61 | [ -n "${NSUPDATE_SERVER_PORT}" ] || NSUPDATE_SERVER_PORT=53 |
54d61bdc | 62 | _info "removing ${fulldomain}. txt" |
5431d051 DD |
63 | [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_1" ] && nsdebug="-d" |
64 | [ -n "$DEBUG" ] && [ "$DEBUG" -ge "$DEBUG_LEVEL_2" ] && nsdebug="-D" | |
1a774909 DD |
65 | if [ -z "${NSUPDATE_ZONE}" ]; then |
66 | nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF | |
5957a106 | 67 | server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT} |
0fb206fe PK |
68 | update delete ${fulldomain}. txt |
69 | send | |
70 | EOF | |
1a774909 DD |
71 | else |
72 | nsupdate -k "${NSUPDATE_KEY}" $nsdebug <<EOF | |
73 | server ${NSUPDATE_SERVER} ${NSUPDATE_SERVER_PORT} | |
74 | zone ${NSUPDATE_ZONE}. | |
75 | update delete ${fulldomain}. txt | |
76 | send | |
77 | EOF | |
78 | fi | |
0fb206fe | 79 | if [ $? -ne 0 ]; then |
243593cd | 80 | _err "error updating domain" |
0fb206fe PK |
81 | return 1 |
82 | fi | |
0fb206fe PK |
83 | |
84 | return 0 | |
85 | } | |
86 | ||
329174b6 | 87 | #################### Private functions below ################################## |
0fb206fe PK |
88 | |
89 | _checkKeyFile() { | |
90 | if [ -z "${NSUPDATE_KEY}" ]; then | |
91 | _err "you must specify a path to the nsupdate key file" | |
92 | return 1 | |
93 | fi | |
94 | if [ ! -r "${NSUPDATE_KEY}" ]; then | |
95 | _err "key ${NSUPDATE_KEY} is unreadable" | |
96 | return 1 | |
97 | fi | |
98 | } |