3 CONOHA_DNS_EP_PREFIX_REGEXP
="https://dns-service\."
5 ######## Public functions #####################
7 #Usage: dns_conoha_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
12 _debug fulldomain
"$fulldomain"
13 _debug txtvalue
"$txtvalue"
15 _debug
"Check uesrname and password"
16 CONOHA_Username
="${CONOHA_Username:-$(_readaccountconf_mutable CONOHA_Username)}"
17 CONOHA_Password
="${CONOHA_Password:-$(_readaccountconf_mutable CONOHA_Password)}"
18 CONOHA_TenantId
="${CONOHA_TenantId:-$(_readaccountconf_mutable CONOHA_TenantId)}"
19 CONOHA_IdentityServiceApi
="${CONOHA_IdentityServiceApi:-$(_readaccountconf_mutable CONOHA_IdentityServiceApi)}"
20 if [ -z "$CONOHA_Username" ] ||
[ -z "$CONOHA_Password" ] ||
[ -z "$CONOHA_TenantId" ] ||
[ -z "$CONOHA_IdentityServiceApi" ]; then
24 CONOHA_IdentityServiceApi
=""
25 _err
"You didn't specify a conoha api username and password yet."
26 _err
"Please create the user and try again."
30 _saveaccountconf_mutable CONOHA_Username
"$CONOHA_Username"
31 _saveaccountconf_mutable CONOHA_Password
"$CONOHA_Password"
32 _saveaccountconf_mutable CONOHA_TenantId
"$CONOHA_TenantId"
33 _saveaccountconf_mutable CONOHA_IdentityServiceApi
"$CONOHA_IdentityServiceApi"
35 if token
="$(_conoha_get_accesstoken "$CONOHA_IdentityServiceApi/tokens
" "$CONOHA_Username" "$CONOHA_Password" "$CONOHA_TenantId")"; then
36 accesstoken
="$(printf "%s
" "$token" | sed -n 1p)"
37 CONOHA_Api
="$(printf "%s
" "$token" | sed -n 2p)"
42 _debug
"First detect the root zone"
43 if ! _get_root
"$fulldomain" "$CONOHA_Api" "$accesstoken"; then
47 _debug _domain_id
"$_domain_id"
48 _debug _sub_domain
"$_sub_domain"
49 _debug _domain
"$_domain"
52 body
="{\"type\":\"TXT\",\"name\":\"$fulldomain.\",\"data\":\"$txtvalue\",\"ttl\":60}"
53 if _conoha_rest POST
"$CONOHA_Api/v1/domains/$_domain_id/records" "$body" "$accesstoken"; then
54 if _contains
"$response" '"data":"'"$txtvalue"'"'; then
58 _err
"Add txt record error."
63 _err
"Add txt record error."
67 #Usage: fulldomain txtvalue
68 #Remove the txt record after validation.
73 _debug fulldomain
"$fulldomain"
74 _debug txtvalue
"$txtvalue"
76 _debug
"Check uesrname and password"
77 CONOHA_Username
="${CONOHA_Username:-$(_readaccountconf_mutable CONOHA_Username)}"
78 CONOHA_Password
="${CONOHA_Password:-$(_readaccountconf_mutable CONOHA_Password)}"
79 CONOHA_TenantId
="${CONOHA_TenantId:-$(_readaccountconf_mutable CONOHA_TenantId)}"
80 CONOHA_IdentityServiceApi
="${CONOHA_IdentityServiceApi:-$(_readaccountconf_mutable CONOHA_IdentityServiceApi)}"
81 if [ -z "$CONOHA_Username" ] ||
[ -z "$CONOHA_Password" ] ||
[ -z "$CONOHA_TenantId" ] ||
[ -z "$CONOHA_IdentityServiceApi" ]; then
85 CONOHA_IdentityServiceApi
=""
86 _err
"You didn't specify a conoha api username and password yet."
87 _err
"Please create the user and try again."
91 _saveaccountconf_mutable CONOHA_Username
"$CONOHA_Username"
92 _saveaccountconf_mutable CONOHA_Password
"$CONOHA_Password"
93 _saveaccountconf_mutable CONOHA_TenantId
"$CONOHA_TenantId"
94 _saveaccountconf_mutable CONOHA_IdentityServiceApi
"$CONOHA_IdentityServiceApi"
96 if token
="$(_conoha_get_accesstoken "$CONOHA_IdentityServiceApi/tokens
" "$CONOHA_Username" "$CONOHA_Password" "$CONOHA_TenantId")"; then
97 accesstoken
="$(printf "%s
" "$token" | sed -n 1p)"
98 CONOHA_Api
="$(printf "%s
" "$token" | sed -n 2p)"
103 _debug
"First detect the root zone"
104 if ! _get_root
"$fulldomain" "$CONOHA_Api" "$accesstoken"; then
105 _err
"invalid domain"
108 _debug _domain_id
"$_domain_id"
109 _debug _sub_domain
"$_sub_domain"
110 _debug _domain
"$_domain"
112 _debug
"Getting txt records"
113 if ! _conoha_rest GET
"$CONOHA_Api/v1/domains/$_domain_id/records" "" "$accesstoken"; then
118 record_id
=$
(printf "%s" "$response" | _egrep_o
'{[^}]*}' |
119 grep '"type":"TXT"' |
grep "\"data\":\"$txtvalue\"" | _egrep_o
"\"id\":\"[^\"]*\"" |
120 _head_n
1 | cut
-d : -f 2 |
tr -d \")
121 if [ -z "$record_id" ]; then
122 _err
"Can not get record id to remove."
125 _debug record_id
"$record_id"
127 _info
"Removing the txt record"
128 if ! _conoha_rest DELETE
"$CONOHA_Api/v1/domains/$_domain_id/records/$record_id" "" "$accesstoken"; then
129 _err
"Delete record error."
136 #################### Private functions below ##################################
144 export _H1
="Accept: application/json"
145 export _H2
="Content-Type: application/json"
146 if [ -n "$accesstoken" ]; then
147 export _H3
="X-Auth-Token: $accesstoken"
151 if [ "$m" != "GET" ]; then
152 _secure_debug2 data
"$data"
153 response
="$(_post "$data" "$ep" "" "$m")"
155 response
="$(_get "$ep")"
158 _secure_debug2 response
"$response"
159 if [ "$_ret" != "0" ]; then
164 response
="$(printf "%s
" "$response" | _normalizeJson)"
168 _conoha_get_accesstoken
() {
174 accesstoken
="$(_readaccountconf_mutable conoha_accesstoken)"
175 expires
="$(_readaccountconf_mutable conoha_tokenvalidto)"
176 CONOHA_Api
="$(_readaccountconf_mutable conoha_dns_ep)"
178 # can we reuse the access token?
179 if [ -n "$accesstoken" ] && [ -n "$expires" ] && [ -n "$CONOHA_Api" ]; then
180 utc_date
="$(_utc_date | sed "s
/ /T
/")"
181 if expr "$utc_date" "<" "$expires" >/dev
/null
; then
182 # access token is still valid - reuse it
183 _debug
"reusing access token"
184 printf "%s\n%s\n" "$accesstoken" "$CONOHA_Api"
187 _debug
"access token expired"
190 _debug
"getting new access token"
192 body
="$(printf '{"auth
":{"passwordCredentials
":{"username
":"%s
","password
":"%s
"},"tenantId
":"%s
"}}' "$username" "$password" "$tenantId")"
193 if ! _conoha_rest POST
"$ep" "$body" ""; then
194 _err error
"$response"
197 accesstoken
=$
(printf "%s" "$response" | _egrep_o
"\"id\":\"[^\"]*\"" | _head_n
1 | cut
-d : -f 2 |
tr -d \")
198 expires
=$
(printf "%s" "$response" | _egrep_o
"\"expires\":\"[^\"]*\"" | _head_n
1 | cut
-d : -f 2-4 |
tr -d \" |
tr -d Z
) #expect UTC
199 if [ -z "$accesstoken" ] ||
[ -z "$expires" ]; then
200 _err
"no acccess token received. Check your Conoha settings see $WIKI"
203 _saveaccountconf_mutable conoha_accesstoken
"$accesstoken"
204 _saveaccountconf_mutable conoha_tokenvalidto
"$expires"
206 CONOHA_Api
=$
(printf "%s" "$response" | _egrep_o
'publicURL":"'"$CONOHA_DNS_EP_PREFIX_REGEXP"'[^"]*"' | _head_n
1 | cut
-d : -f 2-3 |
tr -d \")
207 if [ -z "$CONOHA_Api" ]; then
208 _err
"failed to get conoha dns endpoint url"
211 _saveaccountconf_mutable conoha_dns_ep
"$CONOHA_Api"
213 printf "%s\n%s\n" "$accesstoken" "$CONOHA_Api"
217 #_acme-challenge.www.domain.com
219 # _sub_domain=_acme-challenge.www
221 # _domain_id=sdjkglgdfewsdfg
229 h
=$
(printf "%s" "$domain" | cut
-d .
-f $i-100).
236 if ! _conoha_rest GET
"$ep/v1/domains?name=$h" "" "$accesstoken"; then
240 if _contains
"$response" "\"name\":\"$h\"" >/dev
/null
; then
241 _domain_id
=$
(printf "%s\n" "$response" | _egrep_o
"\"id\":\"[^\"]*\"" |
head -n 1 | cut
-d : -f 2 |
tr -d \")
242 if [ "$_domain_id" ]; then
243 _sub_domain
=$
(printf "%s" "$domain" | cut
-d .
-f 1-$p)