4 # https://api.gandi.net/docs/livedns/
5 # https://api.gandi.net/docs/authentication/ for token + apikey (deprecated) authentication
8 # Requires GANDI API KEY set in GANDI_LIVEDNS_KEY set as environment variable
10 #Author: Frédéric Crozat <fcrozat@suse.com>
11 # Dominik Röttsches <drott@google.com>
12 #Report Bugs here: https://github.com/fcrozat/acme.sh
14 ######## Public functions #####################
16 GANDI_LIVEDNS_API
="https://dns.api.gandi.net/api/v5"
18 #Usage: dns_gandi_livedns_add _acme-challenge.www.domain.com "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
19 dns_gandi_livedns_add
() {
23 if [ -z "$GANDI_LIVEDNS_KEY" -a -z "$GANDI_LIVEDNS_TOKEN" ]; then
24 _err
"No Token or API key (deprecated) specified for Gandi LiveDNS."
25 _err
"Create your token or key and export it as GANDI_LIVEDNS_KEY or GANDI_LIVEDNS_TOKEN respectively"
29 # Keep only one secret in configuration
30 if [ -n "$GANDI_LIVEDNS_TOKEN" ]; then
31 _saveaccountconf GANDI_LIVEDNS_TOKEN
"$GANDI_LIVEDNS_TOKEN"
32 _clearaccountconf GANDI_LIVEDNS_KEY
33 elif [ -n "$GANDI_LIVEDNS_KEY" ]; then
34 _saveaccountconf GANDI_LIVEDNS_KEY
"$GANDI_LIVEDNS_KEY"
35 _clearaccountconf GANDI_LIVEDNS_TOKEN
41 _debug
"First detect the root zone"
42 if ! _get_root
"$fulldomain"; then
46 _debug fulldomain
"$fulldomain"
47 _debug txtvalue
"$txtvalue"
48 _debug domain
"$_domain"
49 _debug sub_domain
"$_sub_domain"
51 _dns_gandi_append_record
"$_domain" "$_sub_domain" "$txtvalue"
54 #Usage: fulldomain txtvalue
55 #Remove the txt record after validation.
56 dns_gandi_livedns_rm
() {
60 _debug
"First detect the root zone"
61 if ! _get_root
"$fulldomain"; then
66 _debug fulldomain
"$fulldomain"
67 _debug domain
"$_domain"
68 _debug sub_domain
"$_sub_domain"
69 _debug txtvalue
"$txtvalue"
71 if ! _dns_gandi_existing_rrset_values
"$_domain" "$_sub_domain"; then
74 _new_rrset_values
=$
(echo "$_rrset_values" |
sed "s/...$txtvalue...//g")
75 # Cleanup dangling commata.
76 _new_rrset_values
=$
(echo "$_new_rrset_values" |
sed "s/, ,/ ,/g")
77 _new_rrset_values
=$
(echo "$_new_rrset_values" |
sed "s/, *\]/\]/g")
78 _new_rrset_values
=$
(echo "$_new_rrset_values" |
sed "s/\[ *,/\[/g")
79 _debug
"New rrset_values" "$_new_rrset_values"
81 _gandi_livedns_rest PUT \
82 "domains/$_domain/records/$_sub_domain/TXT" \
83 "{\"rrset_ttl\": 300, \"rrset_values\": $_new_rrset_values}" &&
84 _contains
"$response" '{"message": "DNS Record Created"}' &&
85 _info
"Removing record $(__green "success
")"
88 #################### Private functions below ##################################
89 #_acme-challenge.www.domain.com
91 # _sub_domain=_acme-challenge.www
98 h
=$
(printf "%s" "$domain" | cut
-d .
-f $i-100)
105 if ! _gandi_livedns_rest GET
"domains/$h"; then
109 if _contains
"$response" '"code": 401'; then
112 elif _contains
"$response" '"code": 404'; then
113 _debug
"$h not found"
115 _sub_domain
=$
(printf "%s" "$domain" | cut
-d .
-f 1-$p)
125 _dns_gandi_append_record
() {
130 if _dns_gandi_existing_rrset_values
"$domain" "$sub_domain"; then
131 _debug
"Appending new value"
132 _rrset_values
=$
(echo "$_rrset_values" |
sed "s/\"]/\",\"$txtvalue\"]/")
134 _debug
"Creating new record" "$_rrset_values"
135 _rrset_values
="[\"$txtvalue\"]"
137 _debug new_rrset_values
"$_rrset_values"
138 _gandi_livedns_rest PUT
"domains/$_domain/records/$sub_domain/TXT" \
139 "{\"rrset_ttl\": 300, \"rrset_values\": $_rrset_values}" &&
140 _contains
"$response" '{"message": "DNS Record Created"}' &&
141 _info
"Adding record $(__green "success
")"
144 _dns_gandi_existing_rrset_values
() {
147 if ! _gandi_livedns_rest GET
"domains/$domain/records/$sub_domain"; then
150 if ! _contains
"$response" '"rrset_type": "TXT"'; then
151 _debug
"Does not have a _acme-challenge TXT record yet."
154 if _contains
"$response" '"rrset_values": \[\]'; then
155 _debug
"Empty rrset_values for TXT record, no previous TXT record."
158 _debug
"Already has TXT record."
159 _rrset_values
=$
(echo "$response" | _egrep_o
'rrset_values.*\[.*\]' |
164 _gandi_livedns_rest
() {
170 export _H1
="Content-Type: application/json"
172 if [ -n "$GANDI_LIVEDNS_TOKEN" ]; then
173 export _H2
="Authorization: Bearer $GANDI_LIVEDNS_TOKEN"
175 export _H2
="X-Api-Key: $GANDI_LIVEDNS_KEY"
178 if [ "$m" = "GET" ]; then
179 response
="$(_get "$GANDI_LIVEDNS_API/$ep")"
182 response
="$(_post "$data" "$GANDI_LIVEDNS_API/$ep" "" "$m")"
185 if [ "$?" != "0" ]; then
189 _debug2 response
"$response"