]>
Commit | Line | Data |
---|---|---|
690a5e20 | 1 | #!/usr/bin/env sh |
2 | ||
8afd3190 | 3 | #Application Key |
690a5e20 | 4 | #OVH_AK="sdfsdfsdfljlbjkljlkjsdfoiwje" |
5 | # | |
6 | #Application Secret | |
7 | #OVH_AS="sdfsafsdfsdfdsfsdfsa" | |
8 | # | |
9 | #Consumer Key | |
10 | #OVH_CK="sdfsdfsdfsdfsdfdsf" | |
11 | ||
690a5e20 | 12 | #OVH_END_POINT=ovh-eu |
13 | ||
690a5e20 | 14 | #'ovh-eu' |
15 | OVH_EU='https://eu.api.ovh.com/1.0' | |
16 | ||
17 | #'ovh-ca': | |
18 | OVH_CA='https://ca.api.ovh.com/1.0' | |
19 | ||
20 | #'kimsufi-eu' | |
21 | KSF_EU='https://eu.api.kimsufi.com/1.0' | |
22 | ||
23 | #'kimsufi-ca' | |
24 | KSF_CA='https://ca.api.kimsufi.com/1.0' | |
25 | ||
26 | #'soyoustart-eu' | |
27 | SYS_EU='https://eu.api.soyoustart.com/1.0' | |
28 | ||
29 | #'soyoustart-ca' | |
30 | SYS_CA='https://ca.api.soyoustart.com/1.0' | |
31 | ||
32 | #'runabove-ca' | |
33 | RAV_CA='https://api.runabove.com/1.0' | |
34 | ||
690a5e20 | 35 | wiki="https://github.com/Neilpang/acme.sh/wiki/How-to-use-OVH-domain-api" |
36 | ||
37 | ovh_success="https://github.com/Neilpang/acme.sh/wiki/OVH-Success" | |
38 | ||
690a5e20 | 39 | _ovh_get_api() { |
40 | _ogaep="$1" | |
41 | ||
42 | case "${_ogaep}" in | |
4c2a3841 | 43 | |
44 | ovh-eu | ovheu) | |
45 | printf "%s" $OVH_EU | |
46 | return | |
47 | ;; | |
48 | ovh-ca | ovhca) | |
49 | printf "%s" $OVH_CA | |
50 | return | |
51 | ;; | |
52 | kimsufi-eu | kimsufieu) | |
53 | printf "%s" $KSF_EU | |
54 | return | |
55 | ;; | |
56 | kimsufi-ca | kimsufica) | |
57 | printf "%s" $KSF_CA | |
58 | return | |
59 | ;; | |
60 | soyoustart-eu | soyoustarteu) | |
61 | printf "%s" $SYS_EU | |
62 | return | |
63 | ;; | |
64 | soyoustart-ca | soyoustartca) | |
65 | printf "%s" $SYS_CA | |
66 | return | |
67 | ;; | |
68 | runabove-ca | runaboveca) | |
69 | printf "%s" $RAV_CA | |
70 | return | |
71 | ;; | |
72 | ||
690a5e20 | 73 | *) |
4c2a3841 | 74 | |
75 | _err "Unknown parameter : $1" | |
76 | return 1 | |
77 | ;; | |
78 | esac | |
690a5e20 | 79 | } |
80 | ||
81 | ######## Public functions ##################### | |
82 | ||
83 | #Usage: add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs" | |
4c2a3841 | 84 | dns_ovh_add() { |
690a5e20 | 85 | fulldomain=$1 |
86 | txtvalue=$2 | |
4c2a3841 | 87 | |
88 | if [ -z "$OVH_AK" ] || [ -z "$OVH_AS" ]; then | |
422e5026 | 89 | OVH_AK="" |
90 | OVH_AS="" | |
690a5e20 | 91 | _err "You don't specify OVH application key and application secret yet." |
92 | _err "Please create you key and try again." | |
93 | return 1 | |
94 | fi | |
4c2a3841 | 95 | |
690a5e20 | 96 | #save the api key and email to the account conf file. |
97 | _saveaccountconf OVH_AK "$OVH_AK" | |
98 | _saveaccountconf OVH_AS "$OVH_AS" | |
4c2a3841 | 99 | |
100 | if [ -z "$OVH_END_POINT" ]; then | |
690a5e20 | 101 | OVH_END_POINT="ovh-eu" |
102 | fi | |
103 | _info "Using OVH endpoint: $OVH_END_POINT" | |
4c2a3841 | 104 | if [ "$OVH_END_POINT" != "ovh-eu" ]; then |
105 | _saveaccountconf OVH_END_POINT "$OVH_END_POINT" | |
690a5e20 | 106 | fi |
4c2a3841 | 107 | |
108 | OVH_API="$(_ovh_get_api $OVH_END_POINT)" | |
690a5e20 | 109 | _debug OVH_API "$OVH_API" |
110 | ||
4c2a3841 | 111 | if [ -z "$OVH_CK" ]; then |
690a5e20 | 112 | _info "OVH consumer key is empty, Let's get one:" |
4c2a3841 | 113 | if ! _ovh_authentication; then |
690a5e20 | 114 | _err "Can not get consumer key." |
115 | fi | |
116 | #return and wait for retry. | |
4c2a3841 | 117 | return 1 |
690a5e20 | 118 | fi |
4c2a3841 | 119 | |
690a5e20 | 120 | _info "Checking authentication" |
4c2a3841 | 121 | |
690a5e20 | 122 | response="$(_ovh_rest GET "domain/")" |
4c2a3841 | 123 | if _contains "$response" "INVALID_CREDENTIAL"; then |
690a5e20 | 124 | _err "The consumer key is invalid: $OVH_CK" |
125 | _err "Please retry to create a new one." | |
4c2a3841 | 126 | _clearaccountconf OVH_CK |
690a5e20 | 127 | return 1 |
128 | fi | |
129 | _info "Consumer key is ok." | |
4c2a3841 | 130 | |
690a5e20 | 131 | _debug "First detect the root zone" |
e9f9f515 | 132 | if ! _get_root "$fulldomain"; then |
690a5e20 | 133 | _err "invalid domain" |
134 | return 1 | |
135 | fi | |
e440223b | 136 | |
690a5e20 | 137 | _debug _sub_domain "$_sub_domain" |
138 | _debug _domain "$_domain" | |
4c2a3841 | 139 | |
690a5e20 | 140 | _debug "Getting txt records" |
141 | _ovh_rest GET "domain/zone/$_domain/record?fieldType=TXT&subDomain=$_sub_domain" | |
4c2a3841 | 142 | |
143 | if _contains "$response" '\[\]' || _contains "$response" "This service does not exist"; then | |
690a5e20 | 144 | _info "Adding record" |
4c2a3841 | 145 | if _ovh_rest POST "domain/zone/$_domain/record" "{\"fieldType\":\"TXT\",\"subDomain\":\"$_sub_domain\",\"target\":\"$txtvalue\",\"ttl\":60}"; then |
146 | if _contains "$response" "$txtvalue"; then | |
690a5e20 | 147 | _ovh_rest POST "domain/zone/$_domain/refresh" |
148 | _debug "Refresh:$response" | |
149 | _info "Added, sleeping 10 seconds" | |
150 | sleep 10 | |
151 | return 0 | |
152 | fi | |
153 | fi | |
154 | _err "Add txt record error." | |
155 | else | |
156 | _info "Updating record" | |
157 | record_id=$(printf "%s" "$response" | tr -d "[]" | cut -d , -f 1) | |
4c2a3841 | 158 | if [ -z "$record_id" ]; then |
690a5e20 | 159 | _err "Can not get record id." |
160 | return 1 | |
161 | fi | |
e9f9f515 | 162 | _debug "record_id" "$record_id" |
690a5e20 | 163 | |
4c2a3841 | 164 | if _ovh_rest PUT "domain/zone/$_domain/record/$record_id" "{\"target\":\"$txtvalue\",\"subDomain\":\"$_sub_domain\",\"ttl\":60}"; then |
165 | if _contains "$response" "null"; then | |
690a5e20 | 166 | _ovh_rest POST "domain/zone/$_domain/refresh" |
167 | _debug "Refresh:$response" | |
168 | _info "Updated, sleeping 10 seconds" | |
169 | sleep 10 | |
4c2a3841 | 170 | return 0 |
690a5e20 | 171 | fi |
172 | fi | |
173 | _err "Update error" | |
174 | return 1 | |
175 | fi | |
690a5e20 | 176 | |
4c2a3841 | 177 | } |
690a5e20 | 178 | |
5d6fd809 | 179 | #fulldomain |
180 | dns_ovh_rm() { | |
181 | fulldomain=$1 | |
182 | ||
183 | } | |
184 | ||
329174b6 | 185 | #################### Private functions below ################################## |
690a5e20 | 186 | |
187 | _ovh_authentication() { | |
4c2a3841 | 188 | |
690a5e20 | 189 | _H1="X-Ovh-Application: $OVH_AK" |
190 | _H2="Content-type: application/json" | |
191 | _H3="" | |
192 | _H4="" | |
4c2a3841 | 193 | |
690a5e20 | 194 | _ovhdata='{"accessRules": [{"method": "GET","path": "/*"},{"method": "POST","path": "/*"},{"method": "PUT","path": "/*"},{"method": "DELETE","path": "/*"}],"redirection":"'$ovh_success'"}' |
4c2a3841 | 195 | |
690a5e20 | 196 | response="$(_post "$_ovhdata" "$OVH_API/auth/credential")" |
197 | _debug3 response "$response" | |
198 | validationUrl="$(echo "$response" | _egrep_o "validationUrl\":\"[^\"]*\"" | _egrep_o "http.*\"" | tr -d '"')" | |
4c2a3841 | 199 | if [ -z "$validationUrl" ]; then |
690a5e20 | 200 | _err "Unable to get validationUrl" |
201 | return 1 | |
202 | fi | |
203 | _debug validationUrl "$validationUrl" | |
4c2a3841 | 204 | |
690a5e20 | 205 | consumerKey="$(echo "$response" | _egrep_o "consumerKey\":\"[^\"]*\"" | cut -d : -f 2 | tr -d '"')" |
4c2a3841 | 206 | if [ -z "$consumerKey" ]; then |
690a5e20 | 207 | _err "Unable to get consumerKey" |
208 | return 1 | |
209 | fi | |
e6e85b0c | 210 | _secure_debug consumerKey "$consumerKey" |
4c2a3841 | 211 | |
690a5e20 | 212 | OVH_CK="$consumerKey" |
213 | _saveaccountconf OVH_CK "$OVH_CK" | |
690a5e20 | 214 | |
4c2a3841 | 215 | _info "Please open this link to do authentication: $(__green "$validationUrl")" |
216 | ||
217 | _info "Here is a guide for you: $(__green "$wiki")" | |
690a5e20 | 218 | _info "Please retry after the authentication is done." |
219 | ||
220 | } | |
221 | ||
690a5e20 | 222 | #_acme-challenge.www.domain.com |
223 | #returns | |
224 | # _sub_domain=_acme-challenge.www | |
225 | # _domain=domain.com | |
690a5e20 | 226 | _get_root() { |
227 | domain=$1 | |
228 | i=2 | |
229 | p=1 | |
c7b16249 | 230 | while true; do |
231 | h=$(printf "%s" "$domain" | cut -d . -f $i-100) | |
4c2a3841 | 232 | if [ -z "$h" ]; then |
690a5e20 | 233 | #not valid |
4c2a3841 | 234 | return 1 |
690a5e20 | 235 | fi |
4c2a3841 | 236 | |
237 | if ! _ovh_rest GET "domain/zone/$h"; then | |
690a5e20 | 238 | return 1 |
239 | fi | |
4c2a3841 | 240 | |
241 | if ! _contains "$response" "This service does not exist" >/dev/null; then | |
c7b16249 | 242 | _sub_domain=$(printf "%s" "$domain" | cut -d . -f 1-$p) |
243 | _domain="$h" | |
690a5e20 | 244 | return 0 |
245 | fi | |
246 | p=$i | |
c7b16249 | 247 | i=$(_math "$i" + 1) |
690a5e20 | 248 | done |
249 | return 1 | |
250 | } | |
251 | ||
252 | _ovh_timestamp() { | |
253 | _H1="" | |
254 | _H2="" | |
255 | _H3="" | |
256 | _H4="" | |
257 | _H5="" | |
258 | _get "$OVH_API/auth/time" "" 30 | |
259 | } | |
260 | ||
261 | _ovh_rest() { | |
262 | m=$1 | |
263 | ep="$2" | |
264 | data="$3" | |
c7b16249 | 265 | _debug "$ep" |
4c2a3841 | 266 | |
690a5e20 | 267 | _ovh_url="$OVH_API/$ep" |
268 | _debug2 _ovh_url "$_ovh_url" | |
269 | _ovh_t="$(_ovh_timestamp)" | |
270 | _debug2 _ovh_t "$_ovh_t" | |
271 | _ovh_p="$OVH_AS+$OVH_CK+$m+$_ovh_url+$data+$_ovh_t" | |
e6e85b0c | 272 | _secure_debug _ovh_p "$_ovh_p" |
690a5e20 | 273 | _ovh_hex="$(printf "%s" "$_ovh_p" | _digest sha1 hex)" |
274 | _debug2 _ovh_hex "$_ovh_hex" | |
690a5e20 | 275 | |
3ca93f4a BB |
276 | export _H1="X-Ovh-Application: $OVH_AK" |
277 | export _H2="X-Ovh-Signature: \$1\$$_ovh_hex" | |
690a5e20 | 278 | _debug2 _H2 "$_H2" |
3ca93f4a BB |
279 | export _H3="X-Ovh-Timestamp: $_ovh_t" |
280 | export _H4="X-Ovh-Consumer: $OVH_CK" | |
281 | export _H5="Content-Type: application/json;charset=utf-8" | |
4c2a3841 | 282 | if [ "$data" ] || [ "$m" = "POST" ] || [ "$m" = "PUT" ]; then |
690a5e20 | 283 | _debug data "$data" |
e9f9f515 | 284 | response="$(_post "$data" "$_ovh_url" "" "$m")" |
690a5e20 | 285 | else |
286 | response="$(_get "$_ovh_url")" | |
287 | fi | |
4c2a3841 | 288 | |
289 | if [ "$?" != "0" ]; then | |
690a5e20 | 290 | _err "error $ep" |
291 | return 1 | |
292 | fi | |
293 | _debug2 response "$response" | |
294 | return 0 | |
295 | } |