[mirror_acme.sh.git] / dnsapi / dns_one.sh

#!/usr/bin/env sh
# -*- mode: sh; tab-width: 2; indent-tabs-mode: s; coding: utf-8 -*-

# one.com ui wrapper for acme.sh
# Author: github: @diseq
# Created: 2019-02-17
# Fixed by: @der-berni
# Modified: 2020-04-07
#     
#     Use ONECOM_KeepCnameProxy to keep the CNAME DNS record
#     export ONECOM_KeepCnameProxy="1"
#     
#     export ONECOM_User="username"
#     export ONECOM_Password="password"
#
# Usage:
#     acme.sh --issue --dns dns_one -d example.com
#
#     only single domain supported atm

dns_one_add() {
  fulldomain=$1
  txtvalue=$2

  if ! _dns_one_login; then
    _err "login failed"
    return 1
  fi

  _debug "detect the root domain"
  if ! _get_root "$fulldomain"; then
    _err "root domain not found"
    return 1
  fi

  subdomain="${_sub_domain}"
  maindomain=${_domain}

  useProxy=0
  if [ "${_sub_domain}" = "_acme-challenge" ]; then
    subdomain="proxy${_sub_domain}"
    useProxy=1
  fi

  _debug subdomain "$subdomain"
  _debug maindomain "$maindomain"

  if [ $useProxy -eq 1 ]; then
    #Check if the CNAME exists
    _dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
    if [ -z "$id" ]; then
      _info "$(__red "Add CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
      _dns_one_addrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"

      _info "Not valid yet, let's wait 1 hour to take effect."
      _sleep 3600
    fi
  fi

  #Check if the TXT exists
  _dns_one_getrecord "TXT" "$subdomain" "$txtvalue"
  if [ -n "$id" ]; then
    _info "$(__green "Txt record with the same value found. Skip adding.")"
    return 0
  fi

  _dns_one_addrecord "TXT" "$subdomain" "$txtvalue"
  if [ -z "$id" ]; then
    _err "Add TXT record error."
    return 1
  else
    _info "$(__green "Added, OK ($id)")"
    return 0
  fi
}

dns_one_rm() {
  fulldomain=$1
  txtvalue=$2

  if ! _dns_one_login; then
    _err "login failed"
    return 1
  fi

  _debug "detect the root domain"
  if ! _get_root "$fulldomain"; then
    _err "root domain not found"
    return 1
  fi

  subdomain="${_sub_domain}"
  maindomain=${_domain}

  useProxy=0
  if [ "${_sub_domain}" = "_acme-challenge" ]; then
    subdomain="proxy${_sub_domain}"
    useProxy=1
  fi

  _debug subdomain "$subdomain"
  _debug maindomain "$maindomain"
  if [ $useProxy -eq 1 ]; then
    if [ "$ONECOM_KeepCnameProxy" = "1" ]; then
      _info "$(__red "Keeping CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
    else
      #Check if the CNAME exists
      _dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
      if [ -n "$id" ]; then
        _info "$(__red "Removing CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
        _dns_one_delrecord "$id"
      fi
    fi
  fi

  #Check if the TXT exists
  _dns_one_getrecord "TXT" "$subdomain" "$txtvalue"
  if [ -z "$id" ]; then
    _err "Txt record not found."
    return 1
  fi

  # delete entry
  if _dns_one_delrecord "$id"; then
    _info "$(__green Removed, OK)"
    return 0
  else
    _err "Removing txt record error."
    return 1
  fi
}

#_acme-challenge.www.domain.com
#returns
# _sub_domain=_acme-challenge.www
# _domain=domain.com
_get_root() {
  domain="$1"
  i=2
  p=1
  while true; do
    h=$(printf "%s" "$domain" | cut -d . -f $i-100)

    if [ -z "$h" ]; then
      #not valid
      return 1
    fi

    response="$(_get "https://www.one.com/admin/api/domains/$h/dns/custom_records")"

    if ! _contains "$response" "CRMRST_000302"; then
      _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p)
      _domain="$h"
      return 0
    fi
    p=$i
    i=$(_math "$i" + 1)
  done
  _err "Unable to parse this domain"
  return 1
}

_dns_one_login() {

  # get credentials
  ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-$(_readaccountconf_mutable ONECOM_KeepCnameProxy)}"
  ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-0}"
  ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
  ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
  if [ -z "$ONECOM_User" ] || [ -z "$ONECOM_Password" ]; then
    ONECOM_User=""
    ONECOM_Password=""
    _err "You didn't specify a one.com username and password yet."
    _err "Please create the key and try again."
    return 1
  fi

  #save the api key and email to the account conf file.
  _saveaccountconf_mutable ONECOM_KeepCnameProxy "$ONECOM_KeepCnameProxy"
  _saveaccountconf_mutable ONECOM_User "$ONECOM_User"
  _saveaccountconf_mutable ONECOM_Password "$ONECOM_Password"

  # Login with user and password
  postdata="loginDomain=true"
  postdata="$postdata&displayUsername=$ONECOM_User"
  postdata="$postdata&username=$ONECOM_User"
  postdata="$postdata&targetDomain="
  postdata="$postdata&password1=$ONECOM_Password"
  postdata="$postdata&loginTarget="
  #_debug postdata "$postdata"

  response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
  #_debug response "$response"

  # Get SessionID
  JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" | grep "^[Ss]et-[Cc]ookie:" | _head_n 1 | _egrep_o 'OneSIDCrmAdmin=[^;]*;' | tr -d ';')"
  _debug jsessionid "$JSESSIONID"

  if [ -z "$JSESSIONID" ]; then
    _err "error sessionid cookie not found"
    return 1
  fi

  export _H1="Cookie: ${JSESSIONID}"

  return 0
}

_dns_one_getrecord() {
  type="$1"
  name="$2"
  value="$3"
  if [ -z "$type" ]; then
    type="TXT"
  fi
  if [ -z "$name" ]; then
    _err "Record name is empty."
    return 1
  fi

  response="$(_get "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records")"
  response="$(echo "$response" | _normalizeJson)"
  _debug response "$response"

  if [ -z "${value}" ]; then
    id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"[^\"]*\",\"priority\":0,\"ttl\":600}.*/\1/p")
    response=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"[^\"]*\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"\([^\"]*\)\",\"priority\":0,\"ttl\":600}.*/\1/p")
  else
    id=$(printf -- "%s" "$response" | sed -n "s/.*{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"${value}\",\"priority\":0,\"ttl\":600}.*/\1/p")
  fi
  if [ -z "$id" ]; then
    return 1
  fi
  return 0
}

_dns_one_addrecord() {
  type="$1"
  name="$2"
  value="$3"
  if [ -z "$type" ]; then
    type="TXT"
  fi
  if [ -z "$name" ]; then
    _err "Record name is empty."
    return 1
  fi

  postdata="{\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"${type}\",\"prefix\":\"${name}\",\"content\":\"${value}\"}}"
  _debug postdata "$postdata"
  response="$(_post "$postdata" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records" "" "POST" "application/json")"
  response="$(echo "$response" | _normalizeJson)"
  _debug response "$response"

  id=$(echo "$response" | sed -n "s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$subdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p")

  if [ -z "$id" ]; then
    return 1
  else
    return 0
  fi
}

_dns_one_delrecord() {
  id="$1"
  if [ -z "$id" ]; then
    return 1
  fi

  response="$(_post "" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records/$id" "" "DELETE" "application/json")"
  response="$(echo "$response" | _normalizeJson)"
  _debug response "$response"

  if [ "$response" = '{"result":null,"metadata":null}' ]; then
    return 0
  else
    return 1
  fi
}
Commit	Line	Data
9ff6d6e7	1	#!/usr/bin/env sh
	2	# -- mode: sh; tab-width: 2; indent-tabs-mode: s; coding: utf-8 --
	3
	4	# one.com ui wrapper for acme.sh
	5	# Author: github: @diseq
	6	# Created: 2019-02-17
68b42a00	7	# Fixed by: @der-berni
5fac282e	8	# Modified: 2020-04-07
da7b1fb0	9	#
	10	# Use ONECOM_KeepCnameProxy to keep the CNAME DNS record
	11	# export ONECOM_KeepCnameProxy="1"
	12	#
e340593a	13	# export ONECOM_User="username"
e340593a	14	# export ONECOM_Password="password"
9ff6d6e7	15	#
	16	# Usage:
	17	# acme.sh --issue --dns dns_one -d example.com
	18	#
	19	# only single domain supported atm
	20
	21	dns_one_add() {
68b42a00	22	fulldomain=$1
9ff6d6e7	23	txtvalue=$2
937d5b54	24
a3089a71	25	if ! _dns_one_login; then
	26	_err "login failed"
	27	return 1
	28	fi
	29
	30	_debug "detect the root domain"
68b42a00	31	if ! _get_root "$fulldomain"; then
a3089a71	32	_err "root domain not found"
68b42a00	33	return 1
68b42a00	34	fi
da7b1fb0	35
5fac282e	36	subdomain="${_sub_domain}"
5fac282e	37	maindomain=${_domain}
da7b1fb0	38
5fac282e	39	useProxy=0
	40	if [ "${_sub_domain}" = "_acme-challenge" ]; then
	41	subdomain="proxy${_sub_domain}"
	42	useProxy=1
	43	fi
da7b1fb0	44
5fac282e	45	_debug subdomain "$subdomain"
5fac282e	46	_debug maindomain "$maindomain"
da7b1fb0	47
5fac282e	48	if [ $useProxy -eq 1 ]; then
	49	#Check if the CNAME exists
	50	_dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
	51	if [ -z "$id" ]; then
	52	_info "$(__red "Add CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
	53	_dns_one_addrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
da7b1fb0	54
5fac282e	55	_info "Not valid yet, let's wait 1 hour to take effect."
	56	_sleep 3600
	57	fi
	58	fi
da7b1fb0	59
5fac282e	60	#Check if the TXT exists
5fac282e	61	_dns_one_getrecord "TXT" "$subdomain" "$txtvalue"
da7b1fb0	62	if [ -n "$id" ]; then
5fac282e	63	_info "$(__green "Txt record with the same value found. Skip adding.")"
	64	return 0
	65	fi
da7b1fb0	66
5fac282e	67	_dns_one_addrecord "TXT" "$subdomain" "$txtvalue"
9ff6d6e7	68	if [ -z "$id" ]; then
da7b1fb0	69	_err "Add TXT record error."
9ff6d6e7	70	return 1
9ff6d6e7	71	else
5fac282e	72	_info "$(__green "Added, OK ($id)")"
9ff6d6e7	73	return 0
9ff6d6e7	74	fi
9ff6d6e7	75	}
	76
	77	dns_one_rm() {
68b42a00	78	fulldomain=$1
9ff6d6e7	79	txtvalue=$2
937d5b54	80
a3089a71	81	if ! _dns_one_login; then
	82	_err "login failed"
	83	return 1
	84	fi
	85
	86	_debug "detect the root domain"
68b42a00	87	if ! _get_root "$fulldomain"; then
a3089a71	88	_err "root domain not found"
68b42a00	89	return 1
68b42a00	90	fi
937d5b54	91
5fac282e	92	subdomain="${_sub_domain}"
5fac282e	93	maindomain=${_domain}
da7b1fb0	94
5fac282e	95	useProxy=0
	96	if [ "${_sub_domain}" = "_acme-challenge" ]; then
	97	subdomain="proxy${_sub_domain}"
	98	useProxy=1
	99	fi
da7b1fb0	100
5fac282e	101	_debug subdomain "$subdomain"
	102	_debug maindomain "$maindomain"
	103	if [ $useProxy -eq 1 ]; then
da7b1fb0	104	if [ "$ONECOM_KeepCnameProxy" = "1" ]; then
	105	_info "$(__red "Keeping CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
	106	else
	107	#Check if the CNAME exists
	108	_dns_one_getrecord "CNAME" "$_sub_domain" "$subdomain.$maindomain"
	109	if [ -n "$id" ]; then
	110	_info "$(__red "Removing CNAME Proxy record: '$(__green "\"$_sub_domain\" => \"$subdomain.$maindomain\"")'")"
	111	_dns_one_delrecord "$id"
5fac282e	112	fi
da7b1fb0	113	fi
5fac282e	114	fi
da7b1fb0	115
5fac282e	116	#Check if the TXT exists
5fac282e	117	_dns_one_getrecord "TXT" "$subdomain" "$txtvalue"
9ff6d6e7	118	if [ -z "$id" ]; then
	119	_err "Txt record not found."
	120	return 1
	121	fi
da7b1fb0	122
9ff6d6e7	123	# delete entry
5fac282e	124	if _dns_one_delrecord "$id"; then
da7b1fb0	125	_info "$(__green Removed, OK)"
da7b1fb0	126	return 0
ed3f2646	127	else
da7b1fb0	128	_err "Removing txt record error."
da7b1fb0	129	return 1
9ff6d6e7	130	fi
0bb746ba	131	}
68b42a00	132
	133	#_acme-challenge.www.domain.com
	134	#returns
	135	# _sub_domain=_acme-challenge.www
	136	# _domain=domain.com
	137	_get_root() {
1a5279bd	138	domain="$1"
68b42a00	139	i=2
	140	p=1
	141	while true; do
	142	h=$(printf "%s" "$domain" \| cut -d . -f $i-100)
1a5279bd	143
68b42a00	144	if [ -z "$h" ]; then
	145	#not valid
	146	return 1
	147	fi
1a5279bd	148
a3089a71	149	response="$(_get "https://www.one.com/admin/api/domains/$h/dns/custom_records")"
1a5279bd	150
89e73594	151	if ! _contains "$response" "CRMRST_000302"; then
68b42a00	152	_sub_domain=$(printf "%s" "$domain" \| cut -d . -f 1-$p)
	153	_domain="$h"
	154	return 0
	155	fi
	156	p=$i
	157	i=$(_math "$i" + 1)
	158	done
	159	_err "Unable to parse this domain"
	160	return 1
	161	}
a3089a71	162
	163	_dns_one_login() {
	164
	165	# get credentials
5fac282e	166	ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-$(_readaccountconf_mutable ONECOM_KeepCnameProxy)}"
da7b1fb0	167	ONECOM_KeepCnameProxy="${ONECOM_KeepCnameProxy:-0}"
a3089a71	168	ONECOM_User="${ONECOM_User:-$(_readaccountconf_mutable ONECOM_User)}"
	169	ONECOM_Password="${ONECOM_Password:-$(_readaccountconf_mutable ONECOM_Password)}"
	170	if [ -z "$ONECOM_User" ] \|\| [ -z "$ONECOM_Password" ]; then
	171	ONECOM_User=""
	172	ONECOM_Password=""
	173	_err "You didn't specify a one.com username and password yet."
	174	_err "Please create the key and try again."
	175	return 1
	176	fi
	177
	178	#save the api key and email to the account conf file.
da7b1fb0	179	_saveaccountconf_mutable ONECOM_KeepCnameProxy "$ONECOM_KeepCnameProxy"
a3089a71	180	_saveaccountconf_mutable ONECOM_User "$ONECOM_User"
	181	_saveaccountconf_mutable ONECOM_Password "$ONECOM_Password"
	182
	183	# Login with user and password
	184	postdata="loginDomain=true"
	185	postdata="$postdata&displayUsername=$ONECOM_User"
	186	postdata="$postdata&username=$ONECOM_User"
	187	postdata="$postdata&targetDomain="
	188	postdata="$postdata&password1=$ONECOM_Password"
	189	postdata="$postdata&loginTarget="
	190	#_debug postdata "$postdata"
1a5279bd	191
a3089a71	192	response="$(_post "$postdata" "https://www.one.com/admin/login.do" "" "POST" "application/x-www-form-urlencoded")"
a3089a71	193	#_debug response "$response"
1a5279bd	194
a3089a71	195	# Get SessionID
	196	JSESSIONID="$(grep "OneSIDCrmAdmin" "$HTTP_HEADER" \| grep "^[Ss]et-[Cc]ookie:" \| _head_n 1 \| _egrep_o 'OneSIDCrmAdmin=[^;]*;' \| tr -d ';')"
	197	_debug jsessionid "$JSESSIONID"
1a5279bd	198
a3089a71	199	if [ -z "$JSESSIONID" ]; then
	200	_err "error sessionid cookie not found"
	201	return 1
	202	fi
1a5279bd	203
a3089a71	204	export _H1="Cookie: ${JSESSIONID}"
1a5279bd	205
a3089a71	206	return 0
937d5b54	207	}
5fac282e	208
	209	_dns_one_getrecord() {
	210	type="$1"
	211	name="$2"
	212	value="$3"
	213	if [ -z "$type" ]; then
da7b1fb0	214	type="TXT"
5fac282e	215	fi
5fac282e	216	if [ -z "$name" ]; then
da7b1fb0	217	_err "Record name is empty."
da7b1fb0	218	return 1
5fac282e	219	fi
da7b1fb0	220
5fac282e	221	response="$(_get "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records")"
	222	response="$(echo "$response" \| _normalizeJson)"
	223	_debug response "$response"
da7b1fb0	224
5fac282e	225	if [ -z "${value}" ]; then
	226	id=$(printf -- "%s" "$response" \| sed -n "s/.{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"[^\"]\",\"priority\":0,\"ttl\":600}./\1/p")
	227	response=$(printf -- "%s" "$response" \| sed -n "s/.{\"type\":\"dns_custom_records\",\"id\":\"[^\"]\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"\([^\"]\)\",\"priority\":0,\"ttl\":600}./\1/p")
	228	else
	229	id=$(printf -- "%s" "$response" \| sed -n "s/.{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]\)\",\"attributes\":{\"prefix\":\"${name}\",\"type\":\"${type}\",\"content\":\"${value}\",\"priority\":0,\"ttl\":600}.*/\1/p")
	230	fi
	231	if [ -z "$id" ]; then
5fac282e	232	return 1
	233	fi
	234	return 0
	235	}
	236
	237	_dns_one_addrecord() {
	238	type="$1"
	239	name="$2"
	240	value="$3"
	241	if [ -z "$type" ]; then
da7b1fb0	242	type="TXT"
5fac282e	243	fi
5fac282e	244	if [ -z "$name" ]; then
da7b1fb0	245	_err "Record name is empty."
da7b1fb0	246	return 1
5fac282e	247	fi
da7b1fb0	248
5fac282e	249	postdata="{\"type\":\"dns_custom_records\",\"attributes\":{\"priority\":0,\"ttl\":600,\"type\":\"${type}\",\"prefix\":\"${name}\",\"content\":\"${value}\"}}"
	250	_debug postdata "$postdata"
	251	response="$(_post "$postdata" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records" "" "POST" "application/json")"
	252	response="$(echo "$response" \| _normalizeJson)"
	253	_debug response "$response"
	254
	255	id=$(echo "$response" \| sed -n "s/{\"result\":{\"data\":{\"type\":\"dns_custom_records\",\"id\":\"\([^\"]*\)\",\"attributes\":{\"prefix\":\"$subdomain\",\"type\":\"TXT\",\"content\":\"$txtvalue\",\"priority\":0,\"ttl\":600}}},\"metadata\":null}/\1/p")
	256
	257	if [ -z "$id" ]; then
	258	return 1
	259	else
	260	return 0
	261	fi
	262	}
	263
	264	_dns_one_delrecord() {
	265	id="$1"
	266	if [ -z "$id" ]; then
da7b1fb0	267	return 1
5fac282e	268	fi
da7b1fb0	269
5fac282e	270	response="$(_post "" "https://www.one.com/admin/api/domains/$maindomain/dns/custom_records/$id" "" "DELETE" "application/json")"
	271	response="$(echo "$response" \| _normalizeJson)"
	272	_debug response "$response"
	273
	274	if [ "$response" = '{"result":null,"metadata":null}' ]; then
da7b1fb0	275	return 0
5fac282e	276	else
da7b1fb0	277	return 1
5fac282e	278	fi
5fac282e	279	}