]>
Commit | Line | Data |
---|---|---|
9ff6d6e7 | 1 | #!/usr/bin/env sh |
2 | # -*- mode: sh; tab-width: 2; indent-tabs-mode: s; coding: utf-8 -*- | |
3 | ||
4 | # one.com ui wrapper for acme.sh | |
5 | # Author: github: @diseq | |
6 | # Created: 2019-02-17 | |
68b42a00 | 7 | # Fixed by: @der-berni |
5fac282e | 8 | # Modified: 2020-04-07 |
da7b1fb0 | 9 | # |
10 | # Use ONECOM_KeepCnameProxy to keep the CNAME DNS record | |
11 | # export ONECOM_KeepCnameProxy="1" | |
12 | # | |
e340593a | 13 | # export ONECOM_User="username" |
14 | # export ONECOM_Password="password" | |
9ff6d6e7 | 15 | # |
16 | # Usage: | |
17 | # acme.sh --issue --dns dns_one -d example.com | |
18 | # | |
19 | # only single domain supported atm | |
20 | ||
21 | dns_one_add() { | |
68b42a00 | 22 | fulldomain=$1 |
9ff6d6e7 | 23 | txtvalue=$2 |
937d5b54 | 24 | |
a3089a71 | 25 | if ! _dns_one_login; then |
26 | _err "login failed" | |
27 | return 1 | |
28 | fi | |
29 | ||
30 | _debug "detect the root domain" | |
68b42a00 | 31 | if ! _get_root "$fulldomain"; then |
a3089a71 | 32 | _err "root domain not found" |
68b42a00 | 33 | return 1 |
34 | fi | |
da7b1fb0 | 35 | |
5fac282e | 36 | subdomain="${_sub_domain}" |
37 | maindomain=${_domain} | |
da7b1fb0 | 38 | |
5fac282e | 39 | useProxy=0 |
40 | if [ "${_sub_domain}" = "_acme-challenge" ]; then | |
41 | subdomain="proxy${_sub_domain}" | |
42 | useProxy=1 | |
43 | fi | |
da7b1fb0 | 44 | |
5fac282e | 45 | _debug subdomain "$subdomain" |
46 | _debug maindomain "$maindomain" | |
da7b1fb0 | 47 | |
5fac282e | 48 | if [ $useProxy -eq 1 ]; then |
49 | #Check if the CNAME exists | |
50 | _dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain" | |
51 | if [ -z "$id" ]; then | |
52 | _info "$(__red "Add CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")" | |
53 | _dns_one_addrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain" | |
da7b1fb0 | 54 | |
5fac282e | 55 | _info "Not valid yet, let's wait 1 hour to take effect." |
56 | _sleep 3600 | |
57 | fi | |
58 | fi | |
da7b1fb0 | 59 | |
5fac282e | 60 | #Check if the TXT exists |
61 | _dns_one_getrecord "TXT" "$subdomain" "$txtvalue" | |
da7b1fb0 | 62 | if [ -n "$id" ]; then |
5fac282e | 63 | _info "$(__green "Txt record with the same value found. Skip adding.")" |
64 | return 0 | |
65 | fi | |
da7b1fb0 | 66 | |
5fac282e | 67 | _dns_one_addrecord "TXT" "$subdomain" "$txtvalue" |
9ff6d6e7 | 68 | if [ -z "$id" ]; then |
da7b1fb0 | 69 | _err "Add TXT record error." |
9ff6d6e7 | 70 | return 1 |
71 | else | |
5fac282e | 72 | _info "$(__green "Added, OK ($id)")" |
9ff6d6e7 | 73 | return 0 |
74 | fi | |
9ff6d6e7 | 75 | } |
76 | ||
77 | dns_one_rm() { | |
68b42a00 | 78 | fulldomain=$1 |
9ff6d6e7 | 79 | txtvalue=$2 |
937d5b54 | 80 | |
a3089a71 | 81 | if ! _dns_one_login; then |
82 | _err "login failed" | |
83 | return 1 | |
84 | fi | |
85 | ||
86 | _debug "detect the root domain" | |
68b42a00 | 87 | if ! _get_root "$fulldomain"; then |
a3089a71 | 88 | _err "root domain not found" |
68b42a00 | 89 | return 1 |
90 | fi | |
937d5b54 | 91 | |
5fac282e | 92 | subdomain="${_sub_domain}" |
93 | maindomain=${_domain} | |
da7b1fb0 | 94 | |
5fac282e | 95 | useProxy=0 |
96 | if [ "${_sub_domain}" = "_acme-challenge" ]; then | |
97 | subdomain="proxy${_sub_domain}" | |
98 | useProxy=1 | |
99 | fi | |
da7b1fb0 | 100 | |
5fac282e | 101 | _debug subdomain "$subdomain" |
102 | _debug maindomain "$maindomain" | |
103 | if [ $useProxy -eq 1 ]; then | |
da7b1fb0 | 104 | if [ "$ONECOM_KeepCnameProxy" = "1" ]; then |
105 | _info "$(__red "Keeping CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")" | |
106 | else | |
107 | #Check if the CNAME exists | |
108 | _dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain" | |
109 | if [ -n "$id" ]; then | |
110 | _info "$(__red "Removing CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")" | |
111 | _dns_one_delrecord "$id" | |
5fac282e | 112 | fi |
da7b1fb0 | 113 | fi |
5fac282e | 114 | fi |
da7b1fb0 | 115 | |
5fac282e | 116 | #Check if the TXT exists |
117 | _dns_one_getrecord "TXT" "$subdomain" "$txtvalue" | |
9ff6d6e7 | 118 | if [ -z "$id" ]; then |
119 | _err "Txt record not found." | |
120 | return 1 | |
121 | fi | |
da7b1fb0 | 122 | |
9ff6d6e7 | 123 | # delete entry |
5fac282e | 124 | if _dns_one_delrecord "$id"; then |
da7b1fb0 | 125 | _info "$(__green Removed, OK)" |
126 | return 0 | |
ed3f2646 | 127 | else |
da7b1fb0 | 128 | _err "Removing txt record error." |
129 | return 1 | |
9ff6d6e7 | 130 | fi |
0bb746ba | 131 | } |
68b42a00 | 132 | |
133 | #_acme-challenge.www.domain.com | |
134 | #returns | |
135 | # _sub_domain=_acme-challenge.www | |
136 | # _domain=domain.com | |
137 | _get_root() { | |
1a5279bd | 138 | domain="$1" |
68b42a00 | 139 | i=2 |
140 | p=1 | |
141 | while true; do | |
142 | h=$(printf "%s" "$domain" | cut -d . -f $i-100) | |
1a5279bd | 143 | |
68b42a00 | 144 | if [ -z "$h" ]; then |
145 | #not valid | |
146 | return 1 | |
147 | fi | |
1a5279bd | 148 | |
a3089a71 | 149 | response="$(_get "https://www.one.com/admin/api/domains/$h/dns/custom_records")" |
1a5279bd | 150 | |
89e73594 | 151 | if ! _contains "$response" "CRMRST_000302"; then |
68b42a00 | 152 | _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
153 | _domain="$h" | |
154 | return 0 | |
155 | fi | |
156 | p=$i | |
157 | i=$(_math "$i" + 1) | |
158 | done | |
159 | _err "Unable to parse this domain" | |
160 | return 1 | |
161 | } | |
a3089a71 | 162 | |
163 | _dns_one_login() { | |
164 | ||
165 | # get credentials | |
5fac282e | 166 | ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-$(_readaccountconf_mutable ONECOM_KeepCnameProxy)}" |
da7b1fb0 | 167 | ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-0}" |
a3089a71 | 168 | ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}" |
169 | ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}" | |
170 | if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then | |
171 | ONECOM_User="" | |
172 | ONECOM_Password="" | |
173 | _err "You didn't specify a one.com username and password yet." | |
174 | _err "Please create the key and try again." | |
175 | return 1 | |
176 | fi | |
177 | ||
178 | #save the api key and email to the account conf file. | |
da7b1fb0 | 179 | _saveaccountconf_mutable ONECOM_KeepCnameProxy "$ONECOM_KeepCnameProxy" |
a3089a71 | 180 | _saveaccountconf_mutable ONECOM_User "$ONECOM_User" |
181 | _saveaccountconf_mutable ONECOM_Password "$ONECOM_Password" | |
182 | ||
183 | # Login with user and password | |
184 | postdata="loginDomain=true" | |
185 | postdata="$postdata&displayUsername=$ONECOM_User" | |
186 | postdata="$postdata&username=$ONECOM_User" | |
187 | postdata="$postdata&targetDomain=" | |
188 | postdata="$postdata&password1=$ONECOM_Password" | |
189 | postdata="$postdata&loginTarget=" | |
190 | #_debug postdata "$postdata" | |
1a5279bd | 191 | |
a3089a71 | 192 | response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")" |
193 | #_debug response "$response" | |
1a5279bd | 194 | |
a3089a71 | 195 | # Get SessionID |
196 | JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _head_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')" | |
197 | _debug jsessionid "$JSESSIONID" | |
1a5279bd | 198 | |
a3089a71 | 199 | if [ -z "$JSESSIONID" ]; then |
200 | _err "error sessionid cookie not found" | |
201 | return 1 | |
202 | fi | |
1a5279bd | 203 | |
a3089a71 | 204 | export _H1="Cookie: ${JSESSIONID}" |
1a5279bd | 205 | |
a3089a71 | 206 | return 0 |
937d5b54 | 207 | } |
5fac282e | 208 | |
209 | _dns_one_getrecord() { | |
210 | type="$1" | |
211 | name="$2" | |
212 | value="$3" | |
213 | if [ -z "$type" ]; then | |
da7b1fb0 | 214 | type="TXT" |
5fac282e | 215 | fi |
216 | if [ -z "$name" ]; then | |
da7b1fb0 | 217 | _err "Record name is empty." |
218 | return 1 | |
5fac282e | 219 | fi |
da7b1fb0 | 220 | |
5fac282e | 221 | response="$(_get "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records")" |
222 | response="$(echo "$response" | _normalizeJson)" | |
223 | _debug response "$response" | |
da7b1fb0 | 224 | |
5fac282e | 225 | if [ -z "${value}" ]; then |
226 | id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"[^\"]*\",\"priority\":0,\"ttl\":600}.*/\1/p") | |
227 | response=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"[^\"]*\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"\([^\"]*\)\",\"priority\":0,\"ttl\":600}.*/\1/p") | |
228 | else | |
229 | id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"${value}\",\"priority\":0,\"ttl\":600}.*/\1/p") | |
230 | fi | |
231 | if [ -z "$id" ]; then | |
5fac282e | 232 | return 1 |
233 | fi | |
234 | return 0 | |
235 | } | |
236 | ||
237 | _dns_one_addrecord() { | |
238 | type="$1" | |
239 | name="$2" | |
240 | value="$3" | |
241 | if [ -z "$type" ]; then | |
da7b1fb0 | 242 | type="TXT" |
5fac282e | 243 | fi |
244 | if [ -z "$name" ]; then | |
da7b1fb0 | 245 | _err "Record name is empty." |
246 | return 1 | |
5fac282e | 247 | fi |
da7b1fb0 | 248 | |
5fac282e | 249 | postdata="{\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"${type}\",\"prefix\":\"${name}\",\"content\":\"${value}\"}}" |
250 | _debug postdata "$postdata" | |
251 | response="$(_post "$postdata" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records" "" "POST" "application/json")" | |
252 | response="$(echo "$response" | _normalizeJson)" | |
253 | _debug response "$response" | |
254 | ||
255 | id=$(echo "$response" | sed -n "s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$subdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p") | |
256 | ||
257 | if [ -z "$id" ]; then | |
258 | return 1 | |
259 | else | |
260 | return 0 | |
261 | fi | |
262 | } | |
263 | ||
264 | _dns_one_delrecord() { | |
265 | id="$1" | |
266 | if [ -z "$id" ]; then | |
da7b1fb0 | 267 | return 1 |
5fac282e | 268 | fi |
da7b1fb0 | 269 | |
5fac282e | 270 | response="$(_post "" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records/$id" "" "DELETE" "application/json")" |
271 | response="$(echo "$response" | _normalizeJson)" | |
272 | _debug response "$response" | |
273 | ||
274 | if [ "$response" = '{"result":null,"metadata":null}' ]; then | |
da7b1fb0 | 275 | return 0 |
5fac282e | 276 | else |
da7b1fb0 | 277 | return 1 |
5fac282e | 278 | fi |
279 | } |